Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Possible virus activity targeting my video


  • Please log in to reply

#1
Tigersmoondiva

Tigersmoondiva

    Member

  • Member
  • PipPip
  • 17 posts
Around June 17 (I know cause - this all started ON MY BIRTHDAY) my computer started having severe lockups. It was causing me to have to hard reboot. Over the past few weeks I have been - trying to sort out the mess. I have run Eset and Malware Bytes - between the 2 I managed to dig up over 17 root kits/viruses/ other crap.

I am still not running as I should though. I no longer lock up - however I can't there are things I can't install at all (nor can I update Windows) and my son is going nuts cause World of Warcraft freaks out on him. :D ALSO - when I tried installing Microsoft Security Essentials - it .. wanted a disk.

(It didn't before - at least not consistently.)

Help!

Here is my OTL info - and thank you for looking.

OTL logfile created on: 7/2/2012 4:25:32 PM - Run 1
OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\fred\Downloads
Windows Vista Home Basic Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.87 Gb Total Physical Memory | 0.98 Gb Available Physical Memory | 52.24% Memory free
3.98 Gb Paging File | 3.01 Gb Available in Paging File | 75.52% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 139.05 Gb Total Space | 40.03 Gb Free Space | 28.79% Space Free | Partition Type: NTFS

Computer Name: FRED-PC | User Name: fred | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/07/02 16:25:09 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\fred\Downloads\OTL.exe
PRC - [2008/10/29 01:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2012/06/28 05:28:56 | 000,438,296 | ---- | M] () -- C:\Users\fred\AppData\Local\Google\Chrome\Application\20.0.1132.47\ppgooglenaclpluginchrome.dll
MOD - [2012/06/28 05:28:54 | 003,972,120 | ---- | M] () -- C:\Users\fred\AppData\Local\Google\Chrome\Application\20.0.1132.47\pdf.dll
MOD - [2012/06/28 05:27:40 | 000,554,520 | ---- | M] () -- C:\Users\fred\AppData\Local\Google\Chrome\Application\20.0.1132.47\libglesv2.dll
MOD - [2012/06/28 05:27:38 | 000,117,784 | ---- | M] () -- C:\Users\fred\AppData\Local\Google\Chrome\Application\20.0.1132.47\libegl.dll
MOD - [2012/06/28 05:27:29 | 000,140,328 | ---- | M] () -- C:\Users\fred\AppData\Local\Google\Chrome\Application\20.0.1132.47\avutil-51.dll
MOD - [2012/06/28 05:27:28 | 000,262,184 | ---- | M] () -- C:\Users\fred\AppData\Local\Google\Chrome\Application\20.0.1132.47\avformat-54.dll
MOD - [2012/06/28 05:27:26 | 002,386,984 | ---- | M] () -- C:\Users\fred\AppData\Local\Google\Chrome\Application\20.0.1132.47\avcodec-54.dll
MOD - [2012/06/28 03:27:26 | 009,252,040 | ---- | M] () -- C:\Users\fred\AppData\Local\Google\Chrome\Application\20.0.1132.47\gcswf32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (osppsvc)
SRV - File not found [Auto | Stopped] -- -- (AMPingService)
SRV - [2012/06/03 21:18:05 | 000,529,232 | ---- | M] (Valve Corporation) [Disabled | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/05/15 05:26:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/05/04 15:28:10 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/04/04 00:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/03/07 15:32:23 | 000,079,360 | ---- | M] (Creative Labs) [Disabled | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2012/03/04 08:10:55 | 000,079,360 | ---- | M] (Creative Labs) [Disabled | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2011/04/27 15:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV - [2008/11/18 14:15:30 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Disabled | Stopped] -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2008/07/22 21:14:28 | 000,012,800 | ---- | M] (Agere Systems) [Disabled | Stopped] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2008/06/11 13:18:30 | 000,024,576 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe -- (ETService)
SRV - [2008/01/20 21:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | Boot | Stopped] -- -- (SmartDefragDriver)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (NwlnkFlt)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKslfeb6c46c)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKslfb132974)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKslf5b6203e)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKslf47f537e)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKslf0dfd038)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKslef651635)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKslec9ac82c)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsle7c9df3a)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsle541ad81)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsle4d8c87f)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsle15de7ef)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsle144669a)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsle0773905)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsld7914c71)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsld38d2322)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKslcab9d791)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKslc9f88f33)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKslc5171ad5)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKslc477291f)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKslb7d346f5)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKslb64e8d7d)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKslb3d89bb4)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKslb3b9f164)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKslaf57a46a)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKslad61eef3)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKslacc8af68)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKslab453b2c)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsla871476f)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsla6e5a17e)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsla4d1cfd6)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsla46ad7c6)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsla391318b)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsla2ac10db)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsla15bcd1c)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsla0a77c34)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl9df4bad9)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl9b906d74)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl9b369bf4)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl93eecf63)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl9237fc5b)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl89b1d53b)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl87967334)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl856bcbb0)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl83ef4bf0)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl8312add5)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl775f739c)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl76000d41)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl64c472b3)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl6368b9fd)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl6307ac92)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl6116e6b1)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl5f3c5a9e)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl5a58d381)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl58faae3e)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl5791bdb7)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl5686b82b)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl55f280be)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl539b5fab)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl53765a4a)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl51db1323)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl4f05003a)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl4b3d62d6)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl4af12ddf)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl455374f1)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl450a992e)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl42e49e87)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl349dc924)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl2a7945fd)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl1ea81d75)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl1bf56b1b)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl14cea0a3)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl145b7da0)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl13e4c2b2)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl12f85c8e)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl114313cc)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl0c761660)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl067c3c19)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl03d0e3e3)
DRV - File not found [Kernel | Auto | Stopped] -- -- (MCSTRM)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2012/06/09 10:45:20 | 000,023,456 | ---- | M] (Phoenix Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\DrvAgent32.sys -- (DrvAgent32)
DRV - [2012/05/15 05:26:00 | 011,354,944 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2011/04/27 15:25:24 | 000,065,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2011/04/18 13:18:50 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2010/08/12 12:07:50 | 000,292,712 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVNET)
DRV - [2010/08/12 12:07:50 | 000,292,712 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2010/07/04 14:51:26 | 000,004,096 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV - [2010/03/10 16:56:21 | 000,247,320 | ---- | M] (silex technology, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\sxuptp.sys -- (sxuptp)
DRV - [2010/02/24 14:11:40 | 000,023,920 | ---- | M] (MediaMall Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\povrtdev.sys -- (msvad_simple)
DRV - [2009/10/16 03:11:56 | 001,168,896 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\P17.sys -- (P17)
DRV - [2009/03/28 08:38:00 | 000,034,128 | ---- | M] (DemoForge, LLC) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dfmirage.sys -- (dfmirage)
DRV - [2008/08/18 19:58:00 | 000,145,952 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2008/07/22 21:14:24 | 001,203,808 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2008/06/11 13:13:24 | 000,015,392 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\int15.sys -- (int15)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: {6c3a1de1-94ca-4ad6-acdf-c1324adc487b} - SOFTWARE\Classes\CLSID\{6c3a1de1-94ca-4ad6-acdf-c1324adc487b}\InprocServer32 File not found
IE - HKLM\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuz2.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...ng}&rlz=1I7ACEW
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2548838
IE - HKLM\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search...p={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/?ref=hp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://nikeplus.nike.com/nikeplus/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 2
IE - HKCU\..\URLSearchHook: {66bd2442-241b-44cd-8c7a-b51037053cdb} - No CLSID value found
IE - HKCU\..\URLSearchHook: {b54561db-0bbb-41b4-a814-df8301fe0a8e} - No CLSID value found
IE - HKCU\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuz2.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = Yahoo!
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...&rlz=1I7GGLL_en
IE - HKCU\..\SearchScopes\{76E9350E-0392-9C19-F83A-99BC015260AF}: "URL" = http://www.bing.com/...039&form=ZGAIDF
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2548838
IE - HKCU\..\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}: "URL" = http://inboxtoolbar....id=80544&lng=en
IE - HKCU\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search...p={searchTerms}
IE - HKCU\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://search.yahoo....&fr=chr-offrhap
IE - HKCU\..\SearchScopes\{E5F5D888-2587-E012-A817-7038F5690F26}: "URL" = http://bing.zugo.com...fg=2-80-0-1r6H7
IE - HKCU\..\SearchScopes\Yahoo!: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@comrade.gamespy.com/comrade: C:\Program Files\GameSpy\Comrade\npcomrade.dll (IGN Entertainment)
FF - HKLM\Software\MozillaPlugins\@dimdim.com/DimdimPlugin: File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Musicnotes.com/Musicnotes Viewer,version=1.18.9: C:\Program Files\Musicnotes\npmusicn.dll (Musicnotes, Inc.)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realarcade.com/RAClient: C:\ProgramData\RealArcade\npraclient.dll (RealNetworks)
FF - HKLM\Software\MozillaPlugins\@Sibelius.com/Scorch Plugin,version=6.2.0.88: C:\Program Files\Musicnotes\npsibelius.dll ()
FF - HKLM\Software\MozillaPlugins\@soe.sony.com/installer,version=1.0.3: File not found
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\5\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF - HKCU\Software\MozillaPlugins\@soe.sony.com/installer,version=1.0.3: File not found
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\fred\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\fred\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\fred\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\fred\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\fred\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\mattelinc.com/HotWheelsLoader: C:\Users\fred\AppData\Local\sswat_hwrc_win_live\npHotWheelsLoader.dll (Mattel, Inc)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/06/25 22:35:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/06/25 22:35:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 7.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/12/01 23:52:15 | 000,000,000 | ---D | M]

[2011/12/11 17:52:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\fred\AppData\Roaming\Mozilla\Extensions
[2011/12/05 20:52:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/08/17 19:41:16 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2009/04/03 11:43:24 | 000,000,000 | ---D | M] (The Browser Highlighter) -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
[2010/12/04 14:23:34 | 000,000,000 | ---D | M] (QuickStores-Toolbar) -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
[2011/08/17 19:39:49 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2000/01/01 03:00:00 | 000,167,704 | ---- | M] (Tracker Software Products Ltd.) -- C:\Program Files\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll
[2009/03/30 17:13:54 | 000,098,304 | ---- | M] (RealNetworks) -- C:\Program Files\mozilla firefox\plugins\npraclient.dll

========== Chrome ==========

CHR - default_search_provider: images.search.yahoo.com (Enabled)
CHR - default_search_provider: search_url = http://search.yahoo....p={searchTerms}
CHR - default_search_provider: suggest_url =
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\fred\AppData\Local\Google\Chrome\Application\20.0.1132.47\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\fred\AppData\Local\Google\Chrome\Application\20.0.1132.47\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\fred\AppData\Local\Google\Chrome\Application\20.0.1132.47\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\fred\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U30 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: ActiveTouch General Plugin Container (Enabled) = C:\Users\fred\AppData\Local\Google\Chrome\Application\plugins\npatgpc.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\fred\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\fred\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Web Player\npdivx32.dll
CHR - plugin: Comrade Plugin (Enabled) = C:\Program Files\GameSpy\Comrade\npcomrade.dll
CHR - plugin: Musicnotes (Enabled) = C:\Program Files\Musicnotes\npmusicn.dll
CHR - plugin: ScorchPlugin (Enabled) = C:\Program Files\Musicnotes\npsibelius.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Media Go Detector (Enabled) = C:\Program Files\Sony\Media Go\npmediago.dll
CHR - plugin: PlayStation®Network Downloader Check Plug-in (Enabled) = C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll
CHR - plugin: PDF-XChange Viewer (Enabled) = C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll
CHR - plugin: WildTangent Games App Presence Detector (Enabled) = C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\5\NP_wtapp.dll
CHR - plugin: RealArcade NPAPI Plugin (Enabled) = C:\ProgramData\RealArcade\npraclient.dll
CHR - plugin: RealNetworks™ RealPlayer Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = c:\program files\real\realplayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = c:\program files\real\realplayer\Netscape6\nprpjplug.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\fred\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Google Update (Enabled) = C:\Users\fred\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: HotWheels Loader (Enabled) = C:\Users\fred\AppData\Local\sswat_hwrc_win_live\npHotWheelsLoader.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = c:\program files\real\realplayer\Netscape6\nprjplug.dll
CHR - Extension: YouTube = C:\Users\fred\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\fred\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\fred\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Gmail = C:\Users\fred\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009/03/10 22:25:36 | 000,302,589 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 10431 more lines...
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuz2.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuz2.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0C8413C1-FAD1-446C-8584-BE50576F863E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {66BD2442-241B-44CD-8C7A-B51037053CDB} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Isohunt-vuze Toolbar) - {6C3A1DE1-94CA-4AD6-ACDF-C1324ADC487B} - Reg Error: Value error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files\Vuze_Remote\prxtbVuz2.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - Reg Error: Value error. File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: RestrictRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: RestrictRun = 0
O8 - Extra context menu item: &Search - ?p=ZKfox000 File not found
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creat...13/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2)
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} http://ccfiles.creat...015/CTSUEng.cab (Creative Software AutoUpdate 2)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creat...10926/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{72503EEE-C220-4622-AD9A-2EFD31CB7797}: DhcpNameServer = 192.168.2.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\fred\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\fred\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/06/29 00:44:20 | 000,000,000 | ---D | C] -- C:\Users\fred\AppData\Roaming\aliasworlds
[2012/06/29 00:42:57 | 000,000,000 | ---D | C] -- C:\Users\fred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kingdom Chronicles Collector's Edition
[2012/06/29 00:42:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kingdom Chronicles Collector's Edition
[2012/06/29 00:42:57 | 000,000,000 | ---D | C] -- C:\Program Files\Kingdom Chronicles Collector's Edition
[2012/06/28 15:40:07 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012/06/28 14:01:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/06/28 13:58:46 | 000,453,424 | ---- | C] (Microsoft Corporation) -- C:\Users\fred\Desktop\IE9-WindowsVista-x86-enu.exe
[2012/06/28 13:12:23 | 000,000,000 | ---D | C] -- C:\Windows\System32\catroot2
[2012/06/28 02:52:40 | 000,000,000 | ---D | C] -- C:\WINSSLog
[2012/06/28 02:13:31 | 000,000,000 | ---D | C] -- C:\Users\fred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Registry Defrag
[2012/06/28 02:13:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Registry Defrag
[2012/06/28 02:13:31 | 000,000,000 | ---D | C] -- C:\Program Files\Eusing Free Registry Defrag
[2012/06/28 01:56:35 | 000,000,000 | ---D | C] -- C:\Program Files\OApps
[2012/06/28 01:48:49 | 000,000,000 | ---D | C] -- C:\Users\fred\AppData\Roaming\FixCleaner
[2012/06/28 01:48:24 | 000,000,000 | ---D | C] -- C:\Program Files\FixCleaner
[2012/06/28 01:47:39 | 000,000,000 | ---D | C] -- C:\Program Files\Downloaded Installers
[2012/06/28 00:21:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpaceMonger
[2012/06/28 00:21:11 | 000,000,000 | ---D | C] -- C:\Users\fred\AppData\Roaming\SpaceMonger
[2012/06/28 00:21:11 | 000,000,000 | ---D | C] -- C:\Program Files\SpaceMonger
[2012/06/28 00:12:11 | 000,000,000 | ---D | C] -- C:\Users\fred\Desktop\New Folder
[2012/06/25 23:10:00 | 000,000,000 | ---D | C] -- C:\Users\fred\AppData\Roaming\Pokémon Trading Card Game Online
[2012/06/25 22:35:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
[2012/06/21 16:52:41 | 000,000,000 | ---D | C] -- C:\Users\fred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse
[2012/06/18 13:42:57 | 000,000,000 | ---D | C] -- C:\Users\fred\AppData\Roaming\f-secure
[2012/06/18 13:42:36 | 000,000,000 | ---D | C] -- C:\ProgramData\F-Secure
[2012/06/14 20:17:29 | 019,607,872 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll
[2012/06/14 20:17:29 | 011,354,944 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys
[2012/06/14 20:17:28 | 017,551,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll
[2012/06/14 20:17:28 | 005,982,528 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll
[2012/06/14 20:17:28 | 002,524,992 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll
[2012/06/14 20:17:28 | 002,445,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll
[2012/06/09 10:45:20 | 000,023,456 | ---- | C] (Phoenix Technologies) -- C:\Windows\System32\drivers\DrvAgent32.sys
[2012/06/09 10:45:20 | 000,000,000 | ---D | C] -- C:\Users\fred\AppData\Local\eSupport.com
[2012/06/04 18:53:48 | 000,000,000 | ---D | C] -- C:\Users\fred\AppData\Roaming\WeatherLord
[2012/06/04 18:53:48 | 000,000,000 | ---D | C] -- C:\ProgramData\WeatherLord
[2012/06/04 18:00:24 | 000,000,000 | ---D | C] -- C:\Users\fred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Weather Lord
[2012/06/04 18:00:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Weather Lord
[2012/06/04 18:00:24 | 000,000,000 | ---D | C] -- C:\Program Files\Weather Lord
[2012/06/04 17:33:49 | 000,000,000 | ---D | C] -- C:\Users\fred\AppData\Roaming\Rainbow
[2012/06/03 12:25:37 | 000,000,000 | ---D | C] -- C:\Users\fred\AppData\Local\CutePDF Writer
[2012/06/03 12:22:48 | 000,000,000 | ---D | C] -- C:\Program Files\Acro Software
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Users\fred\*.tmp files -> C:\Users\fred\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/07/02 16:28:15 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/07/02 16:01:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1286577877-1167854462-976776892-1000UA.job
[2012/07/02 15:47:01 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/07/02 15:47:01 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/07/02 13:16:01 | 000,000,420 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{DF351888-2C7F-48D3-8BA2-401173E31F50}.job
[2012/07/02 11:01:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1286577877-1167854462-976776892-1000Core.job
[2012/07/01 21:16:53 | 000,002,072 | ---- | M] () -- C:\Users\fred\Desktop\Google Chrome.lnk
[2012/07/01 21:16:53 | 000,002,034 | ---- | M] () -- C:\Users\fred\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/07/01 20:37:40 | 000,000,882 | ---- | M] () -- C:\Users\Public\Desktop\World of Warcraft.lnk
[2012/07/01 20:28:08 | 000,007,046 | ---- | M] () -- C:\Users\fred\profiles.xml
[2012/07/01 18:00:00 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\next.job
[2012/07/01 15:47:01 | 000,000,380 | ---- | M] () -- C:\Windows\tasks\AutoSmartDefrag.job
[2012/07/01 15:46:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/06/29 00:43:48 | 000,035,369 | ---- | M] () -- C:\Windows\wininit.ini
[2012/06/29 00:43:44 | 000,001,981 | ---- | M] () -- C:\Users\Public\Desktop\Play Kingdom Chronicles Collector's Edition.lnk
[2012/06/29 00:43:44 | 000,001,600 | ---- | M] () -- C:\Users\Public\Desktop\More Great Games.lnk
[2012/06/28 13:58:50 | 000,453,424 | ---- | M] (Microsoft Corporation) -- C:\Users\fred\Desktop\IE9-WindowsVista-x86-enu.exe
[2012/06/28 03:07:43 | 000,002,234 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012/06/28 02:36:34 | 000,264,771 | ---- | M] () -- C:\Users\fred\AppData\Local\census.cache
[2012/06/28 02:36:27 | 000,187,966 | ---- | M] () -- C:\Users\fred\AppData\Local\ars.cache
[2012/06/28 02:13:31 | 000,000,861 | ---- | M] () -- C:\Users\fred\Desktop\Eusing Free Registry Defrag.lnk
[2012/06/28 01:38:59 | 000,275,629 | ---- | M] () -- C:\Windows\Let's Clean Up! Plus Uninstaller.exe
[2012/06/25 22:35:52 | 000,000,847 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer.lnk
[2012/06/25 22:35:27 | 000,198,832 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll
[2012/06/25 22:35:19 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5016.dll
[2012/06/25 22:35:19 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5032.dll
[2012/06/21 16:52:41 | 000,000,312 | ---- | M] () -- C:\Users\fred\Desktop\Curse Client.appref-ms
[2012/06/09 10:46:04 | 000,000,950 | ---- | M] () -- C:\Users\fred\Desktop\Find Drivers with DriverAgent.lnk
[2012/06/09 10:45:20 | 000,023,456 | ---- | M] (Phoenix Technologies) -- C:\Windows\System32\drivers\DrvAgent32.sys
[2012/06/05 16:21:17 | 000,541,961 | ---- | M] () -- C:\Users\fred\Desktop\heart-wallpaper-love-10959423-1280-1024.jpg
[2012/06/04 18:00:54 | 000,001,733 | ---- | M] () -- C:\Users\Public\Desktop\Play Weather Lord.lnk
[2012/06/03 12:35:10 | 036,956,558 | ---- | M] () -- C:\Users\fred\Documents\Easyunsecured.pdf
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Users\fred\*.tmp files -> C:\Users\fred\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/06/29 09:22:56 | 000,001,971 | ---- | C] () -- C:\Users\Public\Desktop\The Sims™ Medieval.lnk
[2012/06/29 00:43:44 | 000,001,981 | ---- | C] () -- C:\Users\Public\Desktop\Play Kingdom Chronicles Collector's Edition.lnk
[2012/06/29 00:43:44 | 000,001,600 | ---- | C] () -- C:\Users\Public\Desktop\More Great Games.lnk
[2012/06/28 02:13:31 | 000,000,861 | ---- | C] () -- C:\Users\fred\Desktop\Eusing Free Registry Defrag.lnk
[2012/06/25 22:35:52 | 000,000,847 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer.lnk
[2012/06/09 10:46:04 | 000,000,950 | ---- | C] () -- C:\Users\fred\Desktop\Find Drivers with DriverAgent.lnk
[2012/06/05 16:21:36 | 000,541,961 | ---- | C] () -- C:\Users\fred\Desktop\heart-wallpaper-love-10959423-1280-1024.jpg
[2012/06/04 18:00:54 | 000,001,733 | ---- | C] () -- C:\Users\Public\Desktop\Play Weather Lord.lnk
[2012/06/03 12:36:21 | 036,956,558 | ---- | C] () -- C:\Users\fred\Documents\Easyunsecured.pdf
[2012/03/03 19:07:09 | 000,001,463 | ---- | C] () -- C:\Windows\System32\AudioDrv.ini
[2012/03/03 19:05:08 | 000,166,912 | ---- | C] () -- C:\Windows\System32\APOMngr.DLL
[2012/03/03 19:05:08 | 000,073,728 | ---- | C] () -- C:\Windows\System32\CmdRtr.DLL
[2012/02/22 08:50:57 | 000,001,534 | ---- | C] () -- C:\ProgramData\ss.ini
[2012/02/18 22:37:41 | 000,000,262 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2011/12/26 22:26:43 | 000,275,629 | ---- | C] () -- C:\Windows\Let's Clean Up! Plus Uninstaller.exe
[2011/12/21 18:09:35 | 000,148,928 | ---- | C] () -- C:\Windows\hpoins19.dat
[2011/12/21 18:09:20 | 000,026,952 | ---- | C] () -- C:\Windows\hpomdl19.dat
[2011/12/06 22:16:07 | 000,264,771 | ---- | C] () -- C:\Users\fred\AppData\Local\census.cache
[2011/12/06 22:15:43 | 000,187,966 | ---- | C] () -- C:\Users\fred\AppData\Local\ars.cache
[2011/12/06 21:06:12 | 000,000,036 | ---- | C] () -- C:\Users\fred\AppData\Local\housecall.guid.cache
[2011/10/06 21:22:35 | 000,000,064 | ---- | C] () -- C:\Windows\GPlrLanc.dat
[2011/09/20 23:58:48 | 000,007,046 | ---- | C] () -- C:\Users\fred\profiles.xml
[2011/09/03 11:52:13 | 000,000,218 | ---- | C] () -- C:\Users\fred\.recently-used.xbel.USWK1V
[2011/07/20 12:29:56 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011/05/04 11:36:26 | 000,000,127 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2011/03/02 19:48:00 | 000,000,008 | ---- | C] () -- C:\Users\fred\AppData\Roaming\DofusAppId0_1
[2011/03/02 18:33:28 | 000,000,169 | ---- | C] () -- C:\Users\fred\AppData\Roaming\D2Info0
[2011/03/02 18:33:28 | 000,000,008 | ---- | C] () -- C:\Users\fred\AppData\Roaming\DofusAppId0_2
[2011/02/14 20:54:50 | 000,000,552 | ---- | C] () -- C:\Users\fred\AppData\Local\d3d8caps.dat
[2010/11/28 22:24:08 | 000,011,164 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2010/11/01 16:21:17 | 000,002,048 | ---- | C] () -- C:\Users\fred\writeordiesettings.db
[2010/07/05 18:35:47 | 000,000,050 | ---- | C] () -- C:\Users\fred\jagex__preferences3.dat
[2010/07/05 18:35:46 | 000,000,117 | ---- | C] () -- C:\Users\fred\jagex_runescape_preferences2.dat
[2010/07/05 18:34:29 | 000,000,046 | ---- | C] () -- C:\Users\fred\jagex_runescape_preferences.dat
[2009/11/03 23:32:43 | 000,034,800 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009/11/03 22:46:48 | 000,034,800 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009/10/14 15:00:07 | 000,000,680 | ---- | C] () -- C:\Users\fred\AppData\Local\d3d9caps.dat
[2009/08/06 19:00:23 | 000,070,984 | ---- | C] () -- C:\Users\fred\g2mdlhlpx.exe
[2009/06/09 16:02:28 | 000,000,000 | -H-- | C] () -- C:\ProgramData\pjwllw
[2009/06/01 15:39:00 | 000,000,000 | ---- | C] () -- C:\Users\fred\AppData\Local\prvlcl.dat
[2009/04/16 19:00:21 | 000,001,458 | ---- | C] () -- C:\Users\fred\.recently-used.xbel
[2009/03/21 11:35:03 | 000,000,092 | ---- | C] () -- C:\Users\fred\AppData\Local\fusioncache.dat
[2009/03/06 22:25:25 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2008/12/13 21:01:14 | 000,005,115 | ---- | C] () -- C:\ProgramData\N360BUOptions.ini
[2008/12/01 17:41:17 | 000,000,004 | ---- | C] () -- C:\Users\fred\AppData\Roaming\C8CBD2
[2008/12/01 17:41:16 | 000,870,128 | ---- | C] () -- C:\Users\fred\AppData\Roaming\mcs.rma
[2008/11/05 02:11:44 | 000,022,528 | ---- | C] () -- C:\Users\fred\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== Alternate Data Streams ==========

@Alternate Data Stream - 99 bytes -> C:\ProgramData\TEMP:9EC86225
@Alternate Data Stream - 99 bytes -> C:\ProgramData\TEMP:900BE829
@Alternate Data Stream - 97 bytes -> C:\ProgramData\TEMP:14750D76
@Alternate Data Stream - 94 bytes -> C:\ProgramData\TEMP:DDEB08FD
@Alternate Data Stream - 94 bytes -> C:\ProgramData\TEMP:538B96B5
@Alternate Data Stream - 257 bytes -> C:\ProgramData\TEMP:A039EDF9
@Alternate Data Stream - 243 bytes -> C:\ProgramData\TEMP:36608448
@Alternate Data Stream - 240 bytes -> C:\ProgramData\TEMP:371A321E
@Alternate Data Stream - 238 bytes -> C:\ProgramData\TEMP:A2B3764A
@Alternate Data Stream - 236 bytes -> C:\ProgramData\TEMP:0E67073E
@Alternate Data Stream - 235 bytes -> C:\ProgramData\TEMP:9D6EAEC3
@Alternate Data Stream - 229 bytes -> C:\ProgramData\TEMP:9CF728A6
@Alternate Data Stream - 226 bytes -> C:\ProgramData\TEMP:D0AB0B4A
@Alternate Data Stream - 224 bytes -> C:\ProgramData\TEMP:F2CEC0E8
@Alternate Data Stream - 224 bytes -> C:\ProgramData\TEMP:5F1019FF
@Alternate Data Stream - 221 bytes -> C:\ProgramData\TEMP:3766E957
@Alternate Data Stream - 220 bytes -> C:\ProgramData\TEMP:E8BF029E
@Alternate Data Stream - 217 bytes -> C:\ProgramData\TEMP:0D52F295
@Alternate Data Stream - 214 bytes -> C:\ProgramData\TEMP:DD629819
@Alternate Data Stream - 214 bytes -> C:\ProgramData\TEMP:6378B6B8
@Alternate Data Stream - 212 bytes -> C:\ProgramData\TEMP:A4AF8D0D
@Alternate Data Stream - 205 bytes -> C:\ProgramData\TEMP:723E56EC
@Alternate Data Stream - 200 bytes -> C:\ProgramData\TEMP:18897B1D
@Alternate Data Stream - 153 bytes -> C:\ProgramData\TEMP:D987CB43
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:F1F936DF
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:E6B6120A
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:6ECD2470
@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:41B89F80
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:93F3E4C9
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:EB9EF516
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:E6540C35
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:3A4C8FE7
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:F53B274A
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:B790962B
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:A819A132
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:A652BC99
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:0E5CFA74
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:751D6870
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:413E2927
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:0DE96CF5
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:F3591DDB
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:CAF8DAC8
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:AE289451
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:35629AE6
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:D770A15D
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:9D03192E
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:1BEAD68C
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:F35AE645
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:E9900C74
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:DCA79AB3
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:BB718C46
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:701B92FB
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:7DF1EF45
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:517EFA90
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:3FB71C37
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:0968E571
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:F98E6C67
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:4C21784C
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:FEECF2C8
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:A1A86E40
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:7E4E56EA
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:F5FC5DCE
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:1A15C0AF
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:D3A89E47
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:5313B881
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:E6EC5C2A
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:C4870D32
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:B1E64E47
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:6DA18708
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:56C66609
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:44E16D4A
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:1B3549F2
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:EB5BDBB0
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:92DB4653
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:3FAE5A2A
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:3A4676D7
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:06C34166
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:CFC8A5FD
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:1CA73D29
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:10CFA7D4
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:C43C957E
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:6BFA43EB
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:014BC3B4
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:E6537A16
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:AED4FFF5
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:96646EC1
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:80E965A3
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:3AC0ED43
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:AEEC88F6
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:417B6FAC
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:04BB186B
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:290A724C
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:10D45FC3
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:0DFE2AE1
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:0ACF1AF5
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:D576A536
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:D01ACC06
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:7AF9CAEB
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:73B78E79
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:162E02F7
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:BA24E689
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:6DDFD746
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:3C9B05C4
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:385BC52C
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:9B2BD056
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:38D2EA83
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:E4EE99EF
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:D6DD5F62
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:CFF6B3FF
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:9857FAE3
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:69FE2EE4
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:5D17C178
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:28819F45
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:2216A431
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:1B262C29
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:EA7D76BE
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:48FEA089
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:ADFAD95A
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:A688EF17
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:42478B0E
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:29C0641D
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:EE49CE4E
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:EB68CA55
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:6F1F66C0
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:349E5B74
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:A6CDBCAC
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:041C0562
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:A9ABA3FF
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:393F7B1E
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:07C99568
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:C80C7DFB
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:294F888B
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:15752405
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:0BF96601
@Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:A00BCDEF
@Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:A561576B
@Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:423A67E6
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:13DF9DD1
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:D1B5B4F1
@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:A0C7D68A
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:8247A199
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:48081133
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:24E8169B
@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:883EDFB5

< End of report >



On an embarrassing note - I am seeing the word *sex* in this file... what IS THAT?? My son is to young for that stuff!!









OH - also - I am trying to get as much garbage off this computer as I can - so feel free to make all the suggestions you like. Basically this is a (bad) WoW/internet surfing computer
  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,002 posts
  • MVP
The sex is just a link that is blocked by your hosts file. Nothing to worry about.


Copy the text in the code box by highlighting and Ctrl + c

:OTL
DRV - File not found [Kernel | System | Stopped] -- -- (MpKslfeb6c46c)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKslfb132974)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKslf5b6203e)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKslf47f537e)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKslf0dfd038)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKslef651635)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKslec9ac82c)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsle7c9df3a)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsle541ad81)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsle4d8c87f)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsle15de7ef)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsle144669a)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsle0773905)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsld7914c71)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsld38d2322)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKslcab9d791)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKslc9f88f33)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKslc5171ad5)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKslc477291f)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKslb7d346f5)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKslb64e8d7d)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKslb3d89bb4)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKslb3b9f164)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKslaf57a46a)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKslad61eef3)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKslacc8af68)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKslab453b2c)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsla871476f)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsla6e5a17e)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsla4d1cfd6)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsla46ad7c6)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsla391318b)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsla2ac10db)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsla15bcd1c)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsla0a77c34)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl9df4bad9)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl9b906d74)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl9b369bf4)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl93eecf63)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl9237fc5b)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl89b1d53b)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl87967334)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl856bcbb0)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl83ef4bf0)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl8312add5)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl775f739c)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl76000d41)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl64c472b3)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl6368b9fd)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl6307ac92)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl6116e6b1)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl5f3c5a9e)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl5a58d381)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl58faae3e)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl5791bdb7)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl5686b82b)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl55f280be)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl539b5fab)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl53765a4a)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl51db1323)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl4f05003a)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl4b3d62d6)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl4af12ddf)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl455374f1)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl450a992e)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl42e49e87)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl349dc924)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl2a7945fd)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl1ea81d75)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl1bf56b1b)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl14cea0a3)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl145b7da0)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl13e4c2b2)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl12f85c8e)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl114313cc)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl0c761660)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl067c3c19)
DRV - File not found [Kernel | System | Stopped] -- -- (MpKsl03d0e3e3)
DRV - File not found [Kernel | Auto | Stopped] -- -- (MCSTRM)
IE - HKLM\..\URLSearchHook: {6c3a1de1-94ca-4ad6-acdf-c1324adc487b} - SOFTWARE\Classes\CLSID\{6c3a1de1-94ca-4ad6-acdf-c1324adc487b}\InprocServer32 File not found
IE - HKLM\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuz2.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2548838
IE - HKLM\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search...p={searchTerms}
IE - HKCU\..\URLSearchHook: {66bd2442-241b-44cd-8c7a-b51037053cdb} - No CLSID value found
IE - HKCU\..\URLSearchHook: {b54561db-0bbb-41b4-a814-df8301fe0a8e} - No CLSID value found
IE - HKCU\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuz2.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = Yahoo!
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2548838
IE - HKCU\..\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}: "URL" = http://inboxtoolbar....id=80544&lng=en
IE - HKCU\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search...p={searchTerms}
IE - HKCU\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://search.yahoo....&fr=chr-offrhap
IE - HKCU\..\SearchScopes\{E5F5D888-2587-E012-A817-7038F5690F26}: "URL" = http://bing.zugo.com...fg=2-80-0-1r6H7
IE - HKCU\..\SearchScopes\Yahoo!: "URL" = http://search.yahoo....p={searchTerms}
[2011/08/17 19:41:16 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuz2.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuz2.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0C8413C1-FAD1-446C-8584-BE50576F863E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {66BD2442-241B-44CD-8C7A-B51037053CDB} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Isohunt-vuze Toolbar) - {6C3A1DE1-94CA-4AD6-ACDF-C1324ADC487B} - Reg Error: Value error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files\Vuze_Remote\prxtbVuz2.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - Reg Error: Value error. File not found
O8 - Extra context menu item: &Search - ?p=ZKfox000 File not found
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found

:files
xcopy %Temp%\smtmp\1 "%AllUsersProfile%\Start Menu" /H /I /S /Y /C
xcopy %Temp%\smtmp\2 "%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch" /H /I /S /Y /C
xcopy %Temp%\smtmp\3 "%AppData%\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar" /H /I /S /Y /C
xcopy %Temp%\smtmp\4 "%AllUsersProfile%\Desktop" /H /I /S /Y /C
    
:Commands
[EMPTYFLASH]
[EMPTYJAVA]
[purity]
[Reboot]


then Rightclick on OTL and select Run As Administrator to start. Under the Custom Scans/Fixes box at the bottom, paste (ctrl +v) the text. Verify that you got it all and Then click the RUN FIX button (NOT THE QUICK SCAN button!) at the top
Let the program run unhindered, OTL will reboot the PC when it is done.


Download aswMBR.exe ( 511KB ) to your desktop.
Right click aswMBR.exe and Run as Administrator
uncheck trace disk IO calls
Click the "Scan" button to start scan (Accept the Avast Engine)
On completion of the scan if the Fix button is enabled (not the FixMBR button) press it and then run a new scan and click save log, save it to your desktop and post in your next reply
If the Fix button is not enabled then just click save log, save it to your desktop and post in your next reply

ComboFix

:!: It must be saved to your desktop, do not run it from your browser:!:

:!: Disable your Antivirus software when downloading or running Combofix. If it has Script Blocking features, please disable these as well. See: http://www.bleepingc...opic114351.html


Download and Save this file -- to your Desktop -- from either of these two sources:
http://download.blee...Bs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Rightclick on ComboFix and select Run As Administrator to start the program.



* :!: Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.


* A window may open with a series of Disclaimers. Accept the Disclaimers to start the fix.

A caution - Do not run Combofix more than once. Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Even when ComboFix appears to be doing nothing, look at your Drive light. If it is flashing, Combofix is still at work.

A file will be created at => C:\Combofix.txt. I'll need to see that in your reply.


Download TDSSKiller:
http://support.kaspe.../tdsskiller.exe
Save it to your desktop then run it.
Double click on TDSSKiller.exe (Vista or Win 7 must right click and Run As Admin)
If TDSSKiller alerts you that the system needs to reboot, please consent.

Run TDSSKiller again but this time:
before you hit the Scan hit Change Parameters and check the two items under Additional Options. OK then Scan.
In this mode it is prone to false positives so do not change the SKIP option to DELETE unless it says TDSS.
When done, a log file should be created on your C: drive named "TDSSKiller.txt" please copy and paste the contents in your next reply.



Malwarebytes' Anti-Malware
:!: If you have a previous version of MalwareBytes', remove it via Add or Remove Programs and download a fresh copy. :!:
http://www.malwareby...lwarebytes_free

SAVE Malwarebytes' Anti-Malware to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.

* Be sure that everything is checked, and click Remove Selected.

* When completed, a log will open in Notepad. Please save it to a convenient location.
* The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
* Post that log back here.


Copy the text in the code box:

nnetsvcs
%SYSTEMDRIVE%\*.exe
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.exe
%APPDATA%\*.
/md5start
atapi.sys
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
consrv.dll
/md5stop
%systemroot%\*. /mp /s
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
CREATERESTOREPOINT

Run OTL (Vista or Win 7 => right click and Run As Administrator)

Paste (Ctrl + v) the copied text in the box where it says Custom Scan/Fixes

Select the All option in the Extra Registry group then Run Scan.

You should get two logs. Please copy and paste both of them.


Right click on (My) Computer and select Manage (Continue) Then the Event Viewer. Next select Windows Logs. Right click on System and Clear Log, Clear. Repeat for Application.

Reboot.

Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator. Then type (with an Enter after each line).
sfc  /scannow

(This will check your critical system files. If it asks for a CD and you don't have one or it doesn't like your CD just tell it to SKIP.)


1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.

MSSE is not working right.


Download and Save the free Avast installer.
http://www.avast.com...ivirus-download

Uninstall Microsoft Security Essentials

Reboot

Install Avast. (Register when it asks you - they will try to talk you in to buying the full product but the free version is what we want.)

Once you have it installed and it has updated:

Click on the Avast ball. Then click on Scan Computer, then on
Boot-Time Scan then on Settings. Change the Ask at the bottom to Move to Chest. OK then Schedule Now. Reboot and let it run a scan. It may take hours.
Once it finishes it should load windows. Click on the Avast ball and then on Scan Logs, select the Boot-time scan report then View Results. How many did it find?
Text version of the report is at C:\ProgramData\Avast Software\Avast\report\aswboot.txt or C:\ProgramData\Alwil Software\Avast5\report\aswboot.txt

Get Process Explorer

http://live.sysinter...com/procexp.exe
Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator).

View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures


Click twice on the CPU column header to sort things by CPU usage with the big hitters at the top.

Wait a minute for things to settle down.

File, Save As, Save. Open the file Procexp.txt on your desktop and copy and paste the text to a reply.


Ron






Ron
  • 0

#3
Tigersmoondiva

Tigersmoondiva

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-03 09:35:27
-----------------------------
09:35:27.283 OS Version: Windows 6.0.6001 Service Pack 1
09:35:27.283 Number of processors: 1 586 0x5F03
09:35:27.284 ComputerName: FRED-PC UserName: fred
09:35:28.404 Initialize success
09:37:09.466 AVAST engine defs: 12070300
09:37:32.177 The log file has been saved successfully to "C:\Users\fred\Desktop\aswMBR.txt"
  • 0

#4
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,002 posts
  • MVP
aswMBR didn't really do a SCAN. Don't know if you stopped it too soon or if something else caused it to fail. Can you try it again?
  • 0

#5
Tigersmoondiva

Tigersmoondiva

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
sure!
  • 0

#6
Tigersmoondiva

Tigersmoondiva

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
ComboFix 12-07-02.01 - fred 07/03/2012 9:44.1.1 - x86
Microsoft® Windows Vista™ Home Basic 6.0.6001.1.1252.1.1033.18.1918.1251 [GMT -5:00]
Running from: c:\users\fred\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Downloaded Installers
c:\users\fred\AppData\Local\._Revolution_
c:\users\fred\AppData\Roaming\.#
c:\users\fred\AppData\Roaming\app
c:\users\fred\AppData\Roaming\app\Jerakine_lang.dat
c:\users\fred\AppData\Roaming\app\Jerakine_lang_vesrion.dat
c:\users\fred\AppData\Roaming\C8CBD2
c:\users\fred\g2mdlhlpx.exe
c:\users\fred\vvicons.tmp
c:\windows\system32\tmp9617.tmp
c:\windows\XSxS
.
.
((((((((((((((((((((((((( Files Created from 2012-06-03 to 2012-07-03 )))))))))))))))))))))))))))))))
.
.
2012-07-03 14:32 . 2012-07-03 14:32 9310 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TEXTBOX.JS
2012-07-03 14:32 . 2012-07-03 14:32 8646 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TILEBOX.JS
2012-07-03 14:32 . 2012-07-03 14:32 8613 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\SAVEDUSER.JS
2012-07-03 14:32 . 2012-07-03 14:32 6910 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\NEWUSERCOMM.JS
2012-07-03 14:32 . 2012-07-03 14:32 6429 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\UICORE.JS
2012-07-03 14:32 . 2012-07-03 14:32 63115 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\USERTILE.JS
2012-07-03 14:32 . 2012-07-03 14:32 5927 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TEXT.JS
2012-07-03 14:32 . 2012-07-03 14:32 4599 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\UIRESOURCE.JS
2012-07-03 14:32 . 2012-07-03 14:32 1651 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\QUERYSTRING.JS
2012-07-03 14:32 . 2012-07-03 14:32 8288 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\IMAGE.JS
2012-07-03 14:32 . 2012-07-03 14:32 6208 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\LINK.JS
2012-07-03 14:32 . 2012-07-03 14:32 18541 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\LOCALIZATION.JS
2012-07-03 14:31 . 2012-07-03 14:31 8782 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\BUTTON.JS
2012-07-03 14:31 . 2012-07-03 14:31 7271 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\CHECKBOX.JS
2012-07-03 14:31 . 2012-07-03 14:31 51852 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\EXTERNALWRAPPER.JS
2012-07-03 14:31 . 2012-07-03 14:31 23327 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\COMBOBOX.JS
2012-07-03 14:31 . 2012-07-03 14:31 20719 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\DIVWRAPPER.JS
2012-07-03 14:29 . 2012-07-03 14:29 -------- d-----w- C:\_OTL
2012-06-29 05:44 . 2012-06-29 05:44 -------- d-----w- c:\users\fred\AppData\Roaming\aliasworlds
2012-06-29 05:42 . 2012-06-29 05:43 -------- d-----w- c:\program files\Kingdom Chronicles Collector's Edition
2012-06-28 20:40 . 2012-06-28 20:40 -------- d-----w- c:\program files\ESET
2012-06-28 19:01 . 2012-06-28 19:01 -------- d-----w- c:\programdata\Malwarebytes
2012-06-28 18:12 . 2012-06-28 18:19 -------- d-----w- c:\windows\system32\catroot2
2012-06-28 07:52 . 2012-06-28 07:53 -------- d-----w- C:\WINSSLog
2012-06-28 07:13 . 2012-06-28 07:13 -------- d-----w- c:\program files\Eusing Free Registry Defrag
2012-06-28 06:56 . 2012-06-28 06:57 -------- d-----w- c:\program files\OApps
2012-06-28 06:48 . 2012-06-28 06:53 -------- d-----w- c:\users\fred\AppData\Roaming\FixCleaner
2012-06-28 06:48 . 2012-06-28 06:55 -------- d-----w- c:\program files\FixCleaner
2012-06-28 05:21 . 2012-06-28 05:21 -------- d-----w- c:\program files\SpaceMonger
2012-06-28 05:21 . 2012-06-28 05:21 -------- d-----w- c:\users\fred\AppData\Roaming\SpaceMonger
2012-06-26 04:10 . 2012-06-26 04:11 -------- d-----w- c:\users\fred\AppData\Roaming\Pokémon Trading Card Game Online
2012-06-18 18:42 . 2012-06-18 18:42 -------- d-----w- c:\users\fred\AppData\Roaming\f-secure
2012-06-18 18:42 . 2012-06-18 18:42 -------- d-----w- c:\programdata\F-Secure
2012-06-15 01:17 . 2012-05-15 10:26 19607872 ----a-w- c:\windows\system32\nvoglv32.dll
2012-06-15 01:17 . 2012-05-15 10:26 11354944 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2012-06-15 01:17 . 2012-05-15 10:26 5982528 ----a-w- c:\windows\system32\nvcuda.dll
2012-06-15 01:17 . 2012-05-15 10:26 2524992 ----a-w- c:\windows\system32\nvcuvid.dll
2012-06-15 01:17 . 2012-05-15 10:26 2445120 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-06-15 01:17 . 2012-05-15 10:26 17551680 ----a-w- c:\windows\system32\nvcompiler.dll
2012-06-09 15:45 . 2012-06-09 15:46 -------- d-----w- c:\users\fred\AppData\Local\eSupport.com
2012-06-09 15:45 . 2012-06-09 15:45 23456 ----a-w- c:\windows\system32\drivers\DrvAgent32.sys
2012-06-04 23:53 . 2012-06-04 23:53 -------- d-----w- c:\users\fred\AppData\Roaming\WeatherLord
2012-06-04 23:53 . 2012-06-04 23:53 -------- d-----w- c:\programdata\WeatherLord
2012-06-04 23:00 . 2012-06-04 23:00 -------- d-----w- c:\program files\Weather Lord
2012-06-04 22:33 . 2012-06-04 22:33 -------- d-----w- c:\users\fred\AppData\Roaming\Rainbow
2012-06-03 17:25 . 2012-06-03 17:36 -------- d-----w- c:\users\fred\AppData\Local\CutePDF Writer
2012-06-03 17:22 . 2012-06-09 22:28 -------- d-----w- c:\program files\Acro Software
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-28 06:38 . 2011-12-27 03:26 275629 ----a-w- c:\windows\Let's Clean Up! Plus Uninstaller.exe
2012-06-26 03:35 . 2003-02-21 11:42 348160 ----a-w- c:\windows\system32\msvcr71.dll
2012-06-26 03:35 . 2003-03-19 03:14 499712 ----a-w- c:\windows\system32\msvcp71.dll
2012-05-15 10:26 . 2011-12-05 22:12 61248 ----a-w- c:\windows\system32\OpenCL.dll
2012-05-15 10:26 . 2011-12-05 22:12 883008 ----a-w- c:\windows\system32\nvgenco32.dll
2012-05-15 10:26 . 2011-12-05 22:12 1000768 ----a-w- c:\windows\system32\nvdispco32.dll
2012-05-15 10:26 . 2011-12-05 22:12 2368832 ----a-w- c:\windows\system32\nvapi.dll
2012-05-15 10:26 . 2008-08-07 22:53 15322432 ----a-w- c:\windows\system32\nvd3dum.dll
2012-05-15 09:28 . 2011-12-05 22:14 62272 ----a-w- c:\windows\system32\nvshext.dll
2012-05-15 09:28 . 2011-12-05 22:14 645440 ----a-w- c:\windows\system32\nvvsvc.exe
2012-05-15 09:28 . 2011-12-05 22:14 108352 ----a-w- c:\windows\system32\nvmctray.dll
2012-05-15 09:28 . 2011-12-05 22:14 3931456 ----a-w- c:\windows\system32\nvcpl.dll
2012-05-15 09:27 . 2011-12-05 22:14 2759488 ----a-w- c:\windows\system32\nvsvc.dll
2012-05-04 20:28 . 2012-04-12 01:12 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-05-04 20:28 . 2011-12-17 16:40 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
backup=c:\windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^fred^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CurseClientStartup.ccip]
backup=c:\windows\pss\CurseClientStartup.ccip.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-04-04 05:53 843712 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
2011-04-20 17:48 58656 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Comrade.exe]
2010-04-22 23:59 1221024 ----a-w- c:\program files\GameSpy\Comrade\Comrade.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2011-09-12 13:11 136176 ----atw- c:\users\fred\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2006-12-11 03:52 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Mattel HWRC Launcher]
2010-09-10 18:37 201976 ----a-w- c:\users\fred\AppData\Local\sswat_hwrc_win_live\mattelhwrc_launcher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MusicManager]
2012-06-01 23:17 13806592 ----a-w- c:\users\fred\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\P17RunE]
2008-03-28 13:57 14848 ----a-w- c:\windows\System32\P17RunE.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2011-10-24 20:28 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2011-04-08 17:59 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2012-06-26 03:35 296056 ----a-w- c:\program files\real\realplayer\Update\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
2010-07-04 19:51 17408 ----a-w- c:\program files\Unlocker\UnlockerAssistant.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdReg]
2000-05-11 07:00 90112 ------w- c:\windows\Updreg.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USB Storage Toolbox]
2005-09-15 02:44 65536 ------w- c:\windows\UMStor\Res.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VolPanel]
2007-02-28 23:50 180224 ------w- c:\program files\Creative\SBAudigy\Volume Panel\VolPanlu.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-21 02:33 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2008-01-21 02:35 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe
.
R4 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
R4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - ASWMBR
*Deregistered* - aswMBR
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2012-07-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-12 20:28]
.
2012-07-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1286577877-1167854462-976776892-1000Core.job
- c:\users\fred\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-19 13:11]
.
2012-07-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1286577877-1167854462-976776892-1000UA.job
- c:\users\fred\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-19 13:11]
.
2012-07-02 c:\windows\Tasks\next.job
- c:\programdata\Dimdim\Updater\next.exe [2010-09-15 13:52]
.
2012-07-02 c:\windows\Tasks\User_Feed_Synchronization-{DF351888-2C7F-48D3-8BA2-401173E31F50}.job
- c:\windows\system32\msfeedssync.exe [2008-01-21 02:34]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.facebook.com/?ref=hp
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.2.1
DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{B54561DB-0BBB-41B4-A814-DF8301FE0A8E} - (no file)
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
SafeBoot-MsMpSvc
MSConfigStartUp-SearchSettings - c:\program files\Common Files\Spigot\Search Settings\SearchSettings.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-07-03 09:54
Windows 6.0.6001 Service Pack 1 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1286577877-1167854462-976776892-1000\Software\SecuROM\License information*]
"datasecu"=hex:7d,f3,83,9b,2a,5c,45,60,4b,f5,6c,ff,03,8d,49,3e,ee,4e,f9,21,74,
ce,f4,39,17,46,6b,93,10,42,d0,f9,57,3b,cd,77,65,bd,b1,0f,47,fd,17,32,cb,52,\
"rkeysecu"=hex:9d,ce,c0,4b,b6,c4,59,4b,91,dd,51,e1,99,a9,81,d0
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2012-07-03 09:57:59
ComboFix-quarantined-files.txt 2012-07-03 14:57
.
Pre-Run: 42,275,684,352 bytes free
Post-Run: 45,938,610,176 bytes free
.
- - End Of File - - 60DE25445210D95DE6DCFF2FDC357749
  • 0

#7
Tigersmoondiva

Tigersmoondiva

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-03 09:35:27
-----------------------------
09:35:27.283 OS Version: Windows 6.0.6001 Service Pack 1
09:35:27.283 Number of processors: 1 586 0x5F03
09:35:27.284 ComputerName: FRED-PC UserName: fred
09:35:28.404 Initialize success
09:37:09.466 AVAST engine defs: 12070300
09:37:32.177 The log file has been saved successfully to "C:\Users\fred\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-03 10:15:06
-----------------------------
10:15:06.717 OS Version: Windows 6.0.6001 Service Pack 1
10:15:06.722 Number of processors: 1 586 0x5F03
10:15:06.724 ComputerName: FRED-PC UserName: fred
10:15:07.667 Initialize success
10:17:06.918 AVAST engine defs: 12070300
10:17:44.416 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000050
10:17:44.429 Disk 0 Vendor: Hitachi_ GMBO Size: 152627MB BusType: 3
10:17:44.454 Disk 0 MBR read successfully
10:17:44.466 Disk 0 MBR scan
10:17:44.519 Disk 0 unknown MBR code
10:17:44.542 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 10240 MB offset 2048
10:17:44.568 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 142385 MB offset 20973568
10:17:44.587 Disk 0 scanning sectors +312579760
10:17:44.684 Disk 0 scanning C:\Windows\system32\drivers
10:17:54.951 Service scanning
10:18:23.905 Modules scanning
10:18:30.848 AVAST engine scan C:\Windows
10:18:35.540 AVAST engine scan C:\Windows\system32
10:22:09.795 AVAST engine scan C:\Windows\system32\drivers
10:22:24.010 AVAST engine scan C:\Users\fred
10:38:13.646 AVAST engine scan C:\ProgramData
10:43:17.950 Scan finished successfully
10:47:13.364 Disk 0 MBR has been saved successfully to "C:\Users\fred\Desktop\MBR.dat"
10:47:13.379 The log file has been saved successfully to "C:\Users\fred\Desktop\aswMBR.txt"
  • 0

#8
Tigersmoondiva

Tigersmoondiva

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
10:49:48.0977 4752 TDSS rootkit removing tool 2.7.44.0 Jul 2 2012 20:01:08
10:49:49.0597 4752 ============================================================
10:49:49.0597 4752 Current date / time: 2012/07/03 10:49:49.0597
10:49:49.0597 4752 SystemInfo:
10:49:49.0597 4752
10:49:49.0597 4752 OS Version: 6.0.6001 ServicePack: 1.0
10:49:49.0597 4752 Product type: Workstation
10:49:49.0597 4752 ComputerName: FRED-PC
10:49:49.0597 4752 UserName: fred
10:49:49.0597 4752 Windows directory: C:\Windows
10:49:49.0597 4752 System windows directory: C:\Windows
10:49:49.0597 4752 Processor architecture: Intel x86
10:49:49.0597 4752 Number of processors: 1
10:49:49.0597 4752 Page size: 0x1000
10:49:49.0598 4752 Boot type: Normal boot
10:49:49.0598 4752 ============================================================
10:49:50.0025 4752 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
10:49:50.0104 4752 ============================================================
10:49:50.0104 4752 \Device\Harddisk0\DR0:
10:49:50.0104 4752 MBR partitions:
10:49:50.0104 4752 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1400800, BlocksNum 0x11618EB0
10:49:50.0104 4752 ============================================================
10:49:50.0145 4752 C: <-> \Device\Harddisk0\DR0\Partition0
10:49:50.0145 4752 ============================================================
10:49:50.0145 4752 Initialize success
10:49:50.0145 4752 ============================================================
10:49:54.0516 7548 ============================================================
10:49:54.0516 7548 Scan started
10:49:54.0516 7548 Mode: Manual;
10:49:54.0516 7548 ============================================================
10:49:55.0666 7548 ACPI (fcb8c7210f0135e24c6580f7f649c73c) C:\Windows\system32\drivers\acpi.sys
10:49:55.0672 7548 ACPI - ok
10:49:55.0886 7548 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
10:49:55.0889 7548 AdobeARMservice - ok
10:49:56.0009 7548 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
10:49:56.0015 7548 AdobeFlashPlayerUpdateSvc - ok
10:49:56.0282 7548 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
10:49:56.0330 7548 adp94xx - ok
10:49:56.0441 7548 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
10:49:56.0448 7548 adpahci - ok
10:49:56.0633 7548 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
10:49:56.0636 7548 adpu160m - ok
10:49:57.0050 7548 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
10:49:57.0054 7548 adpu320 - ok
10:49:57.0180 7548 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
10:49:57.0187 7548 AeLookupSvc - ok
10:49:57.0412 7548 AFD (48eb99503533c27ac6135648e5474457) C:\Windows\system32\drivers\afd.sys
10:49:57.0419 7548 AFD - ok
10:49:57.0470 7548 AgereModemAudio (8ed60797908fd394eee0d6949f493224) C:\Windows\system32\agrsmsvc.exe
10:49:57.0472 7548 AgereModemAudio - ok
10:49:58.0530 7548 AgereSoftModem (baf68dcba949633df0c16d37af2a2351) C:\Windows\system32\DRIVERS\AGRSM.sys
10:49:58.0602 7548 AgereSoftModem - ok
10:49:58.0915 7548 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
10:49:58.0947 7548 agp440 - ok
10:49:59.0037 7548 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
10:49:59.0040 7548 aic78xx - ok
10:49:59.0137 7548 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
10:49:59.0141 7548 ALG - ok
10:49:59.0182 7548 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
10:49:59.0184 7548 aliide - ok
10:49:59.0259 7548 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
10:49:59.0261 7548 amdagp - ok
10:49:59.0289 7548 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
10:49:59.0291 7548 amdide - ok
10:49:59.0325 7548 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
10:49:59.0327 7548 AmdK7 - ok
10:49:59.0452 7548 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
10:49:59.0453 7548 AmdK8 - ok
10:49:59.0508 7548 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
10:49:59.0509 7548 Appinfo - ok
10:49:59.0907 7548 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
10:49:59.0929 7548 arc - ok
10:49:59.0982 7548 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
10:49:59.0985 7548 arcsas - ok
10:50:00.0444 7548 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
10:50:00.0448 7548 aspnet_state - ok
10:50:00.0513 7548 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
10:50:00.0514 7548 AsyncMac - ok
10:50:00.0553 7548 atapi (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys
10:50:00.0555 7548 atapi - ok
10:50:00.0644 7548 AudioEndpointBuilder (42076e29aafa0830a2c5d4e310f58dd1) C:\Windows\System32\Audiosrv.dll
10:50:00.0656 7548 AudioEndpointBuilder - ok
10:50:00.0679 7548 Audiosrv (42076e29aafa0830a2c5d4e310f58dd1) C:\Windows\System32\Audiosrv.dll
10:50:00.0684 7548 Audiosrv - ok
10:50:00.0754 7548 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
10:50:00.0756 7548 Beep - ok
10:50:00.0819 7548 BFE (d3e6d78285529962349a7f1617035938) C:\Windows\System32\bfe.dll
10:50:00.0827 7548 BFE - ok
10:50:00.0910 7548 BITS (02ed7b4dbc2a3232a389106da7515c3d) C:\Windows\system32\qmgr.dll
10:50:00.0943 7548 BITS - ok
10:50:00.0996 7548 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
10:50:00.0998 7548 blbdrive - ok
10:50:01.0186 7548 bowser (8153396d5551276227fa146900f734e6) C:\Windows\system32\DRIVERS\bowser.sys
10:50:01.0197 7548 bowser - ok
10:50:01.0303 7548 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
10:50:01.0318 7548 BrFiltLo - ok
10:50:01.0366 7548 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
10:50:01.0389 7548 BrFiltUp - ok
10:50:01.0454 7548 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
10:50:01.0456 7548 Browser - ok
10:50:01.0655 7548 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
10:50:01.0658 7548 Brserid - ok
10:50:01.0698 7548 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
10:50:01.0701 7548 BrSerWdm - ok
10:50:01.0739 7548 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
10:50:01.0741 7548 BrUsbMdm - ok
10:50:01.0798 7548 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
10:50:01.0799 7548 BrUsbSer - ok
10:50:01.0895 7548 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
10:50:01.0905 7548 BTHMODEM - ok
10:50:01.0994 7548 catchme - ok
10:50:02.0041 7548 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
10:50:02.0053 7548 cdfs - ok
10:50:02.0100 7548 cdrom (1ec25cea0de6ac4718bf89f9e1778b57) C:\Windows\system32\DRIVERS\cdrom.sys
10:50:02.0103 7548 cdrom - ok
10:50:02.0184 7548 CertPropSvc (87c2d0377b23e2d8a41093c2f5fb1a5b) C:\Windows\System32\certprop.dll
10:50:02.0186 7548 CertPropSvc - ok
10:50:02.0224 7548 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
10:50:02.0226 7548 circlass - ok
10:50:02.0291 7548 CLFS (465745561c832b29f7c48b488aab3842) C:\Windows\system32\CLFS.sys
10:50:02.0297 7548 CLFS - ok
10:50:02.0712 7548 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:50:02.0733 7548 clr_optimization_v2.0.50727_32 - ok
10:50:02.0920 7548 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:50:02.0927 7548 clr_optimization_v4.0.30319_32 - ok
10:50:03.0022 7548 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
10:50:03.0023 7548 cmdide - ok
10:50:03.0088 7548 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys
10:50:03.0090 7548 Compbatt - ok
10:50:03.0114 7548 COMSysApp - ok
10:50:03.0190 7548 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
10:50:03.0192 7548 crcdisk - ok
10:50:03.0650 7548 Creative ALchemy AL6 Licensing Service (c8bd651e13895b93ed9ec5b4f1df42bc) C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
10:50:03.0653 7548 Creative ALchemy AL6 Licensing Service - ok
10:50:03.0698 7548 Creative Audio Engine Licensing Service (c0ead9f8ab83d41ff07303c75589c2b8) C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
10:50:03.0701 7548 Creative Audio Engine Licensing Service - ok
10:50:03.0758 7548 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
10:50:03.0760 7548 Crusoe - ok
10:50:04.0005 7548 CryptSvc (6de363f9f99334514c46aec02d3e3678) C:\Windows\system32\cryptsvc.dll
10:50:04.0009 7548 CryptSvc - ok
10:50:04.0220 7548 CTAudSvcService (69cdba2b9c397e349a04fa70dd9170a2) C:\Program Files\Creative\Shared Files\CTAudSvc.exe
10:50:04.0228 7548 CTAudSvcService - ok
10:50:04.0994 7548 DcomLaunch (301ae00e12408650baddc04dbc832830) C:\Windows\system32\rpcss.dll
10:50:05.0034 7548 DcomLaunch - ok
10:50:05.0121 7548 dfmirage (699ef0fd9ae72b7f5ad756e382c73e0e) C:\Windows\system32\DRIVERS\dfmirage.sys
10:50:05.0126 7548 dfmirage - ok
10:50:05.0217 7548 DfsC (a3e9fa213f443ac77c7746119d13feec) C:\Windows\system32\Drivers\dfsc.sys
10:50:05.0219 7548 DfsC - ok
10:50:05.0587 7548 DFSR (fa3463f25f9cc9c3bcf1e7912feff099) C:\Windows\system32\DFSR.exe
10:50:05.0660 7548 DFSR - ok
10:50:05.0878 7548 Dhcp (43a988a9c10333476cb5fb667cbd629d) C:\Windows\System32\dhcpcsvc.dll
10:50:05.0884 7548 Dhcp - ok
10:50:05.0992 7548 disk (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys
10:50:05.0994 7548 disk - ok
10:50:06.0095 7548 Dnscache (4805d9a6d281c7a7defd9094dec6af7d) C:\Windows\System32\dnsrslvr.dll
10:50:06.0099 7548 Dnscache - ok
10:50:06.0153 7548 dot3svc (5af620a08c614e24206b79e8153cf1a8) C:\Windows\System32\dot3svc.dll
10:50:06.0158 7548 dot3svc - ok
10:50:06.0224 7548 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
10:50:06.0228 7548 Dot4 - ok
10:50:06.0254 7548 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
10:50:06.0256 7548 Dot4Print - ok
10:50:06.0276 7548 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
10:50:06.0277 7548 dot4usb - ok
10:50:06.0308 7548 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
10:50:06.0311 7548 DPS - ok
10:50:06.0352 7548 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
10:50:06.0353 7548 drmkaud - ok
10:50:06.0431 7548 DrvAgent32 (651554e483712b708ede864d0ca1aa73) C:\Windows\system32\Drivers\DrvAgent32.sys
10:50:06.0432 7548 DrvAgent32 - ok
10:50:06.0988 7548 DXGKrnl (85f33880b8cfb554bd3d9ccdb486845a) C:\Windows\System32\drivers\dxgkrnl.sys
10:50:07.0012 7548 DXGKrnl - ok
10:50:07.0083 7548 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
10:50:07.0086 7548 E1G60 - ok
10:50:07.0141 7548 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
10:50:07.0144 7548 EapHost - ok
10:50:07.0190 7548 Ecache (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys
10:50:07.0194 7548 Ecache - ok
10:50:07.0355 7548 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
10:50:07.0360 7548 elxstor - ok
10:50:07.0520 7548 EMDMgmt (70b1a86df0c8ead17d2bc332edae2c7c) C:\Windows\system32\emdmgmt.dll
10:50:07.0527 7548 EMDMgmt - ok
10:50:07.0559 7548 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
10:50:07.0560 7548 ErrDev - ok
10:50:07.0684 7548 ETService (4d06d9a26227ac485305133916888df1) C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe
10:50:07.0685 7548 ETService - ok
10:50:07.0757 7548 EventSystem (3cb3343d720168b575133a0a20dc2465) C:\Windows\system32\es.dll
10:50:07.0763 7548 EventSystem - ok
10:50:07.0807 7548 exfat (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys
10:50:07.0809 7548 exfat - ok
10:50:07.0836 7548 fastfat (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys
10:50:07.0839 7548 fastfat - ok
10:50:07.0884 7548 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
10:50:07.0885 7548 fdc - ok
10:50:07.0927 7548 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
10:50:07.0928 7548 fdPHost - ok
10:50:07.0946 7548 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
10:50:07.0948 7548 FDResPub - ok
10:50:07.0971 7548 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
10:50:07.0972 7548 FileInfo - ok
10:50:08.0011 7548 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
10:50:08.0014 7548 Filetrace - ok
10:50:08.0059 7548 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
10:50:08.0060 7548 flpydisk - ok
10:50:08.0102 7548 FltMgr (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys
10:50:08.0105 7548 FltMgr - ok
10:50:08.0173 7548 FontCache3.0.0.0 (c9be08664611ddaf98e2331e9288b00b) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
10:50:08.0174 7548 FontCache3.0.0.0 - ok
10:50:08.0192 7548 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
10:50:08.0193 7548 Fs_Rec - ok
10:50:08.0242 7548 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
10:50:08.0244 7548 gagp30kx - ok
10:50:08.0322 7548 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\Drivers\GEARAspiWDM.sys
10:50:08.0323 7548 GEARAspiWDM - ok
10:50:08.0365 7548 gpsvc (d9f1113d9401185245573350712f92fc) C:\Windows\System32\gpsvc.dll
10:50:08.0372 7548 gpsvc - ok
10:50:08.0424 7548 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
10:50:08.0427 7548 HdAudAddService - ok
10:50:08.0449 7548 HDAudBus (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\DRIVERS\HDAudBus.sys
10:50:08.0449 7548 HDAudBus - ok
10:50:08.0491 7548 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
10:50:08.0492 7548 HidBth - ok
10:50:08.0514 7548 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
10:50:08.0515 7548 HidIr - ok
10:50:08.0563 7548 hidserv (8fa640195279ace21bea91396a0054fc) C:\Windows\System32\hidserv.dll
10:50:08.0565 7548 hidserv - ok
10:50:08.0589 7548 HidUsb (854ca287ab7faf949617a788306d967e) C:\Windows\system32\DRIVERS\hidusb.sys
10:50:08.0590 7548 HidUsb - ok
10:50:08.0620 7548 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
10:50:08.0623 7548 hkmsvc - ok
10:50:08.0771 7548 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
10:50:08.0778 7548 HpCISSs - ok
10:50:09.0032 7548 hpqcxs08 (fcb563b0a23643e5f80b6ff1e60f610f) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
10:50:09.0037 7548 hpqcxs08 - ok
10:50:09.0130 7548 hpqddsvc (25e443e27165c652723a92d9bdfd4649) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
10:50:09.0132 7548 hpqddsvc - ok
10:50:09.0197 7548 HTTP (33b02459e86d0a2b86a6b9fe19139390) C:\Windows\system32\drivers\HTTP.sys
10:50:09.0203 7548 HTTP - ok
10:50:09.0248 7548 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
10:50:09.0268 7548 i2omp - ok
10:50:09.0319 7548 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
10:50:09.0321 7548 i8042prt - ok
10:50:09.0364 7548 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
10:50:09.0368 7548 iaStorV - ok
10:50:09.0648 7548 idsvc (7b630acaed64fef0c3e1cf255cb56686) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:50:09.0672 7548 idsvc - ok
10:50:09.0738 7548 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
10:50:09.0741 7548 iirsp - ok
10:50:09.0857 7548 IKEEXT (68e8c415e102e5d79fd7e4a765b8cba4) C:\Windows\System32\ikeext.dll
10:50:09.0888 7548 IKEEXT - ok
10:50:09.0947 7548 int15 (c6e5276c00ebdeb096bb5ef4b797d1b6) C:\Windows\system32\drivers\int15.sys
10:50:09.0949 7548 int15 - ok
10:50:09.0982 7548 IntcAzAudAddService - ok
10:50:10.0056 7548 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
10:50:10.0058 7548 intelide - ok
10:50:10.0093 7548 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
10:50:10.0096 7548 intelppm - ok
10:50:10.0146 7548 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
10:50:10.0153 7548 IPBusEnum - ok
10:50:10.0197 7548 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:50:10.0199 7548 IpFilterDriver - ok
10:50:10.0274 7548 iphlpsvc (6a35d233693edc29a12742049bc5e37f) C:\Windows\System32\iphlpsvc.dll
10:50:10.0281 7548 iphlpsvc - ok
10:50:10.0301 7548 IpInIp - ok
10:50:10.0357 7548 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
10:50:10.0359 7548 IPMIDRV - ok
10:50:10.0421 7548 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
10:50:10.0425 7548 IPNAT - ok
10:50:10.0464 7548 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
10:50:10.0466 7548 IRENUM - ok
10:50:10.0503 7548 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
10:50:10.0506 7548 isapnp - ok
10:50:10.0562 7548 iScsiPrt (f247eec28317f6c739c16de420097301) C:\Windows\system32\DRIVERS\msiscsi.sys
10:50:10.0566 7548 iScsiPrt - ok
10:50:10.0620 7548 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
10:50:10.0622 7548 iteatapi - ok
10:50:10.0665 7548 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
10:50:10.0667 7548 iteraid - ok
10:50:10.0707 7548 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
10:50:10.0709 7548 kbdclass - ok
10:50:10.0769 7548 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys
10:50:10.0770 7548 kbdhid - ok
10:50:10.0817 7548 KeyIso (a911ecac81f94adeafbe8e3f7873edb0) C:\Windows\system32\lsass.exe
10:50:10.0823 7548 KeyIso - ok
10:50:10.0879 7548 KSecDD (7a0cf7908b6824d6a2a1d313e5ae3dca) C:\Windows\system32\Drivers\ksecdd.sys
10:50:10.0885 7548 KSecDD - ok
10:50:10.0926 7548 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
10:50:10.0933 7548 KtmRm - ok
10:50:10.0992 7548 LanmanServer (1925e63c91cf1610ae41bfd539062079) C:\Windows\System32\srvsvc.dll
10:50:10.0997 7548 LanmanServer - ok
10:50:11.0040 7548 LanmanWorkstation (2ae2e1628c5d3f1c0a46a67c9fa1df15) C:\Windows\System32\wkssvc.dll
10:50:11.0045 7548 LanmanWorkstation - ok
10:50:11.0085 7548 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
10:50:11.0086 7548 lltdio - ok
10:50:11.0129 7548 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
10:50:11.0134 7548 lltdsvc - ok
10:50:11.0170 7548 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
10:50:11.0172 7548 lmhosts - ok
10:50:11.0210 7548 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
10:50:11.0212 7548 LSI_FC - ok
10:50:11.0243 7548 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
10:50:11.0245 7548 LSI_SAS - ok
10:50:11.0316 7548 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
10:50:11.0320 7548 LSI_SCSI - ok
10:50:11.0374 7548 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
10:50:11.0377 7548 luafv - ok
10:50:11.0423 7548 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
10:50:11.0425 7548 megasas - ok
10:50:11.0487 7548 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
10:50:11.0496 7548 MegaSR - ok
10:50:11.0550 7548 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
10:50:11.0556 7548 MMCSS - ok
10:50:11.0582 7548 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
10:50:11.0583 7548 Modem - ok
10:50:11.0628 7548 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
10:50:11.0628 7548 monitor - ok
10:50:11.0649 7548 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
10:50:11.0650 7548 mouclass - ok
10:50:11.0668 7548 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
10:50:11.0669 7548 mouhid - ok
10:50:11.0689 7548 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
10:50:11.0691 7548 MountMgr - ok
10:50:11.0738 7548 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
10:50:11.0740 7548 mpio - ok
10:50:11.0789 7548 MpNWMon (2c3489660d4a8d514c123c3f0d67df46) C:\Windows\system32\DRIVERS\MpNWMon.sys
10:50:11.0790 7548 MpNWMon - ok
10:50:11.0820 7548 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
10:50:11.0821 7548 mpsdrv - ok
10:50:11.0858 7548 MpsSvc (d1639ba315b0d79dec49a4b0e1fb929b) C:\Windows\system32\mpssvc.dll
10:50:11.0865 7548 MpsSvc - ok
10:50:11.0899 7548 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
10:50:11.0901 7548 Mraid35x - ok
10:50:11.0929 7548 MRxDAV (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys
10:50:11.0931 7548 MRxDAV - ok
10:50:11.0980 7548 mrxsmb (5734a0f2be7e495f7d3ed6efd4b9f5a1) C:\Windows\system32\DRIVERS\mrxsmb.sys
10:50:11.0982 7548 mrxsmb - ok
10:50:12.0035 7548 mrxsmb10 (6b5fa5adfacac9dbbe0991f4566d7d55) C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:50:12.0039 7548 mrxsmb10 - ok
10:50:12.0066 7548 mrxsmb20 (5c80d8159181c7abf1b14ba703b01e0b) C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:50:12.0068 7548 mrxsmb20 - ok
10:50:12.0115 7548 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
10:50:12.0116 7548 msahci - ok
10:50:12.0148 7548 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
10:50:12.0150 7548 msdsm - ok
10:50:12.0211 7548 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
10:50:12.0218 7548 MSDTC - ok
10:50:12.0279 7548 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
10:50:12.0281 7548 Msfs - ok
10:50:12.0325 7548 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
10:50:12.0326 7548 msisadrv - ok
10:50:12.0382 7548 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
10:50:12.0387 7548 MSiSCSI - ok
10:50:12.0418 7548 msiserver - ok
10:50:12.0482 7548 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
10:50:12.0483 7548 MSKSSRV - ok
10:50:12.0499 7548 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
10:50:12.0502 7548 MSPCLOCK - ok
10:50:12.0515 7548 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
10:50:12.0516 7548 MSPQM - ok
10:50:12.0547 7548 MsRPC (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys
10:50:12.0551 7548 MsRPC - ok
10:50:12.0574 7548 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
10:50:12.0575 7548 mssmbios - ok
10:50:12.0603 7548 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
10:50:12.0605 7548 MSTEE - ok
10:50:12.0653 7548 msvad_simple (00c7b2306f1ca5389a1ac6d1df9c2e25) C:\Windows\system32\drivers\povrtdev.sys
10:50:12.0654 7548 msvad_simple - ok
10:50:12.0681 7548 Mup (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys
10:50:12.0683 7548 Mup - ok
10:50:12.0726 7548 napagent (c43b25863fbd65b6d2a142af3ae320ca) C:\Windows\system32\qagentRT.dll
10:50:12.0732 7548 napagent - ok
10:50:12.0781 7548 NativeWifiP (3c21ce48ff529bb73dadb98770b54025) C:\Windows\system32\DRIVERS\nwifi.sys
10:50:12.0784 7548 NativeWifiP - ok
10:50:12.0832 7548 NDIS (9bdc71790fa08f0a0b5f10462b1bd0b1) C:\Windows\system32\drivers\ndis.sys
10:50:12.0840 7548 NDIS - ok
10:50:12.0864 7548 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
10:50:12.0865 7548 NdisTapi - ok
10:50:12.0885 7548 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
10:50:12.0886 7548 Ndisuio - ok
10:50:12.0905 7548 NdisWan (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys
10:50:12.0908 7548 NdisWan - ok
10:50:12.0928 7548 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
10:50:12.0930 7548 NDProxy - ok
10:50:12.0984 7548 Net Driver HPZ12 (51c6d8bfbd4ea5b62a1ba7f4469250d3) C:\Windows\system32\HPZinw12.dll
10:50:12.0986 7548 Net Driver HPZ12 - ok
10:50:13.0031 7548 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
10:50:13.0032 7548 NetBIOS - ok
10:50:13.0061 7548 netbt (7c5fee5b1c5728507cd96fb4a13e7a02) C:\Windows\system32\DRIVERS\netbt.sys
10:50:13.0064 7548 netbt - ok
10:50:13.0100 7548 Netlogon (a911ecac81f94adeafbe8e3f7873edb0) C:\Windows\system32\lsass.exe
10:50:13.0102 7548 Netlogon - ok
10:50:13.0142 7548 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
10:50:13.0148 7548 Netman - ok
10:50:13.0245 7548 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:50:13.0248 7548 NetMsmqActivator - ok
10:50:13.0260 7548 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:50:13.0262 7548 NetPipeActivator - ok
10:50:13.0305 7548 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
10:50:13.0310 7548 netprofm - ok
10:50:13.0321 7548 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:50:13.0323 7548 NetTcpActivator - ok
10:50:13.0335 7548 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:50:13.0337 7548 NetTcpPortSharing - ok
10:50:13.0390 7548 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
10:50:13.0391 7548 nfrd960 - ok
10:50:13.0452 7548 NisDrv (7b01c6172cfd0b10116175e09200d4b4) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
10:50:13.0455 7548 NisDrv - ok
10:50:13.0525 7548 NisSrv (a5cb074f34bbd89948e34a630d459c0c) c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
10:50:13.0529 7548 NisSrv - ok
10:50:13.0578 7548 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
10:50:13.0585 7548 NlaSvc - ok
10:50:13.0614 7548 Npfs (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys
10:50:13.0617 7548 Npfs - ok
10:50:13.0646 7548 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
10:50:13.0651 7548 nsi - ok
10:50:13.0676 7548 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
10:50:13.0678 7548 nsiproxy - ok
10:50:13.0774 7548 Ntfs (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys
10:50:13.0788 7548 Ntfs - ok
10:50:13.0825 7548 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
10:50:13.0826 7548 ntrigdigi - ok
10:50:13.0861 7548 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
10:50:13.0862 7548 Null - ok
10:50:13.0922 7548 NVENETFD (1efec38a852ab35883bfff3427b92b3f) C:\Windows\system32\DRIVERS\nvmfdx32.sys
10:50:13.0927 7548 NVENETFD - ok
10:50:14.0373 7548 nvlddmkm (afb33a823aabc112fc7bd62afbcdb0cd) C:\Windows\system32\DRIVERS\nvlddmkm.sys
10:50:14.0673 7548 nvlddmkm - ok
10:50:14.0806 7548 NVNET (1efec38a852ab35883bfff3427b92b3f) C:\Windows\system32\DRIVERS\nvmfdx32.sys
10:50:14.0808 7548 NVNET - ok
10:50:14.0846 7548 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
10:50:14.0847 7548 nvraid - ok
10:50:14.0871 7548 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
10:50:14.0872 7548 nvstor - ok
10:50:14.0921 7548 nvstor32 (8ee374b6fb3cb2bb8d70395218b464a5) C:\Windows\system32\DRIVERS\nvstor32.sys
10:50:14.0923 7548 nvstor32 - ok
10:50:14.0994 7548 nvsvc (782945716ad010ac3d41758e8e52c735) C:\Windows\system32\nvvsvc.exe
10:50:15.0007 7548 nvsvc - ok
10:50:15.0153 7548 nvUpdatusService (a974e5c310b9b00894070ceb055d467f) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
10:50:15.0168 7548 nvUpdatusService - ok
10:50:15.0298 7548 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
10:50:15.0300 7548 nv_agp - ok
10:50:15.0311 7548 NwlnkFlt - ok
10:50:15.0320 7548 NwlnkFwd - ok
10:50:15.0421 7548 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:50:15.0427 7548 odserv - ok
10:50:15.0453 7548 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
10:50:15.0455 7548 ohci1394 - ok
10:50:15.0501 7548 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:50:15.0503 7548 ose - ok
10:50:15.0633 7548 P17 (f2519d547a6ac2afe0df0dc826a085a7) C:\Windows\system32\drivers\P17.sys
10:50:15.0649 7548 P17 - ok
10:50:15.0697 7548 p2pimsvc (5de1a3972fd3112c75eb17bdcf454169) C:\Windows\system32\p2psvc.dll
10:50:15.0708 7548 p2pimsvc - ok
10:50:15.0725 7548 p2psvc (5de1a3972fd3112c75eb17bdcf454169) C:\Windows\system32\p2psvc.dll
10:50:15.0732 7548 p2psvc - ok
10:50:15.0801 7548 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
10:50:15.0803 7548 Parport - ok
10:50:15.0840 7548 partmgr (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys
10:50:15.0841 7548 partmgr - ok
10:50:15.0873 7548 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
10:50:15.0874 7548 Parvdm - ok
10:50:15.0906 7548 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
10:50:15.0909 7548 PcaSvc - ok
10:50:15.0943 7548 pci (01b94418deb235dff777cc80076354b4) C:\Windows\system32\drivers\pci.sys
10:50:15.0946 7548 pci - ok
10:50:15.0983 7548 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
10:50:15.0984 7548 pciide - ok
10:50:16.0029 7548 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
10:50:16.0032 7548 pcmcia - ok
10:50:16.0131 7548 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
10:50:16.0149 7548 PEAUTH - ok
10:50:16.0259 7548 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
10:50:16.0286 7548 pla - ok
10:50:16.0385 7548 PlugPlay (78f975cb6d18265be6f492edb2d7bc7b) C:\Windows\system32\umpnpmgr.dll
10:50:16.0391 7548 PlugPlay - ok
10:50:16.0438 7548 Pml Driver HPZ12 (79834aa2fbf9fe81eebb229024f6f7fc) C:\Windows\system32\HPZipm12.dll
10:50:16.0440 7548 Pml Driver HPZ12 - ok
10:50:16.0507 7548 PNRPAutoReg (5de1a3972fd3112c75eb17bdcf454169) C:\Windows\system32\p2psvc.dll
10:50:16.0514 7548 PNRPAutoReg - ok
10:50:16.0535 7548 PNRPsvc (5de1a3972fd3112c75eb17bdcf454169) C:\Windows\system32\p2psvc.dll
10:50:16.0544 7548 PNRPsvc - ok
10:50:16.0601 7548 PolicyAgent (47b8f37aa18b74d8c2e1bc1a7a2c8f8a) C:\Windows\System32\ipsecsvc.dll
10:50:16.0607 7548 PolicyAgent - ok
10:50:16.0668 7548 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
10:50:16.0670 7548 PptpMiniport - ok
10:50:16.0706 7548 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
10:50:16.0707 7548 Processor - ok
10:50:16.0756 7548 ProfSvc (b627e4fc8585e8843c5905d4d3587a90) C:\Windows\system32\profsvc.dll
10:50:16.0760 7548 ProfSvc - ok
10:50:16.0800 7548 ProtectedStorage (a911ecac81f94adeafbe8e3f7873edb0) C:\Windows\system32\lsass.exe
10:50:16.0804 7548 ProtectedStorage - ok
10:50:16.0869 7548 PSched (bfef604508a0ed1eae2a73e872555ffb) C:\Windows\system32\DRIVERS\pacer.sys
10:50:16.0871 7548 PSched - ok
10:50:16.0984 7548 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
10:50:17.0006 7548 ql2300 - ok
10:50:17.0047 7548 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
10:50:17.0050 7548 ql40xx - ok
10:50:17.0127 7548 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
10:50:17.0132 7548 QWAVE - ok
10:50:17.0151 7548 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
10:50:17.0152 7548 QWAVEdrv - ok
10:50:17.0171 7548 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
10:50:17.0172 7548 RasAcd - ok
10:50:17.0190 7548 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
10:50:17.0194 7548 RasAuto - ok
10:50:17.0215 7548 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
10:50:17.0217 7548 Rasl2tp - ok
10:50:17.0242 7548 RasMan (6e7c284fc5c4ec07ad164d93810385a6) C:\Windows\System32\rasmans.dll
10:50:17.0247 7548 RasMan - ok
10:50:17.0281 7548 RasPppoe (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys
10:50:17.0282 7548 RasPppoe - ok
10:50:17.0303 7548 RasSstp (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys
10:50:17.0305 7548 RasSstp - ok
10:50:17.0329 7548 rdbss (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys
10:50:17.0332 7548 rdbss - ok
10:50:17.0354 7548 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
10:50:17.0354 7548 RDPCDD - ok
10:50:17.0389 7548 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
10:50:17.0392 7548 rdpdr - ok
10:50:17.0403 7548 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
10:50:17.0404 7548 RDPENCDD - ok
10:50:17.0449 7548 RDPWD (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys
10:50:17.0452 7548 RDPWD - ok
10:50:17.0547 7548 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
10:50:17.0550 7548 RemoteAccess - ok
10:50:17.0582 7548 RemoteRegistry (cc4e32400f3c7253400cf8f3f3a0b676) C:\Windows\system32\regsvc.dll
10:50:17.0585 7548 RemoteRegistry - ok
10:50:17.0605 7548 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
10:50:17.0607 7548 RpcLocator - ok
10:50:17.0669 7548 RpcSs (301ae00e12408650baddc04dbc832830) C:\Windows\System32\rpcss.dll
10:50:17.0675 7548 RpcSs - ok
10:50:17.0723 7548 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
10:50:17.0725 7548 rspndr - ok
10:50:17.0746 7548 SamSs (a911ecac81f94adeafbe8e3f7873edb0) C:\Windows\system32\lsass.exe
10:50:17.0748 7548 SamSs - ok
10:50:17.0782 7548 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
10:50:17.0783 7548 sbp2port - ok
10:50:17.0836 7548 SCardSvr (11387e32642269c7e62e8b52c060b3c6) C:\Windows\System32\SCardSvr.dll
10:50:17.0839 7548 SCardSvr - ok
10:50:17.0888 7548 Schedule (7b587b8a6d4a99f79d2902d0385f29bd) C:\Windows\system32\schedsvc.dll
10:50:17.0898 7548 Schedule - ok
10:50:17.0932 7548 SCPolicySvc (87c2d0377b23e2d8a41093c2f5fb1a5b) C:\Windows\System32\certprop.dll
10:50:17.0933 7548 SCPolicySvc - ok
10:50:17.0951 7548 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
10:50:17.0956 7548 SDRSVC - ok
10:50:17.0985 7548 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
10:50:17.0987 7548 secdrv - ok
10:50:18.0041 7548 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
10:50:18.0045 7548 seclogon - ok
10:50:18.0098 7548 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\system32\sens.dll
10:50:18.0102 7548 SENS - ok
10:50:18.0154 7548 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
10:50:18.0155 7548 Serenum - ok
10:50:18.0196 7548 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
10:50:18.0198 7548 Serial - ok
10:50:18.0225 7548 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
10:50:18.0226 7548 sermouse - ok
10:50:18.0278 7548 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
10:50:18.0282 7548 SessionEnv - ok
10:50:18.0311 7548 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
10:50:18.0312 7548 sffdisk - ok
10:50:18.0376 7548 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
10:50:18.0377 7548 sffp_mmc - ok
10:50:18.0403 7548 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
10:50:18.0405 7548 sffp_sd - ok
10:50:18.0445 7548 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
10:50:18.0447 7548 sfloppy - ok
10:50:18.0517 7548 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
10:50:18.0526 7548 SharedAccess - ok
10:50:18.0600 7548 ShellHWDetection (1e3fdb80e40a3ce645f229dfbdfb7694) C:\Windows\System32\shsvcs.dll
10:50:18.0610 7548 ShellHWDetection - ok
10:50:18.0663 7548 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
10:50:18.0665 7548 sisagp - ok
10:50:18.0706 7548 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
10:50:18.0708 7548 SiSRaid2 - ok
10:50:18.0742 7548 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
10:50:18.0745 7548 SiSRaid4 - ok
10:50:18.0910 7548 slsvc (0ba91e1358ad25236863039bb2609a2e) C:\Windows\system32\SLsvc.exe
10:50:18.0971 7548 slsvc - ok
10:50:19.0108 7548 SLUINotify (7c6dc44ca0bfa6291629ab764200d1d4) C:\Windows\system32\SLUINotify.dll
10:50:19.0112 7548 SLUINotify - ok
10:50:19.0185 7548 SmartDefragDriver - ok
10:50:19.0269 7548 Smb (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys
10:50:19.0272 7548 Smb - ok
10:50:19.0336 7548 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
10:50:19.0342 7548 SNMPTRAP - ok
10:50:19.0370 7548 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
10:50:19.0372 7548 spldr - ok
10:50:19.0437 7548 Spooler (3665f79026a3f91fbca63f2c65a09b19) C:\Windows\System32\spoolsv.exe
10:50:19.0441 7548 Spooler - ok
10:50:19.0496 7548 srv (2252aef839b1093d16761189f45af885) C:\Windows\system32\DRIVERS\srv.sys
10:50:19.0500 7548 srv - ok
10:50:19.0546 7548 srv2 (b7ff59408034119476b00a81bb53d5d1) C:\Windows\system32\DRIVERS\srv2.sys
10:50:19.0549 7548 srv2 - ok
10:50:19.0569 7548 srvnet (2accc9b12af02030f531e6cca6f8b76e) C:\Windows\system32\DRIVERS\srvnet.sys
10:50:19.0571 7548 srvnet - ok
10:50:19.0606 7548 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
10:50:19.0611 7548 SSDPSRV - ok
10:50:19.0630 7548 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
10:50:19.0634 7548 SstpSvc - ok
10:50:19.0692 7548 Steam Client Service - ok
10:50:19.0729 7548 stisvc (7dd08a597bc56051f320da0baf69e389) C:\Windows\System32\wiaservc.dll
10:50:19.0738 7548 stisvc - ok
10:50:19.0767 7548 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
10:50:19.0768 7548 swenum - ok
10:50:19.0810 7548 swprv (b36c7cdb86f7f7a8e884479219766950) C:\Windows\System32\swprv.dll
10:50:19.0818 7548 swprv - ok
10:50:19.0889 7548 sxuptp (86083b04dc2b90397f4b47add6eaa407) C:\Windows\system32\DRIVERS\sxuptp.sys
10:50:19.0893 7548 sxuptp - ok
10:50:19.0923 7548 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
10:50:19.0924 7548 Symc8xx - ok
10:50:19.0954 7548 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
10:50:19.0956 7548 Sym_hi - ok
10:50:20.0013 7548 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
10:50:20.0016 7548 Sym_u3 - ok
10:50:20.0093 7548 SysMain (8710a92d0024b03b5fb9540df1f71f1d) C:\Windows\system32\sysmain.dll
10:50:20.0110 7548 SysMain - ok
10:50:20.0149 7548 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
10:50:20.0157 7548 TabletInputService - ok
10:50:20.0215 7548 TapiSrv (680916bb09ee0f3a6aca7c274b0d633f) C:\Windows\System32\tapisrv.dll
10:50:20.0225 7548 TapiSrv - ok
10:50:20.0257 7548 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
10:50:20.0264 7548 TBS - ok
10:50:20.0315 7548 Tcpip (6216a954ed7045b62880a92d6c9b9fc7) C:\Windows\system32\drivers\tcpip.sys
10:50:20.0325 7548 Tcpip - ok
10:50:20.0342 7548 Tcpip6 (6216a954ed7045b62880a92d6c9b9fc7) C:\Windows\system32\DRIVERS\tcpip.sys
10:50:20.0348 7548 Tcpip6 - ok
10:50:20.0378 7548 tcpipreg (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys
10:50:20.0379 7548 tcpipreg - ok
10:50:20.0411 7548 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
10:50:20.0412 7548 TDPIPE - ok
10:50:20.0432 7548 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
10:50:20.0433 7548 TDTCP - ok
10:50:20.0476 7548 tdx (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys
10:50:20.0478 7548 tdx - ok
10:50:20.0493 7548 TermDD (a048056f5e1a96a9bf3071b91741a5aa) C:\Windows\system32\DRIVERS\termdd.sys
10:50:20.0494 7548 TermDD - ok
10:50:20.0539 7548 TermService (d605031e225aaccbceb5b76a4f1603a6) C:\Windows\System32\termsrv.dll
10:50:20.0547 7548 TermService - ok
10:50:20.0605 7548 Themes (1e3fdb80e40a3ce645f229dfbdfb7694) C:\Windows\system32\shsvcs.dll
10:50:20.0609 7548 Themes - ok
10:50:20.0640 7548 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
10:50:20.0642 7548 THREADORDER - ok
10:50:20.0680 7548 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
10:50:20.0683 7548 TrkWks - ok
10:50:20.0742 7548 TrustedInstaller (16613a1bad034d4ecf957af18b7c2ff5) C:\Windows\servicing\TrustedInstaller.exe
10:50:20.0744 7548 TrustedInstaller - ok
10:50:20.0797 7548 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
10:50:20.0798 7548 tssecsrv - ok
10:50:20.0830 7548 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
10:50:20.0831 7548 tunmp - ok
10:50:20.0877 7548 tunnel (6042505ff6fa9ac1ef7684d0e03b6940) C:\Windows\system32\DRIVERS\tunnel.sys
10:50:20.0878 7548 tunnel - ok
10:50:20.0909 7548 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
10:50:20.0911 7548 uagp35 - ok
10:50:20.0951 7548 udfs (8b5088058fa1d1cd897a2113ccff6c58) C:\Windows\system32\DRIVERS\udfs.sys
10:50:20.0955 7548 udfs - ok
10:50:20.0992 7548 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
10:50:20.0995 7548 UI0Detect - ok
10:50:21.0048 7548 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
10:50:21.0049 7548 uliagpkx - ok
10:50:21.0081 7548 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
10:50:21.0085 7548 uliahci - ok
10:50:21.0108 7548 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
10:50:21.0110 7548 UlSata - ok
10:50:21.0132 7548 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
10:50:21.0134 7548 ulsata2 - ok
10:50:21.0165 7548 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
10:50:21.0166 7548 umbus - ok
10:50:21.0196 7548 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
10:50:21.0203 7548 upnphost - ok
10:50:21.0233 7548 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
10:50:21.0235 7548 usbccgp - ok
10:50:21.0284 7548 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
10:50:21.0286 7548 usbcir - ok
10:50:21.0328 7548 usbehci (cebe90821810e76320155beba722fcf9) C:\Windows\system32\DRIVERS\usbehci.sys
10:50:21.0329 7548 usbehci - ok
10:50:21.0358 7548 usbhub (cc6b28e4ce39951357963119ce47b143) C:\Windows\system32\DRIVERS\usbhub.sys
10:50:21.0361 7548 usbhub - ok
10:50:21.0381 7548 usbohci (7bdb7b0e7d45ac0402d78b90789ef47c) C:\Windows\system32\DRIVERS\usbohci.sys
10:50:21.0382 7548 usbohci - ok
10:50:21.0416 7548 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
10:50:21.0417 7548 usbprint - ok
10:50:21.0475 7548 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
10:50:21.0477 7548 usbscan - ok
10:50:21.0538 7548 USBSTOR (87ba6b83c5d19b69160968d07d6e2982) C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:50:21.0540 7548 USBSTOR - ok
10:50:21.0584 7548 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
10:50:21.0585 7548 usbuhci - ok
10:50:21.0633 7548 UxSms (032a0acc3909ae7215d524e29d536797) C:\Windows\System32\uxsms.dll
10:50:21.0636 7548 UxSms - ok
10:50:21.0668 7548 vds (b13bc395b9d6116628f5af47e0802ac4) C:\Windows\System32\vds.exe
10:50:21.0676 7548 vds - ok
10:50:21.0703 7548 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
10:50:21.0704 7548 vga - ok
10:50:21.0737 7548 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
10:50:21.0739 7548 VgaSave - ok
10:50:21.0781 7548 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
10:50:21.0783 7548 viaagp - ok
10:50:21.0816 7548 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
10:50:21.0817 7548 ViaC7 - ok
10:50:21.0847 7548 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
10:50:21.0849 7548 viaide - ok
10:50:21.0882 7548 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
10:50:21.0884 7548 volmgr - ok
10:50:21.0914 7548 volmgrx (98f5ffe6316bd74e9e2c97206c190196) C:\Windows\system32\drivers\volmgrx.sys
10:50:21.0919 7548 volmgrx - ok
10:50:21.0947 7548 volsnap (d8b4a53dd2769f226b3eb374374987c9) C:\Windows\system32\drivers\volsnap.sys
10:50:21.0951 7548 volsnap - ok
10:50:21.0986 7548 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
10:50:21.0988 7548 vsmraid - ok
10:50:22.0066 7548 VSS (d5fb73d19c46ade183f968e13f186b23) C:\Windows\system32\vssvc.exe
10:50:22.0083 7548 VSS - ok
10:50:22.0144 7548 W32Time (1cf9206966a8458cda9a8b20df8ab7d3) C:\Windows\system32\w32time.dll
10:50:22.0151 7548 W32Time - ok
10:50:22.0217 7548 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
10:50:22.0218 7548 WacomPen - ok
10:50:22.0256 7548 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
10:50:22.0262 7548 Wanarp - ok
10:50:22.0273 7548 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
10:50:22.0274 7548 Wanarpv6 - ok
10:50:22.0317 7548 wcncsvc (f3a5c2e1a6533192b070d06ecf6be796) C:\Windows\System32\wcncsvc.dll
10:50:22.0326 7548 wcncsvc - ok
10:50:22.0350 7548 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
10:50:22.0354 7548 WcsPlugInService - ok
10:50:22.0388 7548 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
10:50:22.0389 7548 Wd - ok
10:50:22.0438 7548 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
10:50:22.0445 7548 Wdf01000 - ok
10:50:22.0475 7548 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
10:50:22.0480 7548 WdiServiceHost - ok
10:50:22.0489 7548 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
10:50:22.0493 7548 WdiSystemHost - ok
10:50:22.0523 7548 WebClient (cf9a5f41789b642db967021de06a2713) C:\Windows\System32\webclnt.dll
10:50:22.0530 7548 WebClient - ok
10:50:22.0588 7548 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
10:50:22.0593 7548 Wecsvc - ok
10:50:22.0626 7548 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
10:50:22.0632 7548 wercplsupport - ok
10:50:22.0680 7548 WerSvc (fd1965aaa112c6818a30ab02742d0461) C:\Windows\System32\WerSvc.dll
10:50:22.0684 7548 WerSvc - ok
10:50:22.0771 7548 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
10:50:22.0787 7548 WinDefend - ok
10:50:22.0826 7548 WinHttpAutoProxySvc - ok
10:50:22.0893 7548 Winmgmt (00b79a7c984678f24cf052e5beb3a2f5) C:\Windows\system32\wbem\WMIsvc.dll
10:50:22.0898 7548 Winmgmt - ok
10:50:23.0001 7548 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
10:50:23.0030 7548 WinRM - ok
10:50:23.0127 7548 Wlansvc (275f4346e569df56cfb95243bd6f6ff0) C:\Windows\System32\wlansvc.dll
10:50:23.0136 7548 Wlansvc - ok
10:50:23.0279 7548 wlidsvc (5144ae67d60ec653f97ddf3feed29e77) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:50:23.0296 7548 wlidsvc - ok
10:50:23.0422 7548 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys
10:50:23.0423 7548 WmiAcpi - ok
10:50:23.0503 7548 wmiApSrv (aba4cf9f856d9a3a25f4ddd7690a6e9d) C:\Windows\system32\wbem\WmiApSrv.exe
10:50:23.0506 7548 wmiApSrv - ok
10:50:23.0619 7548 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
10:50:23.0630 7548 WMPNetworkSvc - ok
10:50:23.0666 7548 WPCSvc (5d94cd167751294962ba238d82dd1bb8) C:\Windows\System32\wpcsvc.dll
10:50:23.0671 7548 WPCSvc - ok
10:50:23.0690 7548 WPDBusEnum (396d406292b0cd26e3504ffe82784702) C:\Windows\system32\wpdbusenum.dll
10:50:23.0695 7548 WPDBusEnum - ok
10:50:23.0770 7548 WpdUsb (0cec23084b51b8288099eb710224e955) C:\Windows\system32\DRIVERS\wpdusb.sys
10:50:23.0772 7548 WpdUsb - ok
10:50:23.0895 7548 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
10:50:23.0904 7548 WPFFontCache_v0400 - ok
10:50:23.0951 7548 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
10:50:23.0952 7548 ws2ifsl - ok
10:50:24.0032 7548 wscsvc (683dd16b590372f2c9661d277f35e49c) C:\Windows\system32\wscsvc.dll
10:50:24.0036 7548 wscsvc - ok
10:50:24.0049 7548 WSearch - ok
10:50:24.0180 7548 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
10:50:24.0208 7548 wuauserv - ok
10:50:24.0345 7548 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
10:50:24.0347 7548 WUDFRd - ok
10:50:24.0389 7548 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
10:50:24.0396 7548 wudfsvc - ok
10:50:24.0463 7548 MBR (0x1B8) (3f52334f255df9dc66b0111a308bfa16) \Device\Harddisk0\DR0
10:50:27.0304 7548 \Device\Harddisk0\DR0 - ok
10:50:27.0312 7548 Boot (0x1200) (511cc90714189d8c057ba05c206eed02) \Device\Harddisk0\DR0\Partition0
10:50:27.0313 7548 \Device\Harddisk0\DR0\Partition0 - ok
10:50:27.0317 7548 ============================================================
10:50:27.0317 7548 Scan finished
10:50:27.0317 7548 ============================================================
10:50:27.0332 0900 Detected object count: 0
10:50:27.0333 0900 Actual detected object count: 0
11:32:35.0644 6708 ============================================================
11:32:35.0644 6708 Scan started
11:32:35.0644 6708 Mode: Manual;
11:32:35.0644 6708 ============================================================
11:32:35.0872 6708 ACPI (fcb8c7210f0135e24c6580f7f649c73c) C:\Windows\system32\drivers\acpi.sys
11:32:35.0874 6708 ACPI - ok
11:32:35.0991 6708 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
11:32:35.0991 6708 AdobeARMservice - ok
11:32:36.0062 6708 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
11:32:36.0064 6708 AdobeFlashPlayerUpdateSvc - ok
11:32:36.0121 6708 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
11:32:36.0125 6708 adp94xx - ok
11:32:36.0161 6708 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
11:32:36.0164 6708 adpahci - ok
11:32:36.0189 6708 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
11:32:36.0193 6708 adpu160m - ok
11:32:36.0216 6708 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
11:32:36.0217 6708 adpu320 - ok
11:32:36.0261 6708 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
11:32:36.0262 6708 AeLookupSvc - ok
11:32:36.0330 6708 AFD (48eb99503533c27ac6135648e5474457) C:\Windows\system32\drivers\afd.sys
11:32:36.0332 6708 AFD - ok
11:32:36.0368 6708 AgereModemAudio (8ed60797908fd394eee0d6949f493224) C:\Windows\system32\agrsmsvc.exe
11:32:36.0369 6708 AgereModemAudio - ok
11:32:36.0450 6708 AgereSoftModem (baf68dcba949633df0c16d37af2a2351) C:\Windows\system32\DRIVERS\AGRSM.sys
11:32:36.0460 6708 AgereSoftModem - ok
11:32:36.0522 6708 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
11:32:36.0523 6708 agp440 - ok
11:32:36.0576 6708 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
11:32:36.0577 6708 aic78xx - ok
11:32:36.0632 6708 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
11:32:36.0633 6708 ALG - ok
11:32:36.0702 6708 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
11:32:36.0703 6708 aliide - ok
11:32:36.0731 6708 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
11:32:36.0732 6708 amdagp - ok
11:32:36.0760 6708 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
11:32:36.0760 6708 amdide - ok
11:32:36.0782 6708 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
11:32:36.0782 6708 AmdK7 - ok
11:32:36.0835 6708 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
11:32:36.0835 6708 AmdK8 - ok
11:32:36.0864 6708 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
11:32:36.0865 6708 Appinfo - ok
11:32:36.0923 6708 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
11:32:36.0924 6708 arc - ok
11:32:36.0946 6708 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
11:32:36.0949 6708 arcsas - ok
11:32:37.0066 6708 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
11:32:37.0067 6708 aspnet_state - ok
11:32:37.0099 6708 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
11:32:37.0100 6708 AsyncMac - ok
11:32:37.0135 6708 atapi (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys
11:32:37.0136 6708 atapi - ok
11:32:37.0194 6708 AudioEndpointBuilder (42076e29aafa0830a2c5d4e310f58dd1) C:\Windows\System32\Audiosrv.dll
11:32:37.0200 6708 AudioEndpointBuilder - ok
11:32:37.0228 6708 Audiosrv (42076e29aafa0830a2c5d4e310f58dd1) C:\Windows\System32\Audiosrv.dll
11:32:37.0235 6708 Audiosrv - ok
11:32:37.0288 6708 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
11:32:37.0289 6708 Beep - ok
11:32:37.0336 6708 BFE (d3e6d78285529962349a7f1617035938) C:\Windows\System32\bfe.dll
11:32:37.0338 6708 BFE - ok
11:32:37.0391 6708 BITS (02ed7b4dbc2a3232a389106da7515c3d) C:\Windows\system32\qmgr.dll
11:32:37.0398 6708 BITS - ok
11:32:37.0430 6708 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
11:32:37.0430 6708 blbdrive - ok
11:32:37.0469 6708 bowser (8153396d5551276227fa146900f734e6) C:\Windows\system32\DRIVERS\bowser.sys
11:32:37.0470 6708 bowser - ok
11:32:37.0508 6708 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
11:32:37.0508 6708 BrFiltLo - ok
11:32:37.0548 6708 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
11:32:37.0549 6708 BrFiltUp - ok
11:32:37.0593 6708 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
11:32:37.0594 6708 Browser - ok
11:32:37.0627 6708 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
11:32:37.0628 6708 Brserid - ok
11:32:37.0654 6708 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
11:32:37.0655 6708 BrSerWdm - ok
11:32:37.0682 6708 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
11:32:37.0682 6708 BrUsbMdm - ok
11:32:37.0706 6708 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
11:32:37.0707 6708 BrUsbSer - ok
11:32:37.0761 6708 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
11:32:37.0761 6708 BTHMODEM - ok
11:32:37.0840 6708 catchme - ok
11:32:37.0863 6708 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
11:32:37.0864 6708 cdfs - ok
11:32:37.0881 6708 cdrom (1ec25cea0de6ac4718bf89f9e1778b57) C:\Windows\system32\DRIVERS\cdrom.sys
11:32:37.0882 6708 cdrom - ok
11:32:37.0917 6708 CertPropSvc (87c2d0377b23e2d8a41093c2f5fb1a5b) C:\Windows\System32\certprop.dll
11:32:37.0918 6708 CertPropSvc - ok
11:32:37.0947 6708 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
11:32:37.0948 6708 circlass - ok
11:32:37.0982 6708 CLFS (465745561c832b29f7c48b488aab3842) C:\Windows\system32\CLFS.sys
11:32:37.0985 6708 CLFS - ok
11:32:38.0052 6708 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:32:38.0054 6708 clr_optimization_v2.0.50727_32 - ok
11:32:38.0123 6708 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:32:38.0125 6708 clr_optimization_v4.0.30319_32 - ok
11:32:38.0171 6708 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
11:32:38.0171 6708 cmdide - ok
11:32:38.0209 6708 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys
11:32:38.0209 6708 Compbatt - ok
11:32:38.0224 6708 COMSysApp - ok
11:32:38.0253 6708 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
11:32:38.0254 6708 crcdisk - ok
11:32:38.0373 6708 Creative ALchemy AL6 Licensing Service (c8bd651e13895b93ed9ec5b4f1df42bc) C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
11:32:38.0374 6708 Creative ALchemy AL6 Licensing Service - ok
11:32:38.0413 6708 Creative Audio Engine Licensing Service (c0ead9f8ab83d41ff07303c75589c2b8) C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
11:32:38.0414 6708 Creative Audio Engine Licensing Service - ok
11:32:38.0456 6708 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
11:32:38.0457 6708 Crusoe - ok
11:32:38.0538 6708 CryptSvc (6de363f9f99334514c46aec02d3e3678) C:\Windows\system32\cryptsvc.dll
11:32:38.0541 6708 CryptSvc - ok
11:32:38.0659 6708 CTAudSvcService (69cdba2b9c397e349a04fa70dd9170a2) C:\Program Files\Creative\Shared Files\CTAudSvc.exe
11:32:38.0665 6708 CTAudSvcService - ok
11:32:38.0760 6708 DcomLaunch (301ae00e12408650baddc04dbc832830) C:\Windows\system32\rpcss.dll
11:32:38.0773 6708 DcomLaunch - ok
11:32:38.0820 6708 dfmirage (699ef0fd9ae72b7f5ad756e382c73e0e) C:\Windows\system32\DRIVERS\dfmirage.sys
11:32:38.0821 6708 dfmirage - ok
11:32:38.0875 6708 DfsC (a3e9fa213f443ac77c7746119d13feec) C:\Windows\system32\Drivers\dfsc.sys
11:32:38.0877 6708 DfsC - ok
11:32:39.0010 6708 DFSR (fa3463f25f9cc9c3bcf1e7912feff099) C:\Windows\system32\DFSR.exe
11:32:39.0029 6708 DFSR - ok
11:32:39.0138 6708 Dhcp (43a988a9c10333476cb5fb667cbd629d) C:\Windows\System32\dhcpcsvc.dll
11:32:39.0140 6708 Dhcp - ok
11:32:39.0192 6708 disk (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys
11:32:39.0192 6708 disk - ok
11:32:39.0237 6708 Dnscache (4805d9a6d281c7a7defd9094dec6af7d) C:\Windows\System32\dnsrslvr.dll
11:32:39.0239 6708 Dnscache - ok
11:32:39.0260 6708 dot3svc (5af620a08c614e24206b79e8153cf1a8) C:\Windows\System32\dot3svc.dll
11:32:39.0262 6708 dot3svc - ok
11:32:39.0297 6708 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
11:32:39.0298 6708 Dot4 - ok
11:32:39.0328 6708 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
11:32:39.0329 6708 Dot4Print - ok
11:32:39.0350 6708 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
11:32:39.0351 6708 dot4usb - ok
11:32:39.0376 6708 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
11:32:39.0378 6708 DPS - ok
11:32:39.0409 6708 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
11:32:39.0410 6708 drmkaud - ok
11:32:39.0447 6708 DrvAgent32 (651554e483712b708ede864d0ca1aa73) C:\Windows\system32\Drivers\DrvAgent32.sys
11:32:39.0447 6708 DrvAgent32 - ok
11:32:39.0508 6708 DXGKrnl (85f33880b8cfb554bd3d9ccdb486845a) C:\Windows\System32\drivers\dxgkrnl.sys
11:32:39.0513 6708 DXGKrnl - ok
11:32:39.0547 6708 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
11:32:39.0548 6708 E1G60 - ok
11:32:39.0578 6708 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
11:32:39.0579 6708 EapHost - ok
11:32:39.0603 6708 Ecache (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys
11:32:39.0605 6708 Ecache - ok
11:32:39.0669 6708 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
11:32:39.0671 6708 elxstor - ok
11:32:39.0769 6708 EMDMgmt (70b1a86df0c8ead17d2bc332edae2c7c) C:\Windows\system32\emdmgmt.dll
11:32:39.0775 6708 EMDMgmt - ok
11:32:39.0826 6708 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
11:32:39.0826 6708 ErrDev - ok
11:32:39.0950 6708 ETService (4d06d9a26227ac485305133916888df1) C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe
11:32:39.0950 6708 ETService - ok
11:32:40.0010 6708 EventSystem (3cb3343d720168b575133a0a20dc2465) C:\Windows\system32\es.dll
11:32:40.0012 6708 EventSystem - ok
11:32:40.0064 6708 exfat (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys
11:32:40.0065 6708 exfat - ok
11:32:40.0093 6708 fastfat (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys
11:32:40.0095 6708 fastfat - ok
11:32:40.0124 6708 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
11:32:40.0125 6708 fdc - ok
11:32:40.0167 6708 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
11:32:40.0169 6708 fdPHost - ok
11:32:40.0187 6708 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
11:32:40.0190 6708 FDResPub - ok
11:32:40.0210 6708 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
11:32:40.0211 6708 FileInfo - ok
11:32:40.0243 6708 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
11:32:40.0245 6708 Filetrace - ok
11:32:40.0274 6708 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
11:32:40.0275 6708 flpydisk - ok
11:32:40.0318 6708 FltMgr (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys
11:32:40.0319 6708 FltMgr - ok
11:32:40.0421 6708 FontCache3.0.0.0 (c9be08664611ddaf98e2331e9288b00b) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
11:32:40.0422 6708 FontCache3.0.0.0 - ok
11:32:40.0468 6708 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
11:32:40.0468 6708 Fs_Rec - ok
11:32:40.0516 6708 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
11:32:40.0517 6708 gagp30kx - ok
11:32:40.0596 6708 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\Drivers\GEARAspiWDM.sys
11:32:40.0596 6708 GEARAspiWDM - ok
11:32:40.0704 6708 gpsvc (d9f1113d9401185245573350712f92fc) C:\Windows\System32\gpsvc.dll
11:32:40.0709 6708 gpsvc - ok
11:32:40.0772 6708 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
11:32:40.0773 6708 HdAudAddService - ok
11:32:40.0831 6708 HDAudBus (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\DRIVERS\HDAudBus.sys
11:32:40.0832 6708 HDAudBus - ok
11:32:40.0882 6708 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
11:32:40.0882 6708 HidBth - ok
11:32:40.0925 6708 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
11:32:40.0926 6708 HidIr - ok
11:32:41.0012 6708 hidserv (8fa640195279ace21bea91396a0054fc) C:\Windows\System32\hidserv.dll
11:32:41.0013 6708 hidserv - ok
11:32:41.0030 6708 HidUsb (854ca287ab7faf949617a788306d967e) C:\Windows\system32\DRIVERS\hidusb.sys
11:32:41.0031 6708 HidUsb - ok
11:32:41.0061 6708 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
11:32:41.0063 6708 hkmsvc - ok
11:32:41.0223 6708 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
11:32:41.0223 6708 HpCISSs - ok
11:32:41.0475 6708 hpqcxs08 (fcb563b0a23643e5f80b6ff1e60f610f) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
11:32:41.0476 6708 hpqcxs08 - ok
11:32:41.0504 6708 hpqddsvc (25e443e27165c652723a92d9bdfd4649) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
11:32:41.0506 6708 hpqddsvc - ok
11:32:41.0586 6708 HTTP (33b02459e86d0a2b86a6b9fe19139390) C:\Windows\system32\drivers\HTTP.sys
11:32:41.0589 6708 HTTP - ok
11:32:41.0630 6708 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
11:32:41.0631 6708 i2omp - ok
11:32:41.0667 6708 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
11:32:41.0667 6708 i8042prt - ok
11:32:41.0704 6708 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
11:32:41.0706 6708 iaStorV - ok
11:32:41.0809 6708 idsvc (7b630acaed64fef0c3e1cf255cb56686) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:32:41.0816 6708 idsvc - ok
11:32:41.0871 6708 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
11:32:41.0871 6708 iirsp - ok
11:32:41.0926 6708 IKEEXT (68e8c415e102e5d79fd7e4a765b8cba4) C:\Windows\System32\ikeext.dll
11:32:41.0931 6708 IKEEXT - ok
11:32:41.0972 6708 int15 (c6e5276c00ebdeb096bb5ef4b797d1b6) C:\Windows\system32\drivers\int15.sys
11:32:41.0972 6708 int15 - ok
11:32:41.0983 6708 IntcAzAudAddService - ok
11:32:42.0014 6708 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
11:32:42.0014 6708 intelide - ok
11:32:42.0040 6708 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
11:32:42.0041 6708 intelppm - ok
11:32:42.0086 6708 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
11:32:42.0089 6708 IPBusEnum - ok
11:32:42.0129 6708 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:32:42.0130 6708 IpFilterDriver - ok
11:32:42.0180 6708 iphlpsvc (6a35d233693edc29a12742049bc5e37f) C:\Windows\System32\iphlpsvc.dll
11:32:42.0183 6708 iphlpsvc - ok
11:32:42.0196 6708 IpInIp - ok
11:32:42.0230 6708 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
11:32:42.0231 6708 IPMIDRV - ok
11:32:42.0267 6708 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
11:32:42.0268 6708 IPNAT - ok
11:32:42.0288 6708 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
11:32:42.0288 6708 IRENUM - ok
11:32:42.0317 6708 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
11:32:42.0318 6708 isapnp - ok
11:32:42.0358 6708 iScsiPrt (f247eec28317f6c739c16de420097301) C:\Windows\system32\DRIVERS\msiscsi.sys
11:32:42.0360 6708 iScsiPrt - ok
11:32:42.0402 6708 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
11:32:42.0402 6708 iteatapi - ok
11:32:42.0423 6708 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
11:32:42.0423 6708 iteraid - ok
11:32:42.0455 6708 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
11:32:42.0456 6708 kbdclass - ok
11:32:42.0485 6708 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys
11:32:42.0485 6708 kbdhid - ok
11:32:42.0533 6708 KeyIso (a911ecac81f94adeafbe8e3f7873edb0) C:\Windows\system32\lsass.exe
11:32:42.0535 6708 KeyIso - ok
11:32:42.0560 6708 KSecDD (7a0cf7908b6824d6a2a1d313e5ae3dca) C:\Windows\system32\Drivers\ksecdd.sys
11:32:42.0563 6708 KSecDD - ok
11:32:42.0600 6708 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
11:32:42.0603 6708 KtmRm - ok
11:32:42.0836 6708 LanmanServer (1925e63c91cf1610ae41bfd539062079) C:\Windows\System32\srvsvc.dll
11:32:42.0839 6708 LanmanServer - ok
11:32:43.0420 6708 LanmanWorkstation (2ae2e1628c5d3f1c0a46a67c9fa1df15) C:\Windows\System32\wkssvc.dll
11:32:43.0425 6708 LanmanWorkstation - ok
11:32:43.0459 6708 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
11:32:43.0461 6708 lltdio - ok
11:32:43.0504 6708 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
11:32:43.0507 6708 lltdsvc - ok
11:32:43.0536 6708 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
11:32:43.0538 6708 lmhosts - ok
11:32:43.0576 6708 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
11:32:43.0577 6708 LSI_FC - ok
11:32:43.0609 6708 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
11:32:43.0610 6708 LSI_SAS - ok
11:32:43.0911 6708 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
11:32:43.0913 6708 LSI_SCSI - ok
11:32:44.0008 6708 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
11:32:44.0010 6708 luafv - ok
11:32:44.0205 6708 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
11:32:44.0206 6708 megasas - ok
11:32:44.0551 6708 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
11:32:44.0558 6708 MegaSR - ok
11:32:44.0749 6708 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
11:32:44.0753 6708 MMCSS - ok
11:32:44.0897 6708 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
11:32:44.0899 6708 Modem - ok
11:32:44.0974 6708 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
11:32:44.0976 6708 monitor - ok
11:32:45.0047 6708 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
11:32:45.0048 6708 mouclass - ok
11:32:45.0120 6708 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
11:32:45.0121 6708 mouhid - ok
11:32:45.0222 6708 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
11:32:45.0224 6708 MountMgr - ok
11:32:45.0425 6708 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
11:32:45.0427 6708 mpio - ok
11:32:45.0528 6708 MpNWMon (2c3489660d4a8d514c123c3f0d67df46) C:\Windows\system32\DRIVERS\MpNWMon.sys
11:32:45.0530 6708 MpNWMon - ok
11:32:45.0710 6708 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
11:32:45.0711 6708 mpsdrv - ok
11:32:46.0236 6708 MpsSvc (d1639ba315b0d79dec49a4b0e1fb929b) C:\Windows\system32\mpssvc.dll
11:32:46.0245 6708 MpsSvc - ok
11:32:46.0310 6708 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
11:32:46.0311 6708 Mraid35x - ok
11:32:46.0407 6708 MRxDAV (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys
11:32:46.0410 6708 MRxDAV - ok
11:32:46.0485 6708 mrxsmb (5734a0f2be7e495f7d3ed6efd4b9f5a1) C:\Windows\system32\DRIVERS\mrxsmb.sys
11:32:46.0487 6708 mrxsmb - ok
11:32:46.0578 6708 mrxsmb10 (6b5fa5adfacac9dbbe0991f4566d7d55) C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:32:46.0584 6708 mrxsmb10 - ok
11:32:46.0642 6708 mrxsmb20 (5c80d8159181c7abf1b14ba703b01e0b) C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:32:46.0645 6708 mrxsmb20 - ok
11:32:46.0705 6708 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
11:32:46.0707 6708 msahci - ok
11:32:46.0756 6708 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
11:32:46.0759 6708 msdsm - ok
11:32:46.0827 6708 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
11:32:46.0833 6708 MSDTC - ok
11:32:46.0895 6708 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
11:32:46.0897 6708 Msfs - ok
11:32:46.0915 6708 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
11:32:46.0918 6708 msisadrv - ok
11:32:46.0963 6708 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
11:32:46.0967 6708 MSiSCSI - ok
11:32:46.0980 6708 msiserver - ok
11:32:47.0031 6708 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
11:32:47.0032 6708 MSKSSRV - ok
11:32:47.0050 6708 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
11:32:47.0052 6708 MSPCLOCK - ok
11:32:47.0065 6708 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
11:32:47.0066 6708 MSPQM - ok
11:32:47.0099 6708 MsRPC (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys
11:32:47.0102 6708 MsRPC - ok
11:32:47.0140 6708 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
11:32:47.0140 6708 mssmbios - ok
11:32:47.0169 6708 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
11:32:47.0170 6708 MSTEE - ok
11:32:47.0201 6708 msvad_simple (00c7b2306f1ca5389a1ac6d1df9c2e25) C:\Windows\system32\drivers\povrtdev.sys
11:32:47.0202 6708 msvad_simple - ok
11:32:47.0227 6708 Mup (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys
11:32:47.0228 6708 Mup - ok
11:32:47.0264 6708 napagent (c43b25863fbd65b6d2a142af3ae320ca) C:\Windows\system32\qagentRT.dll
11:32:47.0270 6708 napagent - ok
11:32:47.0322 6708 NativeWifiP (3c21ce48ff529bb73dadb98770b54025) C:\Windows\system32\DRIVERS\nwifi.sys
11:32:47.0325 6708 NativeWifiP - ok
11:32:47.0371 6708 NDIS (9bdc71790fa08f0a0b5f10462b1bd0b1) C:\Windows\system32\drivers\ndis.sys
11:32:47.0376 6708 NDIS - ok
11:32:47.0395 6708 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
11:32:47.0397 6708 NdisTapi - ok
11:32:47.0417 6708 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
11:32:47.0418 6708 Ndisuio - ok
11:32:47.0437 6708 NdisWan (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys
11:32:47.0439 6708 NdisWan - ok
11:32:47.0460 6708 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
11:32:47.0462 6708 NDProxy - ok
11:32:47.0508 6708 Net Driver HPZ12 (51c6d8bfbd4ea5b62a1ba7f4469250d3) C:\Windows\system32\HPZinw12.dll
11:32:47.0510 6708 Net Driver HPZ12 - ok
11:32:47.0554 6708 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
11:32:47.0556 6708 NetBIOS - ok
11:32:47.0583 6708 netbt (7c5fee5b1c5728507cd96fb4a13e7a02) C:\Windows\system32\DRIVERS\netbt.sys
11:32:47.0587 6708 netbt - ok
11:32:47.0616 6708 Netlogon (a911ecac81f94adeafbe8e3f7873edb0) C:\Windows\system32\lsass.exe
11:32:47.0618 6708 Netlogon - ok
11:32:47.0658 6708 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
11:32:47.0662 6708 Netman - ok
11:32:47.0760 6708 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:32:47.0763 6708 NetMsmqActivator - ok
11:32:47.0775 6708 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:32:47.0777 6708 NetPipeActivator - ok
11:32:47.0823 6708 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
11:32:47.0831 6708 netprofm - ok
11:32:47.0853 6708 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:32:47.0858 6708 NetTcpActivator - ok
11:32:47.0879 6708 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:32:47.0882 6708 NetTcpPortSharing - ok
11:32:47.0956 6708 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
11:32:47.0957 6708 nfrd960 - ok
11:32:48.0019 6708 NisDrv (7b01c6172cfd0b10116175e09200d4b4) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
11:32:48.0020 6708 NisDrv - ok
11:32:48.0102 6708 NisSrv (a5cb074f34bbd89948e34a630d459c0c) c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
11:32:48.0107 6708 NisSrv - ok
11:32:48.0159 6708 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
11:32:48.0166 6708 NlaSvc - ok
11:32:48.0202 6708 Npfs (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys
11:32:48.0204 6708 Npfs - ok
11:32:48.0219 6708 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
11:32:48.0224 6708 nsi - ok
11:32:48.0241 6708 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
11:32:48.0242 6708 nsiproxy - ok
11:32:48.0308 6708 Ntfs (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys
11:32:48.0321 6708 Ntfs - ok
11:32:48.0357 6708 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
11:32:48.0358 6708 ntrigdigi - ok
11:32:48.0393 6708 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
11:32:48.0394 6708 Null - ok
11:32:48.0429 6708 NVENETFD (1efec38a852ab35883bfff3427b92b3f) C:\Windows\system32\DRIVERS\nvmfdx32.sys
11:32:48.0432 6708 NVENETFD - ok
11:32:48.0881 6708 nvlddmkm (afb33a823aabc112fc7bd62afbcdb0cd) C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:32:48.0978 6708 nvlddmkm - ok
11:32:49.0106 6708 NVNET (1efec38a852ab35883bfff3427b92b3f) C:\Windows\system32\DRIVERS\nvmfdx32.sys
11:32:49.0108 6708 NVNET - ok
11:32:49.0153 6708 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
11:32:49.0154 6708 nvraid - ok
11:32:49.0179 6708 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
11:32:49.0179 6708 nvstor - ok
11:32:49.0230 6708 nvstor32 (8ee374b6fb3cb2bb8d70395218b464a5) C:\Windows\system32\DRIVERS\nvstor32.sys
11:32:49.0231 6708 nvstor32 - ok
11:32:49.0292 6708 nvsvc (782945716ad010ac3d41758e8e52c735) C:\Windows\system32\nvvsvc.exe
11:32:49.0302 6708 nvsvc - ok
11:32:49.0435 6708 nvUpdatusService (a974e5c310b9b00894070ceb055d467f) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
11:32:49.0449 6708 nvUpdatusService - ok
11:32:49.0580 6708 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
11:32:49.0581 6708 nv_agp - ok
11:32:49.0592 6708 NwlnkFlt - ok
11:32:49.0601 6708 NwlnkFwd - ok
11:32:49.0703 6708 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
11:32:49.0709 6708 odserv - ok
11:32:49.0743 6708 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
11:32:49.0744 6708 ohci1394 - ok
11:32:49.0791 6708 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:32:49.0794 6708 ose - ok
11:32:49.0880 6708 P17 (f2519d547a6ac2afe0df0dc826a085a7) C:\Windows\system32\drivers\P17.sys
11:32:49.0888 6708 P17 - ok
11:32:49.0938 6708 p2pimsvc (5de1a3972fd3112c75eb17bdcf454169) C:\Windows\system32\p2psvc.dll
11:32:49.0945 6708 p2pimsvc - ok
11:32:49.0962 6708 p2psvc (5de1a3972fd3112c75eb17bdcf454169) C:\Windows\system32\p2psvc.dll
11:32:49.0971 6708 p2psvc - ok
11:32:50.0041 6708 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
11:32:50.0042 6708 Parport - ok
11:32:50.0080 6708 partmgr (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys
11:32:50.0082 6708 partmgr - ok
11:32:50.0114 6708 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
11:32:50.0114 6708 Parvdm - ok
11:32:50.0146 6708 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
11:32:50.0149 6708 PcaSvc - ok
11:32:50.0177 6708 pci (01b94418deb235dff777cc80076354b4) C:\Windows\system32\drivers\pci.sys
11:32:50.0180 6708 pci - ok
11:32:50.0199 6708 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
11:32:50.0200 6708 pciide - ok
11:32:50.0242 6708 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
11:32:50.0244 6708 pcmcia - ok
11:32:50.0303 6708 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
11:32:50.0314 6708 PEAUTH - ok
11:32:50.0408 6708 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
11:32:50.0430 6708 pla - ok
11:32:50.0557 6708 PlugPlay (78f975cb6d18265be6f492edb2d7bc7b) C:\Windows\system32\umpnpmgr.dll
11:32:50.0563 6708 PlugPlay - ok
11:32:50.0603 6708 Pml Driver HPZ12 (79834aa2fbf9fe81eebb229024f6f7fc) C:\Windows\system32\HPZipm12.dll
11:32:50.0607 6708 Pml Driver HPZ12 - ok
11:32:50.0679 6708 PNRPAutoReg (5de1a3972fd3112c75eb17bdcf454169) C:\Windows\system32\p2psvc.dll
11:32:50.0692 6708 PNRPAutoReg - ok
11:32:50.0722 6708 PNRPsvc (5de1a3972fd3112c75eb17bdcf454169) C:\Windows\system32\p2psvc.dll
11:32:50.0735 6708 PNRPsvc - ok
11:32:50.0807 6708 PolicyAgent (47b8f37aa18b74d8c2e1bc1a7a2c8f8a) C:\Windows\System32\ipsecsvc.dll
11:32:50.0811 6708 PolicyAgent - ok
11:32:50.0866 6708 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
11:32:50.0868 6708 PptpMiniport - ok
11:32:50.0905 6708 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
11:32:50.0905 6708 Processor - ok
11:32:50.0953 6708 ProfSvc (b627e4fc8585e8843c5905d4d3587a90) C:\Windows\system32\profsvc.dll
11:32:50.0956 6708 ProfSvc - ok
11:32:50.0991 6708 ProtectedStorage (a911ecac81f94adeafbe8e3f7873edb0) C:\Windows\system32\lsass.exe
11:32:50.0992 6708 ProtectedStorage - ok
11:32:51.0041 6708 PSched (bfef604508a0ed1eae2a73e872555ffb) C:\Windows\system32\DRIVERS\pacer.sys
11:32:51.0043 6708 PSched - ok
11:32:51.0122 6708 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
11:32:51.0130 6708 ql2300 - ok
11:32:51.0161 6708 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
11:32:51.0162 6708 ql40xx - ok
11:32:51.0200 6708 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
11:32:51.0205 6708 QWAVE - ok
11:32:51.0225 6708 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
11:32:51.0226 6708 QWAVEdrv - ok
11:32:51.0245 6708 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
11:32:51.0246 6708 RasAcd - ok
11:32:51.0266 6708 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
11:32:51.0269 6708 RasAuto - ok
11:32:51.0289 6708 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
11:32:51.0291 6708 Rasl2tp - ok
11:32:51.0315 6708 RasMan (6e7c284fc5c4ec07ad164d93810385a6) C:\Windows\System32\rasmans.dll
11:32:51.0319 6708 RasMan - ok
11:32:51.0355 6708 RasPppoe (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys
11:32:51.0356 6708 RasPppoe - ok
11:32:51.0368 6708 RasSstp (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys
11:32:51.0371 6708 RasSstp - ok
11:32:51.0394 6708 rdbss (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys
11:32:51.0398 6708 rdbss - ok
11:32:51.0412 6708 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
11:32:51.0413 6708 RDPCDD - ok
11:32:51.0447 6708 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
11:32:51.0448 6708 rdpdr - ok
11:32:51.0460 6708 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
11:32:51.0461 6708 RDPENCDD - ok
11:32:51.0507 6708 RDPWD (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys
11:32:51.0510 6708 RDPWD - ok
11:32:51.0563 6708 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
11:32:51.0565 6708 RemoteAccess - ok
11:32:51.0598 6708 RemoteRegistry (cc4e32400f3c7253400cf8f3f3a0b676) C:\Windows\system32\regsvc.dll
11:32:51.0601 6708 RemoteRegistry - ok
11:32:51.0628 6708 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
11:32:51.0630 6708 RpcLocator - ok
11:32:51.0701 6708 RpcSs (301ae00e12408650baddc04dbc832830) C:\Windows\System32\rpcss.dll
11:32:51.0706 6708 RpcSs - ok
11:32:51.0739 6708 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
11:32:51.0740 6708 rspndr - ok
11:32:51.0761 6708 SamSs (a911ecac81f94adeafbe8e3f7873edb0) C:\Windows\system32\lsass.exe
11:32:51.0764 6708 SamSs - ok
11:32:51.0805 6708 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
11:32:51.0806 6708 sbp2port - ok
11:32:51.0851 6708 SCardSvr (11387e32642269c7e62e8b52c060b3c6) C:\Windows\System32\SCardSvr.dll
11:32:51.0854 6708 SCardSvr - ok
11:32:51.0904 6708 Schedule (7b587b8a6d4a99f79d2902d0385f29bd) C:\Windows\system32\schedsvc.dll
11:32:51.0911 6708 Schedule - ok
11:32:51.0940 6708 SCPolicySvc (87c2d0377b23e2d8a41093c2f5fb1a5b) C:\Windows\System32\certprop.dll
11:32:51.0941 6708 SCPolicySvc - ok
11:32:51.0959 6708 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
11:32:51.0962 6708 SDRSVC - ok
11:32:51.0992 6708 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
11:32:51.0994 6708 secdrv - ok
11:32:52.0032 6708 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
11:32:52.0035 6708 seclogon - ok
11:32:52.0063 6708 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\system32\sens.dll
11:32:52.0066 6708 SENS - ok
11:32:52.0103 6708 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
11:32:52.0104 6708 Serenum - ok
11:32:52.0136 6708 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
11:32:52.0137 6708 Serial - ok
11:32:52.0166 6708 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
11:32:52.0167 6708 sermouse - ok
11:32:52.0210 6708 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
11:32:52.0214 6708 SessionEnv - ok
11:32:52.0252 6708 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
11:32:52.0252 6708 sffdisk - ok
11:32:52.0310 6708 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
11:32:52.0311 6708 sffp_mmc - ok
11:32:52.0326 6708 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
11:32:52.0327 6708 sffp_sd - ok
11:32:52.0352 6708 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
11:32:52.0353 6708 sfloppy - ok
11:32:52.0403 6708 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
11:32:52.0407 6708 SharedAccess - ok
11:32:52.0463 6708 ShellHWDetection (1e3fdb80e40a3ce645f229dfbdfb7694) C:\Windows\System32\shsvcs.dll
11:32:52.0468 6708 ShellHWDetection - ok
11:32:52.0503 6708 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
11:32:52.0504 6708 sisagp - ok
11:32:52.0571 6708 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
11:32:52.0572 6708 SiSRaid2 - ok
11:32:52.0599 6708 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
11:32:52.0600 6708 SiSRaid4 - ok
11:32:52.0728 6708 slsvc (0ba91e1358ad25236863039bb2609a2e) C:\Windows\system32\SLsvc.exe
11:32:52.0763 6708 slsvc - ok
11:32:52.0873 6708 SLUINotify (7c6dc44ca0bfa6291629ab764200d1d4) C:\Windows\system32\SLUINotify.dll
11:32:52.0876 6708 SLUINotify - ok
11:32:52.0912 6708 SmartDefragDriver - ok
11:32:52.0943 6708 Smb (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys
11:32:52.0945 6708 Smb - ok
11:32:52.0977 6708 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
11:32:52.0980 6708 SNMPTRAP - ok
11:32:53.0003 6708 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
11:32:53.0004 6708 spldr - ok
11:32:53.0064 6708 Spooler (3665f79026a3f91fbca63f2c65a09b19) C:\Windows\System32\spoolsv.exe
11:32:53.0068 6708 Spooler - ok
11:32:53.0119 6708 srv (2252aef839b1093d16761189f45af885) C:\Windows\system32\DRIVERS\srv.sys
11:32:53.0124 6708 srv - ok
11:32:53.0170 6708 srv2 (b7ff59408034119476b00a81bb53d5d1) C:\Windows\system32\DRIVERS\srv2.sys
11:32:53.0173 6708 srv2 - ok
11:32:53.0193 6708 srvnet (2accc9b12af02030f531e6cca6f8b76e) C:\Windows\system32\DRIVERS\srvnet.sys
11:32:53.0195 6708 srvnet - ok
11:32:53.0230 6708 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
11:32:53.0235 6708 SSDPSRV - ok
11:32:53.0270 6708 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
11:32:53.0275 6708 SstpSvc - ok
11:32:53.0325 6708 Steam Client Service - ok
11:32:53.0362 6708 stisvc (7dd08a597bc56051f320da0baf69e389) C:\Windows\System32\wiaservc.dll
11:32:53.0371 6708 stisvc - ok
11:32:53.0398 6708 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
11:32:53.0399 6708 swenum - ok
11:32:53.0444 6708 swprv (b36c7cdb86f7f7a8e884479219766950) C:\Windows\System32\swprv.dll
11:32:53.0451 6708 swprv - ok
11:32:53.0514 6708 sxuptp (86083b04dc2b90397f4b47add6eaa407) C:\Windows\system32\DRIVERS\sxuptp.sys
11:32:53.0516 6708 sxuptp - ok
11:32:53.0547 6708 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
11:32:53.0548 6708 Symc8xx - ok
11:32:53.0578 6708 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
11:32:53.0579 6708 Sym_hi - ok
11:32:53.0612 6708 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
11:32:53.0613 6708 Sym_u3 - ok
11:32:53.0667 6708 SysMain (8710a92d0024b03b5fb9540df1f71f1d) C:\Windows\system32\sysmain.dll
11:32:53.0678 6708 SysMain - ok
11:32:53.0722 6708 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
11:32:53.0727 6708 TabletInputService - ok
11:32:53.0765 6708 TapiSrv (680916bb09ee0f3a6aca7c274b0d633f) C:\Windows\System32\tapisrv.dll
11:32:53.0770 6708 TapiSrv - ok
11:32:53.0796 6708 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
11:32:53.0800 6708 TBS - ok
11:32:53.0859 6708 Tcpip (6216a954ed7045b62880a92d6c9b9fc7) C:\Windows\system32\drivers\tcpip.sys
11:32:53.0871 6708 Tcpip - ok
11:32:53.0892 6708 Tcpip6 (6216a954ed7045b62880a92d6c9b9fc7) C:\Windows\system32\DRIVERS\tcpip.sys
11:32:53.0901 6708 Tcpip6 - ok
11:32:53.0935 6708 tcpipreg (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys
11:32:53.0936 6708 tcpipreg - ok
11:32:53.0976 6708 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
11:32:53.0977 6708 TDPIPE - ok
11:32:53.0999 6708 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
11:32:54.0000 6708 TDTCP - ok
11:32:54.0042 6708 tdx (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys
11:32:54.0044 6708 tdx - ok
11:32:54.0067 6708 TermDD (a048056f5e1a96a9bf3071b91741a5aa) C:\Windows\system32\DRIVERS\termdd.sys
11:32:54.0068 6708 TermDD - ok
11:32:54.0115 6708 TermService (d605031e225aaccbceb5b76a4f1603a6) C:\Windows\System32\termsrv.dll
11:32:54.0122 6708 TermService - ok
11:32:54.0179 6708 Themes (1e3fdb80e40a3ce645f229dfbdfb7694) C:\Windows\system32\shsvcs.dll
11:32:54.0184 6708 Themes - ok
11:32:54.0214 6708 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
11:32:54.0218 6708 THREADORDER - ok
11:32:54.0254 6708 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
11:32:54.0258 6708 TrkWks - ok
11:32:54.0319 6708 TrustedInstaller (16613a1bad034d4ecf957af18b7c2ff5) C:\Windows\servicing\TrustedInstaller.exe
11:32:54.0321 6708 TrustedInstaller - ok
11:32:54.0396 6708 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
11:32:54.0398 6708 tssecsrv - ok
11:32:54.0437 6708 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
11:32:54.0438 6708 tunmp - ok
11:32:54.0468 6708 tunnel (6042505ff6fa9ac1ef7684d0e03b6940) C:\Windows\system32\DRIVERS\tunnel.sys
11:32:54.0469 6708 tunnel - ok
11:32:54.0509 6708 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
11:32:54.0510 6708 uagp35 - ok
11:32:54.0550 6708 udfs (8b5088058fa1d1cd897a2113ccff6c58) C:\Windows\system32\DRIVERS\udfs.sys
11:32:54.0554 6708 udfs - ok
11:32:54.0607 6708 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
11:32:54.0613 6708 UI0Detect - ok
11:32:54.0655 6708 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
11:32:54.0656 6708 uliagpkx - ok
11:32:54.0689 6708 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
11:32:54.0692 6708 uliahci - ok
11:32:54.0715 6708 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
11:32:54.0717 6708 UlSata - ok
11:32:54.0748 6708 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
11:32:54.0749 6708 ulsata2 - ok
11:32:54.0781 6708 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
11:32:54.0782 6708 umbus - ok
11:32:54.0821 6708 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
11:32:54.0826 6708 upnphost - ok
11:32:54.0864 6708 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
11:32:54.0866 6708 usbccgp - ok
11:32:54.0899 6708 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
11:32:54.0901 6708 usbcir - ok
11:32:54.0935 6708 usbehci (cebe90821810e76320155beba722fcf9) C:\Windows\system32\DRIVERS\usbehci.sys
11:32:54.0936 6708 usbehci - ok
11:32:54.0966 6708 usbhub (cc6b28e4ce39951357963119ce47b143) C:\Windows\system32\DRIVERS\usbhub.sys
11:32:54.0970 6708 usbhub - ok
11:32:54.0989 6708 usbohci (7bdb7b0e7d45ac0402d78b90789ef47c) C:\Windows\system32\DRIVERS\usbohci.sys
11:32:54.0990 6708 usbohci - ok
11:32:55.0014 6708 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
11:32:55.0016 6708 usbprint - ok
11:32:55.0054 6708 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
11:32:55.0055 6708 usbscan - ok
11:32:55.0086 6708 USBSTOR (87ba6b83c5d19b69160968d07d6e2982) C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:32:55.0087 6708 USBSTOR - ok
11:32:55.0125 6708 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
11:32:55.0126 6708 usbuhci - ok
11:32:55.0172 6708 UxSms (032a0acc3909ae7215d524e29d536797) C:\Windows\System32\uxsms.dll
11:32:55.0175 6708 UxSms - ok
11:32:55.0206 6708 vds (b13bc395b9d6116628f5af47e0802ac4) C:\Windows\System32\vds.exe
11:32:55.0215 6708 vds - ok
11:32:55.0243 6708 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
11:32:55.0245 6708 vga - ok
11:32:55.0278 6708 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
11:32:55.0279 6708 VgaSave - ok
11:32:55.0331 6708 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
11:32:55.0333 6708 viaagp - ok
11:32:55.0375 6708 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
11:32:55.0377 6708 ViaC7 - ok
11:32:55.0422 6708 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
11:32:55.0423 6708 viaide - ok
11:32:55.0474 6708 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
11:32:55.0476 6708 volmgr - ok
11:32:55.0519 6708 volmgrx (98f5ffe6316bd74e9e2c97206c190196) C:\Windows\system32\drivers\volmgrx.sys
11:32:55.0526 6708 volmgrx - ok
11:32:55.0582 6708 volsnap (d8b4a53dd2769f226b3eb374374987c9) C:\Windows\system32\drivers\volsnap.sys
11:32:55.0587 6708 volsnap - ok
11:32:55.0636 6708 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
11:32:55.0639 6708 vsmraid - ok
11:32:55.0734 6708 VSS (d5fb73d19c46ade183f968e13f186b23) C:\Windows\system32\vssvc.exe
11:32:55.0760 6708 VSS - ok
11:32:55.0808 6708 W32Time (1cf9206966a8458cda9a8b20df8ab7d3) C:\Windows\system32\w32time.dll
11:32:55.0814 6708 W32Time - ok
11:32:55.0874 6708 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
11:32:55.0875 6708 WacomPen - ok
11:32:55.0913 6708 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
11:32:55.0915 6708 Wanarp - ok
11:32:55.0923 6708 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
11:32:55.0924 6708 Wanarpv6 - ok
11:32:55.0966 6708 wcncsvc (f3a5c2e1a6533192b070d06ecf6be796) C:\Windows\System32\wcncsvc.dll
11:32:55.0974 6708 wcncsvc - ok
11:32:55.0990 6708 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
11:32:55.0993 6708 WcsPlugInService - ok
11:32:56.0028 6708 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
11:32:56.0029 6708 Wd - ok
11:32:56.0077 6708 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
11:32:56.0083 6708 Wdf01000 - ok
11:32:56.0099 6708 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
11:32:56.0103 6708 WdiServiceHost - ok
11:32:56.0113 6708 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
11:32:56.0116 6708 WdiSystemHost - ok
11:32:56.0145 6708 WebClient (cf9a5f41789b642db967021de06a2713) C:\Windows\System32\webclnt.dll
11:32:56.0150 6708 WebClient - ok
11:32:56.0203 6708 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
11:32:56.0208 6708 Wecsvc - ok
11:32:56.0242 6708 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
11:32:56.0246 6708 wercplsupport - ok
11:32:56.0286 6708 WerSvc (fd1965aaa112c6818a30ab02742d0461) C:\Windows\System32\WerSvc.dll
11:32:56.0291 6708 WerSvc - ok
11:32:56.0368 6708 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
11:32:56.0371 6708 WinDefend - ok
11:32:56.0395 6708 WinHttpAutoProxySvc - ok
11:32:56.0454 6708 Winmgmt (00b79a7c984678f24cf052e5beb3a2f5) C:\Windows\system32\wbem\WMIsvc.dll
11:32:56.0457 6708 Winmgmt - ok
11:32:56.0582 6708 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
11:32:56.0599 6708 WinRM - ok
11:32:56.0666 6708 Wlansvc (275f4346e569df56cfb95243bd6f6ff0) C:\Windows\System32\wlansvc.dll
11:32:56.0675 6708 Wlansvc - ok
11:32:56.0787 6708 wlidsvc (5144ae67d60ec653f97ddf3feed29e77) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:32:56.0803 6708 wlidsvc - ok
11:32:56.0938 6708 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys
11:32:56.0938 6708 WmiAcpi - ok
11:32:57.0012 6708 wmiApSrv (aba4cf9f856d9a3a25f4ddd7690a6e9d) C:\Windows\system32\wbem\WmiApSrv.exe
11:32:57.0014 6708 wmiApSrv - ok
11:32:57.0110 6708 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
11:32:57.0121 6708 WMPNetworkSvc - ok
11:32:57.0156 6708 WPCSvc (5d94cd167751294962ba238d82dd1bb8) C:\Windows\System32\wpcsvc.dll
11:32:57.0161 6708 WPCSvc - ok
11:32:57.0180 6708 WPDBusEnum (396d406292b0cd26e3504ffe82784702) C:\Windows\system32\wpdbusenum.dll
11:32:57.0184 6708 WPDBusEnum - ok
11:32:57.0244 6708 WpdUsb (0cec23084b51b8288099eb710224e955) C:\Windows\system32\DRIVERS\wpdusb.sys
11:32:57.0245 6708 WpdUsb - ok
11:32:57.0375 6708 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
11:32:57.0385 6708 WPFFontCache_v0400 - ok
11:32:57.0433 6708 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
11:32:57.0434 6708 ws2ifsl - ok
11:32:57.0496 6708 wscsvc (683dd16b590372f2c9661d277f35e49c) C:\Windows\system32\wscsvc.dll
11:32:57.0502 6708 wscsvc - ok
11:32:57.0512 6708 WSearch - ok
11:32:57.0612 6708 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
11:32:57.0640 6708 wuauserv - ok
11:32:57.0776 6708 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
11:32:57.0778 6708 WUDFRd - ok
11:32:57.0818 6708 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
11:32:57.0822 6708 wudfsvc - ok
11:32:57.0853 6708 MBR (0x1B8) (3f52334f255df9dc66b0111a308bfa16) \Device\Harddisk0\DR0
11:33:00.0621 6708 \Device\Harddisk0\DR0 - ok
11:33:00.0628 6708 Boot (0x1200) (511cc90714189d8c057ba05c206eed02) \Device\Harddisk0\DR0\Partition0
11:33:00.0629 6708 \Device\Harddisk0\DR0\Partition0 - ok
11:33:00.0633 6708 ============================================================
11:33:00.0633 6708 Scan finished
11:33:00.0633 6708 ============================================================
11:33:00.0647 1116 Detected object count: 0
11:33:00.0647 1116 Actual detected object count: 0
11:34:12.0081 3192 ============================================================
11:34:12.0081 3192 Scan started
11:34:12.0081 3192 Mode: Manual; SigCheck; TDLFS;
11:34:12.0081 3192 ============================================================
11:34:12.0366 3192 ACPI (fcb8c7210f0135e24c6580f7f649c73c) C:\Windows\system32\drivers\acpi.sys
11:34:12.0447 3192 ACPI - ok
11:34:12.0569 3192 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
11:34:12.0576 3192 AdobeARMservice - ok
11:34:12.0641 3192 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
11:34:12.0651 3192 AdobeFlashPlayerUpdateSvc - ok
11:34:12.0708 3192 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
11:34:12.0723 3192 adp94xx - ok
11:34:12.0765 3192 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
11:34:12.0777 3192 adpahci - ok
11:34:12.0801 3192 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
11:34:12.0810 3192 adpu160m - ok
11:34:12.0842 3192 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
11:34:12.0852 3192 adpu320 - ok
11:34:12.0899 3192 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
11:34:12.0991 3192 AeLookupSvc - ok
11:34:13.0055 3192 AFD (48eb99503533c27ac6135648e5474457) C:\Windows\system32\drivers\afd.sys
11:34:13.0106 3192 AFD - ok
11:34:13.0139 3192 AgereModemAudio (8ed60797908fd394eee0d6949f493224) C:\Windows\system32\agrsmsvc.exe
11:34:13.0170 3192 AgereModemAudio - ok
11:34:13.0278 3192 AgereSoftModem (baf68dcba949633df0c16d37af2a2351) C:\Windows\system32\DRIVERS\AGRSM.sys
11:34:13.0343 3192 AgereSoftModem - ok
11:34:13.0401 3192 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
11:34:13.0410 3192 agp440 - ok
11:34:13.0446 3192 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
11:34:13.0456 3192 aic78xx - ok
11:34:13.0492 3192 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
11:34:13.0592 3192 ALG - ok
11:34:13.0642 3192 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
11:34:13.0650 3192 aliide - ok
11:34:13.0677 3192 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
11:34:13.0686 3192 amdagp - ok
11:34:13.0713 3192 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
11:34:13.0721 3192 amdide - ok
11:34:13.0744 3192 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
11:34:13.0791 3192 AmdK7 - ok
11:34:13.0819 3192 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
11:34:13.0868 3192 AmdK8 - ok
11:34:13.0910 3192 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
11:34:13.0961 3192 Appinfo - ok
11:34:14.0043 3192 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
11:34:14.0050 3192 arc - ok
11:34:14.0067 3192 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
11:34:14.0074 3192 arcsas - ok
11:34:14.0187 3192 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
11:34:14.0193 3192 aspnet_state - ok
11:34:14.0227 3192 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
11:34:14.0259 3192 AsyncMac - ok
11:34:14.0280 3192 atapi (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys
11:34:14.0286 3192 atapi - ok
11:34:14.0378 3192 AudioEndpointBuilder (42076e29aafa0830a2c5d4e310f58dd1) C:\Windows\System32\Audiosrv.dll
11:34:14.0438 3192 AudioEndpointBuilder - ok
11:34:14.0449 3192 Audiosrv (42076e29aafa0830a2c5d4e310f58dd1) C:\Windows\System32\Audiosrv.dll
11:34:14.0480 3192 Audiosrv - ok
11:34:14.0508 3192 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
11:34:14.0554 3192 Beep - ok
11:34:14.0589 3192 BFE (d3e6d78285529962349a7f1617035938) C:\Windows\System32\bfe.dll
11:34:14.0656 3192 BFE - ok
11:34:14.0710 3192 BITS (02ed7b4dbc2a3232a389106da7515c3d) C:\Windows\system32\qmgr.dll
11:34:14.0810 3192 BITS - ok
11:34:14.0846 3192 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
11:34:14.0880 3192 blbdrive - ok
11:34:14.0923 3192 bowser (8153396d5551276227fa146900f734e6) C:\Windows\system32\DRIVERS\bowser.sys
11:34:14.0965 3192 bowser - ok
11:34:15.0012 3192 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
11:34:15.0050 3192 BrFiltLo - ok
11:34:15.0085 3192 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
11:34:15.0122 3192 BrFiltUp - ok
11:34:15.0155 3192 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
11:34:15.0206 3192 Browser - ok
11:34:15.0248 3192 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
11:34:15.0376 3192 Brserid - ok
11:34:15.0433 3192 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
11:34:15.0503 3192 BrSerWdm - ok
11:34:15.0533 3192 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
11:34:15.0603 3192 BrUsbMdm - ok
11:34:15.0635 3192 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
11:34:15.0710 3192 BrUsbSer - ok
11:34:15.0740 3192 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
11:34:15.0808 3192 BTHMODEM - ok
11:34:15.0877 3192 catchme - ok
11:34:15.0901 3192 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
11:34:15.0928 3192 cdfs - ok
11:34:15.0960 3192 cdrom (1ec25cea0de6ac4718bf89f9e1778b57) C:\Windows\system32\DRIVERS\cdrom.sys
11:34:15.0996 3192 cdrom - ok
11:34:16.0029 3192 CertPropSvc (87c2d0377b23e2d8a41093c2f5fb1a5b) C:\Windows\System32\certprop.dll
11:34:16.0073 3192 CertPropSvc - ok
11:34:16.0101 3192 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
11:34:16.0127 3192 circlass - ok
11:34:16.0161 3192 CLFS (465745561c832b29f7c48b488aab3842) C:\Windows\system32\CLFS.sys
11:34:16.0174 3192 CLFS - ok
11:34:16.0240 3192 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:34:16.0249 3192 clr_optimization_v2.0.50727_32 - ok
11:34:16.0329 3192 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:34:16.0339 3192 clr_optimization_v4.0.30319_32 - ok
11:34:16.0383 3192 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
11:34:16.0391 3192 cmdide - ok
11:34:16.0418 3192 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys
11:34:16.0426 3192 Compbatt - ok
11:34:16.0437 3192 COMSysApp - ok
11:34:16.0465 3192 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
11:34:16.0473 3192 crcdisk - ok
11:34:16.0594 3192 Creative ALchemy AL6 Licensing Service (c8bd651e13895b93ed9ec5b4f1df42bc) C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
11:34:16.0639 3192 Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - warning
11:34:16.0640 3192 Creative ALchemy AL6 Licensing Service - detected UnsignedFile.Multi.Generic (1)
11:34:16.0717 3192 Creative Audio Engine Licensing Service (c0ead9f8ab83d41ff07303c75589c2b8) C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
11:34:16.0739 3192 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - warning
11:34:16.0740 3192 Creative Audio Engine Licensing Service - detected UnsignedFile.Multi.Generic (1)
11:34:16.0794 3192 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
11:34:16.0840 3192 Crusoe - ok
11:34:16.0883 3192 CryptSvc (6de363f9f99334514c46aec02d3e3678) C:\Windows\system32\cryptsvc.dll
11:34:16.0975 3192 CryptSvc - ok
11:34:17.0085 3192 CTAudSvcService (69cdba2b9c397e349a04fa70dd9170a2) C:\Program Files\Creative\Shared Files\CTAudSvc.exe
11:34:17.0100 3192 CTAudSvcService ( UnsignedFile.Multi.Generic ) - warning
11:34:17.0100 3192 CTAudSvcService - detected UnsignedFile.Multi.Generic (1)
11:34:17.0174 3192 DcomLaunch (301ae00e12408650baddc04dbc832830) C:\Windows\system32\rpcss.dll
11:34:17.0222 3192 DcomLaunch - ok
11:34:17.0290 3192 dfmirage (699ef0fd9ae72b7f5ad756e382c73e0e) C:\Windows\system32\DRIVERS\dfmirage.sys
11:34:17.0336 3192 dfmirage - ok
11:34:17.0403 3192 DfsC (a3e9fa213f443ac77c7746119d13feec) C:\Windows\system32\Drivers\dfsc.sys
11:34:17.0428 3192 DfsC - ok
11:34:17.0529 3192 DFSR (fa3463f25f9cc9c3bcf1e7912feff099) C:\Windows\system32\DFSR.exe
11:34:17.0637 3192 DFSR - ok
11:34:17.0755 3192 Dhcp (43a988a9c10333476cb5fb667cbd629d) C:\Windows\System32\dhcpcsvc.dll
11:34:17.0835 3192 Dhcp - ok
11:34:17.0896 3192 disk (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys
11:34:17.0911 3192 disk - ok
11:34:17.0969 3192 Dnscache (4805d9a6d281c7a7defd9094dec6af7d) C:\Windows\System32\dnsrslvr.dll
11:34:18.0015 3192 Dnscache - ok
11:34:18.0064 3192 dot3svc (5af620a08c614e24206b79e8153cf1a8) C:\Windows\System32\dot3svc.dll
11:34:18.0136 3192 dot3svc - ok
11:34:18.0196 3192 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
11:34:18.0254 3192 Dot4 - ok
11:34:18.0290 3192 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
11:34:18.0333 3192 Dot4Print - ok
11:34:18.0362 3192 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
11:34:18.0391 3192 dot4usb - ok
11:34:18.0421 3192 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
11:34:18.0456 3192 DPS - ok
11:34:18.0488 3192 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
11:34:18.0521 3192 drmkaud - ok
11:34:18.0559 3192 DrvAgent32 (651554e483712b708ede864d0ca1aa73) C:\Windows\system32\Drivers\DrvAgent32.sys
11:34:18.0599 3192 DrvAgent32 ( UnsignedFile.Multi.Generic ) - warning
11:34:18.0599 3192 DrvAgent32 - detected UnsignedFile.Multi.Generic (1)
11:34:18.0652 3192 DXGKrnl (85f33880b8cfb554bd3d9ccdb486845a) C:\Windows\System32\drivers\dxgkrnl.sys
11:34:18.0721 3192 DXGKrnl - ok
11:34:18.0767 3192 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
11:34:18.0808 3192 E1G60 - ok
11:34:18.0882 3192 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
11:34:18.0927 3192 EapHost - ok
11:34:18.0967 3192 Ecache (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys
11:34:18.0976 3192 Ecache - ok
11:34:19.0020 3192 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
11:34:19.0036 3192 elxstor - ok
11:34:19.0106 3192 EMDMgmt (70b1a86df0c8ead17d2bc332edae2c7c) C:\Windows\system32\emdmgmt.dll
11:34:19.0162 3192 EMDMgmt - ok
11:34:19.0195 3192 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
11:34:19.0243 3192 ErrDev - ok
11:34:19.0353 3192 ETService (4d06d9a26227ac485305133916888df1) C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe
11:34:19.0377 3192 ETService ( UnsignedFile.Multi.Generic ) - warning
11:34:19.0377 3192 ETService - detected UnsignedFile.Multi.Generic (1)
11:34:19.0431 3192 EventSystem (3cb3343d720168b575133a0a20dc2465) C:\Windows\system32\es.dll
11:34:19.0482 3192 EventSystem - ok
11:34:19.0526 3192 exfat (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys
11:34:19.0569 3192 exfat - ok
11:34:19.0598 3192 fastfat (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys
11:34:19.0643 3192 fastfat - ok
11:34:19.0671 3192 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
11:34:19.0708 3192 fdc - ok
11:34:19.0746 3192 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
11:34:19.0790 3192 fdPHost - ok
11:34:19.0816 3192 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
11:34:19.0877 3192 FDResPub - ok
11:34:19.0906 3192 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
11:34:19.0915 3192 FileInfo - ok
11:34:19.0955 3192 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
11:34:19.0999 3192 Filetrace - ok
11:34:20.0028 3192 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
11:34:20.0074 3192 flpydisk - ok
11:34:20.0112 3192 FltMgr (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys
11:34:20.0123 3192 FltMgr - ok
11:34:20.0184 3192 FontCache3.0.0.0 (c9be08664611ddaf98e2331e9288b00b) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
11:34:20.0191 3192 FontCache3.0.0.0 - ok
11:34:20.0212 3192 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
11:34:20.0260 3192 Fs_Rec - ok
11:34:20.0320 3192 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
11:34:20.0328 3192 gagp30kx - ok
11:34:20.0400 3192 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\Drivers\GEARAspiWDM.sys
11:34:20.0406 3192 GEARAspiWDM - ok
11:34:20.0452 3192 gpsvc (d9f1113d9401185245573350712f92fc) C:\Windows\System32\gpsvc.dll
11:34:20.0529 3192 gpsvc - ok
11:34:20.0560 3192 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
11:34:20.0617 3192 HdAudAddService - ok
11:34:20.0653 3192 HDAudBus (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\DRIVERS\HDAudBus.sys
11:34:20.0693 3192 HDAudBus - ok
11:34:20.0727 3192 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
11:34:20.0800 3192 HidBth - ok
11:34:20.0837 3192 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
11:34:20.0912 3192 HidIr - ok
11:34:20.0950 3192 hidserv (8fa640195279ace21bea91396a0054fc) C:\Windows\System32\hidserv.dll
11:34:21.0023 3192 hidserv - ok
11:34:21.0058 3192 HidUsb (854ca287ab7faf949617a788306d967e) C:\Windows\system32\DRIVERS\hidusb.sys
11:34:21.0104 3192 HidUsb - ok
11:34:21.0140 3192 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
11:34:21.0181 3192 hkmsvc - ok
11:34:21.0210 3192 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
11:34:21.0219 3192 HpCISSs - ok
11:34:21.0354 3192 hpqcxs08 (fcb563b0a23643e5f80b6ff1e60f610f) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
11:34:21.0361 3192 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
11:34:21.0361 3192 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
11:34:21.0383 3192 hpqddsvc (25e443e27165c652723a92d9bdfd4649) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
11:34:21.0417 3192 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
11:34:21.0417 3192 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
11:34:21.0466 3192 HTTP (33b02459e86d0a2b86a6b9fe19139390) C:\Windows\system32\drivers\HTTP.sys
11:34:21.0528 3192 HTTP - ok
11:34:21.0600 3192 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
11:34:21.0608 3192 i2omp - ok
11:34:21.0645 3192 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
11:34:21.0665 3192 i8042prt - ok
11:34:21.0708 3192 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
11:34:21.0721 3192 iaStorV - ok
11:34:21.0852 3192 idsvc (7b630acaed64fef0c3e1cf255cb56686) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:34:21.0927 3192 idsvc - ok
11:34:21.0991 3192 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
11:34:22.0005 3192 iirsp - ok
11:34:22.0082 3192 IKEEXT (68e8c415e102e5d79fd7e4a765b8cba4) C:\Windows\System32\ikeext.dll
11:34:22.0112 3192 IKEEXT - ok
11:34:22.0149 3192 int15 (c6e5276c00ebdeb096bb5ef4b797d1b6) C:\Windows\system32\drivers\int15.sys
11:34:22.0156 3192 int15 - ok
11:34:22.0167 3192 IntcAzAudAddService - ok
11:34:22.0200 3192 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
11:34:22.0207 3192 intelide - ok
11:34:22.0235 3192 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
11:34:22.0271 3192 intelppm - ok
11:34:22.0317 3192 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
11:34:22.0355 3192 IPBusEnum - ok
11:34:22.0416 3192 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:34:22.0459 3192 IpFilterDriver - ok
11:34:22.0529 3192 iphlpsvc (6a35d233693edc29a12742049bc5e37f) C:\Windows\System32\iphlpsvc.dll
11:34:22.0584 3192 iphlpsvc - ok
11:34:22.0596 3192 IpInIp - ok
11:34:22.0629 3192 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
11:34:22.0667 3192 IPMIDRV - ok
11:34:22.0709 3192 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
11:34:22.0766 3192 IPNAT - ok
11:34:22.0800 3192 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
11:34:22.0840 3192 IRENUM - ok
11:34:22.0896 3192 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
11:34:22.0904 3192 isapnp - ok
11:34:22.0938 3192 iScsiPrt (f247eec28317f6c739c16de420097301) C:\Windows\system32\DRIVERS\msiscsi.sys
11:34:22.0948 3192 iScsiPrt - ok
11:34:22.0980 3192 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
11:34:22.0987 3192 iteatapi - ok
11:34:23.0027 3192 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
11:34:23.0033 3192 iteraid - ok
11:34:23.0067 3192 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
11:34:23.0074 3192 kbdclass - ok
11:34:23.0105 3192 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys
11:34:23.0141 3192 kbdhid - ok
11:34:23.0187 3192 KeyIso (a911ecac81f94adeafbe8e3f7873edb0) C:\Windows\system32\lsass.exe
11:34:23.0224 3192 KeyIso - ok
11:34:23.0267 3192 KSecDD (7a0cf7908b6824d6a2a1d313e5ae3dca) C:\Windows\system32\Drivers\ksecdd.sys
11:34:23.0282 3192 KSecDD - ok
11:34:23.0342 3192 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
11:34:23.0371 3192 KtmRm - ok
11:34:23.0439 3192 LanmanServer (1925e63c91cf1610ae41bfd539062079) C:\Windows\System32\srvsvc.dll
11:34:23.0471 3192 LanmanServer - ok
11:34:23.0519 3192 LanmanWorkstation (2ae2e1628c5d3f1c0a46a67c9fa1df15) C:\Windows\System32\wkssvc.dll
11:34:23.0572 3192 LanmanWorkstation - ok
11:34:23.0621 3192 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
11:34:23.0675 3192 lltdio - ok
11:34:23.0749 3192 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
11:34:23.0797 3192 lltdsvc - ok
11:34:23.0823 3192 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
11:34:23.0887 3192 lmhosts - ok
11:34:23.0929 3192 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
11:34:23.0939 3192 LSI_FC - ok
11:34:23.0972 3192 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
11:34:23.0982 3192 LSI_SAS - ok
11:34:24.0035 3192 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
11:34:24.0044 3192 LSI_SCSI - ok
11:34:24.0080 3192 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
11:34:24.0107 3192 luafv - ok
11:34:24.0142 3192 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
11:34:24.0150 3192 megasas - ok
11:34:24.0263 3192 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
11:34:24.0280 3192 MegaSR - ok
11:34:24.0328 3192 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
11:34:24.0361 3192 MMCSS - ok
11:34:24.0385 3192 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
11:34:24.0406 3192 Modem - ok
11:34:24.0439 3192 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
11:34:24.0475 3192 monitor - ok
11:34:24.0501 3192 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
11:34:24.0509 3192 mouclass - ok
11:34:24.0529 3192 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
11:34:24.0549 3192 mouhid - ok
11:34:24.0566 3192 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
11:34:24.0573 3192 MountMgr - ok
11:34:24.0607 3192 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
11:34:24.0615 3192 mpio - ok
11:34:24.0657 3192 MpNWMon (2c3489660d4a8d514c123c3f0d67df46) C:\Windows\system32\DRIVERS\MpNWMon.sys
11:34:24.0663 3192 MpNWMon - ok
11:34:24.0697 3192 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
11:34:24.0715 3192 mpsdrv - ok
11:34:24.0755 3192 MpsSvc (d1639ba315b0d79dec49a4b0e1fb929b) C:\Windows\system32\mpssvc.dll
11:34:24.0804 3192 MpsSvc - ok
11:34:24.0835 3192 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
11:34:24.0842 3192 Mraid35x - ok
11:34:24.0873 3192 MRxDAV (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys
11:34:24.0912 3192 MRxDAV - ok
11:34:24.0974 3192 mrxsmb (5734a0f2be7e495f7d3ed6efd4b9f5a1) C:\Windows\system32\DRIVERS\mrxsmb.sys
11:34:25.0010 3192 mrxsmb - ok
11:34:25.0063 3192 mrxsmb10 (6b5fa5adfacac9dbbe0991f4566d7d55) C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:34:25.0081 3192 mrxsmb10 - ok
11:34:25.0102 3192 mrxsmb20 (5c80d8159181c7abf1b14ba703b01e0b) C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:34:25.0112 3192 mrxsmb20 - ok
11:34:25.0150 3192 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
11:34:25.0158 3192 msahci - ok
11:34:25.0192 3192 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
11:34:25.0201 3192 msdsm - ok
11:34:25.0254 3192 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
11:34:25.0297 3192 MSDTC - ok
11:34:25.0339 3192 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
11:34:25.0385 3192 Msfs - ok
11:34:25.0410 3192 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
11:34:25.0418 3192 msisadrv - ok
11:34:25.0458 3192 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
11:34:25.0508 3192 MSiSCSI - ok
11:34:25.0540 3192 msiserver - ok
11:34:25.0594 3192 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
11:34:25.0652 3192 MSKSSRV - ok
11:34:25.0685 3192 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
11:34:25.0718 3192 MSPCLOCK - ok
11:34:25.0728 3192 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
11:34:25.0755 3192 MSPQM - ok
11:34:25.0783 3192 MsRPC (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys
11:34:25.0792 3192 MsRPC - ok
11:34:25.0818 3192 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
11:34:25.0826 3192 mssmbios - ok
11:34:25.0856 3192 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
11:34:25.0887 3192 MSTEE - ok
11:34:25.0922 3192 msvad_simple (00c7b2306f1ca5389a1ac6d1df9c2e25) C:\Windows\system32\drivers\povrtdev.sys
11:34:25.0927 3192 msvad_simple - ok
11:34:25.0948 3192 Mup (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys
11:34:25.0954 3192 Mup - ok
11:34:25.0994 3192 napagent (c43b25863fbd65b6d2a142af3ae320ca) C:\Windows\system32\qagentRT.dll
11:34:26.0034 3192 napagent - ok
11:34:26.0076 3192 NativeWifiP (3c21ce48ff529bb73dadb98770b54025) C:\Windows\system32\DRIVERS\nwifi.sys
11:34:26.0103 3192 NativeWifiP - ok
11:34:26.0150 3192 NDIS (9bdc71790fa08f0a0b5f10462b1bd0b1) C:\Windows\system32\drivers\ndis.sys
11:34:26.0167 3192 NDIS - ok
11:34:26.0190 3192 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
11:34:26.0206 3192 NdisTapi - ok
11:34:26.0229 3192 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
11:34:26.0251 3192 Ndisuio - ok
11:34:26.0274 3192 NdisWan (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys
11:34:26.0321 3192 NdisWan - ok
11:34:26.0356 3192 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
11:34:26.0386 3192 NDProxy - ok
11:34:26.0428 3192 Net Driver HPZ12 (51c6d8bfbd4ea5b62a1ba7f4469250d3) C:\Windows\system32\HPZinw12.dll
11:34:26.0432 3192 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
11:34:26.0433 3192 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
11:34:26.0466 3192 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
11:34:26.0491 3192 NetBIOS - ok
11:34:26.0512 3192 netbt (7c5fee5b1c5728507cd96fb4a13e7a02) C:\Windows\system32\DRIVERS\netbt.sys
11:34:26.0554 3192 netbt - ok
11:34:26.0603 3192 Netlogon (a911ecac81f94adeafbe8e3f7873edb0) C:\Windows\system32\lsass.exe
11:34:26.0615 3192 Netlogon - ok
11:34:26.0655 3192 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
11:34:26.0687 3192 Netman - ok
11:34:26.0781 3192 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:34:26.0790 3192 NetMsmqActivator - ok
11:34:26.0834 3192 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:34:26.0850 3192 NetPipeActivator - ok
11:34:26.0915 3192 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
11:34:26.0960 3192 netprofm - ok
11:34:26.0976 3192 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:34:26.0987 3192 NetTcpActivator - ok
11:34:26.0997 3192 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:34:27.0009 3192 NetTcpPortSharing - ok
11:34:27.0067 3192 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
11:34:27.0075 3192 nfrd960 - ok
11:34:27.0122 3192 NisDrv (7b01c6172cfd0b10116175e09200d4b4) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
11:34:27.0129 3192 NisDrv - ok
11:34:27.0203 3192 NisSrv (a5cb074f34bbd89948e34a630d459c0c) c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
11:34:27.0217 3192 NisSrv - ok
11:34:27.0261 3192 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
11:34:27.0305 3192 NlaSvc - ok
11:34:27.0331 3192 Npfs (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys
11:34:27.0376 3192 Npfs - ok
11:34:27.0407 3192 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
11:34:27.0457 3192 nsi - ok
11:34:27.0487 3192 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
11:34:27.0513 3192 nsiproxy - ok
11:34:27.0588 3192 Ntfs (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys
11:34:27.0622 3192 Ntfs - ok
11:34:27.0652 3192 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
11:34:27.0708 3192 ntrigdigi - ok
11:34:27.0746 3192 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
11:34:27.0791 3192 Null - ok
11:34:27.0841 3192 NVENETFD (1efec38a852ab35883bfff3427b92b3f) C:\Windows\system32\DRIVERS\nvmfdx32.sys
11:34:27.0854 3192 NVENETFD - ok
11:34:28.0289 3192 nvlddmkm (afb33a823aabc112fc7bd62afbcdb0cd) C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:34:28.0627 3192 nvlddmkm - ok
11:34:28.0766 3192 NVNET (1efec38a852ab35883bfff3427b92b3f) C:\Windows\system32\DRIVERS\nvmfdx32.sys
11:34:28.0777 3192 NVNET - ok
11:34:28.0815 3192 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
11:34:28.0824 3192 nvraid - ok
11:34:28.0849 3192 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
11:34:28.0857 3192 nvstor - ok
11:34:28.0907 3192 nvstor32 (8ee374b6fb3cb2bb8d70395218b464a5) C:\Windows\system32\DRIVERS\nvstor32.sys
11:34:28.0915 3192 nvstor32 - ok
11:34:28.0987 3192 nvsvc (782945716ad010ac3d41758e8e52c735) C:\Windows\system32\nvvsvc.exe
11:34:29.0011 3192 nvsvc - ok
11:34:29.0151 3192 nvUpdatusService (a974e5c310b9b00894070ceb055d467f) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
11:34:29.0189 3192 nvUpdatusService - ok
11:34:29.0325 3192 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
11:34:29.0335 3192 nv_agp - ok
11:34:29.0349 3192 NwlnkFlt - ok
11:34:29.0361 3192 NwlnkFwd - ok
11:34:29.0465 3192 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
11:34:29.0482 3192 odserv - ok
11:34:29.0522 3192 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
11:34:29.0591 3192 ohci1394 - ok
11:34:29.0645 3192 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:34:29.0654 3192 ose - ok
11:34:29.0752 3192 P17 (f2519d547a6ac2afe0df0dc826a085a7) C:\Windows\system32\drivers\P17.sys
11:34:29.0833 3192 P17 - ok
11:34:29.0883 3192 p2pimsvc (5de1a3972fd3112c75eb17bdcf454169) C:\Windows\system32\p2psvc.dll
11:34:29.0936 3192 p2pimsvc - ok
11:34:29.0953 3192 p2psvc (5de1a3972fd3112c75eb17bdcf454169) C:\Windows\system32\p2psvc.dll
11:34:29.0978 3192 p2psvc - ok
11:34:30.0053 3192 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
11:34:30.0105 3192 Parport - ok
11:34:30.0142 3192 partmgr (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys
11:34:30.0151 3192 partmgr - ok
11:34:30.0184 3192 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
11:34:30.0237 3192 Parvdm - ok
11:34:30.0283 3192 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
11:34:30.0311 3192 PcaSvc - ok
11:34:30.0338 3192 pci (01b94418deb235dff777cc80076354b4) C:\Windows\system32\drivers\pci.sys
11:34:30.0348 3192 pci - ok
11:34:30.0369 3192 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
11:34:30.0377 3192 pciide - ok
11:34:30.0420 3192 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
11:34:30.0431 3192 pcmcia - ok
11:34:30.0490 3192 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
11:34:30.0563 3192 PEAUTH - ok
11:34:30.0657 3192 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
11:34:30.0733 3192 pla - ok
11:34:30.0848 3192 PlugPlay (78f975cb6d18265be6f492edb2d7bc7b) C:\Windows\system32\umpnpmgr.dll
11:34:30.0875 3192 PlugPlay - ok
11:34:30.0914 3192 Pml Driver HPZ12 (79834aa2fbf9fe81eebb229024f6f7fc) C:\Windows\system32\HPZipm12.dll
11:34:30.0936 3192 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
11:34:30.0936 3192 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
11:34:30.0998 3192 PNRPAutoReg (5de1a3972fd3112c75eb17bdcf454169) C:\Windows\system32\p2psvc.dll
11:34:31.0019 3192 PNRPAutoReg - ok
11:34:31.0033 3192 PNRPsvc (5de1a3972fd3112c75eb17bdcf454169) C:\Windows\system32\p2psvc.dll
11:34:31.0055 3192 PNRPsvc - ok
11:34:31.0113 3192 PolicyAgent (47b8f37aa18b74d8c2e1bc1a7a2c8f8a) C:\Windows\System32\ipsecsvc.dll
11:34:31.0142 3192 PolicyAgent - ok
11:34:31.0195 3192 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
11:34:31.0233 3192 PptpMiniport - ok
11:34:31.0267 3192 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
11:34:31.0324 3192 Processor - ok
11:34:31.0373 3192 ProfSvc (b627e4fc8585e8843c5905d4d3587a90) C:\Windows\system32\profsvc.dll
11:34:31.0400 3192 ProfSvc - ok
11:34:31.0435 3192 ProtectedStorage (a911ecac81f94adeafbe8e3f7873edb0) C:\Windows\system32\lsass.exe
11:34:31.0445 3192 ProtectedStorage - ok
11:34:31.0495 3192 PSched (bfef604508a0ed1eae2a73e872555ffb) C:\Windows\system32\DRIVERS\pacer.sys
11:34:31.0519 3192 PSched - ok
11:34:31.0601 3192 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
11:34:31.0634 3192 ql2300 - ok
11:34:31.0673 3192 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
11:34:31.0680 3192 ql40xx - ok
11:34:31.0720 3192 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
11:34:31.0757 3192 QWAVE - ok
11:34:31.0786 3192 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
11:34:31.0813 3192 QWAVEdrv - ok
11:34:31.0848 3192 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
11:34:31.0890 3192 RasAcd - ok
11:34:31.0918 3192 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
11:34:31.0943 3192 RasAuto - ok
11:34:31.0959 3192 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
11:34:31.0985 3192 Rasl2tp - ok
11:34:32.0026 3192 RasMan (6e7c284fc5c4ec07ad164d93810385a6) C:\Windows\System32\rasmans.dll
11:34:32.0078 3192 RasMan - ok
11:34:32.0108 3192 RasPppoe (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys
11:34:32.0150 3192 RasPppoe - ok
11:34:32.0189 3192 RasSstp (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys
11:34:32.0234 3192 RasSstp - ok
11:34:32.0273 3192 rdbss (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys
11:34:32.0312 3192 rdbss - ok
11:34:32.0364 3192 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
11:34:32.0402 3192 RDPCDD - ok
11:34:32.0441 3192 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
11:34:32.0464 3192 rdpdr - ok
11:34:32.0486 3192 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
11:34:32.0530 3192 RDPENCDD - ok
11:34:32.0567 3192 RDPWD (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys
11:34:32.0591 3192 RDPWD - ok
11:34:32.0633 3192 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
11:34:32.0656 3192 RemoteAccess - ok
11:34:32.0692 3192 RemoteRegistry (cc4e32400f3c7253400cf8f3f3a0b676) C:\Windows\system32\regsvc.dll
11:34:32.0718 3192 RemoteRegistry - ok
11:34:32.0732 3192 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
11:34:32.0762 3192 RpcLocator - ok
11:34:32.0821 3192 RpcSs (301ae00e12408650baddc04dbc832830) C:\Windows\System32\rpcss.dll
11:34:32.0840 3192 RpcSs - ok
11:34:32.0876 3192 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
11:34:32.0918 3192 rspndr - ok
11:34:32.0960 3192 SamSs (a911ecac81f94adeafbe8e3f7873edb0) C:\Windows\system32\lsass.exe
11:34:32.0973 3192 SamSs - ok
11:34:33.0009 3192 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
11:34:33.0017 3192 sbp2port - ok
11:34:33.0063 3192 SCardSvr (11387e32642269c7e62e8b52c060b3c6) C:\Windows\System32\SCardSvr.dll
11:34:33.0129 3192 SCardSvr - ok
11:34:33.0196 3192 Schedule (7b587b8a6d4a99f79d2902d0385f29bd) C:\Windows\system32\schedsvc.dll
11:34:33.0232 3192 Schedule - ok
11:34:33.0268 3192 SCPolicySvc (87c2d0377b23e2d8a41093c2f5fb1a5b) C:\Windows\System32\certprop.dll
11:34:33.0294 3192 SCPolicySvc - ok
11:34:33.0313 3192 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
11:34:33.0358 3192 SDRSVC - ok
11:34:33.0388 3192 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
11:34:33.0467 3192 secdrv - ok
11:34:33.0518 3192 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
11:34:33.0559 3192 seclogon - ok
11:34:33.0592 3192 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\system32\sens.dll
11:34:33.0621 3192 SENS - ok
11:34:33.0657 3192 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
11:34:33.0733 3192 Serenum - ok
11:34:33.0781 3192 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
11:34:33.0833 3192 Serial - ok
11:34:33.0861 3192 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
11:34:33.0887 3192 sermouse - ok
11:34:33.0947 3192 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
11:34:33.0999 3192 SessionEnv - ok
11:34:34.0030 3192 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
11:34:34.0064 3192 sffdisk - ok
11:34:34.0097 3192 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
11:34:34.0123 3192 sffp_mmc - ok
11:34:34.0186 3192 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
11:34:34.0232 3192 sffp_sd - ok
11:34:34.0256 3192 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
11:34:34.0322 3192 sfloppy - ok
11:34:34.0374 3192 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
11:34:34.0424 3192 SharedAccess - ok
11:34:34.0475 3192 ShellHWDetection (1e3fdb80e40a3ce645f229dfbdfb7694) C:\Windows\System32\shsvcs.dll
11:34:34.0515 3192 ShellHWDetection - ok
11:34:34.0572 3192 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
11:34:34.0581 3192 sisagp - ok
11:34:34.0608 3192 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
11:34:34.0616 3192 SiSRaid2 - ok
11:34:34.0636 3192 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
11:34:34.0645 3192 SiSRaid4 - ok
11:34:34.0773 3192 slsvc (0ba91e1358ad25236863039bb2609a2e) C:\Windows\system32\SLsvc.exe
11:34:34.0900 3192 slsvc - ok
11:34:35.0018 3192 SLUINotify (7c6dc44ca0bfa6291629ab764200d1d4) C:\Windows\system32\SLUINotify.dll
11:34:35.0048 3192 SLUINotify - ok
11:34:35.0091 3192 SmartDefragDriver - ok
11:34:35.0120 3192 Smb (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys
11:34:35.0158 3192 Smb - ok
11:34:35.0197 3192 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
11:34:35.0210 3192 SNMPTRAP - ok
11:34:35.0233 3192 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
11:34:35.0241 3192 spldr - ok
11:34:35.0300 3192 Spooler (3665f79026a3f91fbca63f2c65a09b19) C:\Windows\System32\spoolsv.exe
11:34:35.0353 3192 Spooler - ok
11:34:35.0406 3192 srv (2252aef839b1093d16761189f45af885) C:\Windows\system32\DRIVERS\srv.sys
11:34:35.0435 3192 srv - ok
11:34:35.0482 3192 srv2 (b7ff59408034119476b00a81bb53d5d1) C:\Windows\system32\DRIVERS\srv2.sys
11:34:35.0511 3192 srv2 - ok
11:34:35.0546 3192 srvnet (2accc9b12af02030f531e6cca6f8b76e) C:\Windows\system32\DRIVERS\srvnet.sys
11:34:35.0577 3192 srvnet - ok
11:34:35.0626 3192 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
11:34:35.0658 3192 SSDPSRV - ok
11:34:35.0690 3192 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
11:34:35.0721 3192 SstpSvc - ok
11:34:35.0795 3192 Steam Client Service - ok
11:34:35.0831 3192 stisvc (7dd08a597bc56051f320da0baf69e389) C:\Windows\System32\wiaservc.dll
11:34:35.0858 3192 stisvc - ok
11:34:35.0893 3192 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
11:34:35.0902 3192 swenum - ok
11:34:35.0938 3192 swprv (b36c7cdb86f7f7a8e884479219766950) C:\Windows\System32\swprv.dll
11:34:35.0982 3192 swprv - ok
11:34:36.0041 3192 sxuptp (86083b04dc2b90397f4b47add6eaa407) C:\Windows\system32\DRIVERS\sxuptp.sys
11:34:36.0052 3192 sxuptp - ok
11:34:36.0083 3192 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
11:34:36.0091 3192 Symc8xx - ok
11:34:36.0140 3192 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
11:34:36.0154 3192 Sym_hi - ok
11:34:36.0199 3192 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
11:34:36.0214 3192 Sym_u3 - ok
11:34:36.0285 3192 SysMain (8710a92d0024b03b5fb9540df1f71f1d) C:\Windows\system32\sysmain.dll
11:34:36.0374 3192 SysMain - ok
11:34:36.0451 3192 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
11:34:36.0499 3192 TabletInputService - ok
11:34:36.0547 3192 TapiSrv (680916bb09ee0f3a6aca7c274b0d633f) C:\Windows\System32\tapisrv.dll
11:34:36.0626 3192 TapiSrv - ok
11:34:36.0667 3192 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
11:34:36.0706 3192 TBS - ok
11:34:36.0759 3192 Tcpip (6216a954ed7045b62880a92d6c9b9fc7) C:\Windows\system32\drivers\tcpip.sys
11:34:36.0783 3192 Tcpip - ok
11:34:36.0801 3192 Tcpip6 (6216a954ed7045b62880a92d6c9b9fc7) C:\Windows\system32\DRIVERS\tcpip.sys
11:34:36.0845 3192 Tcpip6 - ok
11:34:36.0905 3192 tcpipreg (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys
11:34:36.0943 3192 tcpipreg - ok
11:34:36.0971 3192 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
11:34:37.0019 3192 TDPIPE - ok
11:34:37.0051 3192 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
11:34:37.0074 3192 TDTCP - ok
11:34:37.0112 3192 tdx (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys
11:34:37.0146 3192 tdx - ok
11:34:37.0172 3192 TermDD (a048056f5e1a96a9bf3071b91741a5aa) C:\Windows\system32\DRIVERS\termdd.sys
11:34:37.0180 3192 TermDD - ok
11:34:37.0226 3192 TermService (d605031e225aaccbceb5b76a4f1603a6) C:\Windows\System32\termsrv.dll
11:34:37.0258 3192 TermService - ok
11:34:37.0316 3192 Themes (1e3fdb80e40a3ce645f229dfbdfb7694) C:\Windows\system32\shsvcs.dll
11:34:37.0332 3192 Themes - ok
11:34:37.0359 3192 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
11:34:37.0386 3192 THREADORDER - ok
11:34:37.0426 3192 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
11:34:37.0454 3192 TrkWks - ok
11:34:37.0553 3192 TrustedInstaller (16613a1bad034d4ecf957af18b7c2ff5) C:\Windows\servicing\TrustedInstaller.exe
11:34:37.0591 3192 TrustedInstaller - ok
11:34:37.0641 3192 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
11:34:37.0668 3192 tssecsrv - ok
11:34:37.0707 3192 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
11:34:37.0756 3192 tunmp - ok
11:34:37.0796 3192 tunnel (6042505ff6fa9ac1ef7684d0e03b6940) C:\Windows\system32\DRIVERS\tunnel.sys
11:34:37.0825 3192 tunnel - ok
11:34:37.0853 3192 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
11:34:37.0862 3192 uagp35 - ok
11:34:37.0920 3192 udfs (8b5088058fa1d1cd897a2113ccff6c58) C:\Windows\system32\DRIVERS\udfs.sys
11:34:37.0949 3192 udfs - ok
11:34:37.0994 3192 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
11:34:38.0026 3192 UI0Detect - ok
11:34:38.0058 3192 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
11:34:38.0067 3192 uliagpkx - ok
11:34:38.0101 3192 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
11:34:38.0113 3192 uliahci - ok
11:34:38.0144 3192 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
11:34:38.0153 3192 UlSata - ok
11:34:38.0176 3192 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
11:34:38.0185 3192 ulsata2 - ok
11:34:38.0217 3192 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
11:34:38.0239 3192 umbus - ok
11:34:38.0264 3192 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
11:34:38.0290 3192 upnphost - ok
11:34:38.0321 3192 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
11:34:38.0339 3192 usbccgp - ok
11:34:38.0369 3192 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
11:34:38.0428 3192 usbcir - ok
11:34:38.0465 3192 usbehci (cebe90821810e76320155beba722fcf9) C:\Windows\system32\DRIVERS\usbehci.sys
11:34:38.0486 3192 usbehci - ok
11:34:38.0509 3192 usbhub (cc6b28e4ce39951357963119ce47b143) C:\Windows\system32\DRIVERS\usbhub.sys
11:34:38.0550 3192 usbhub - ok
11:34:38.0574 3192 usbohci (7bdb7b0e7d45ac0402d78b90789ef47c) C:\Windows\system32\DRIVERS\usbohci.sys
11:34:38.0596 3192 usbohci - ok
11:34:38.0626 3192 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
11:34:38.0661 3192 usbprint - ok
11:34:38.0699 3192 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
11:34:38.0729 3192 usbscan - ok
11:34:38.0764 3192 USBSTOR (87ba6b83c5d19b69160968d07d6e2982) C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:34:38.0787 3192 USBSTOR - ok
11:34:38.0820 3192 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
11:34:38.0837 3192 usbuhci - ok
11:34:38.0875 3192 UxSms (032a0acc3909ae7215d524e29d536797) C:\Windows\System32\uxsms.dll
11:34:38.0901 3192 UxSms - ok
11:34:38.0935 3192 vds (b13bc395b9d6116628f5af47e0802ac4) C:\Windows\System32\vds.exe
11:34:38.0990 3192 vds - ok
11:34:39.0021 3192 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
11:34:39.0062 3192 vga - ok
11:34:39.0089 3192 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
11:34:39.0137 3192 VgaSave - ok
11:34:39.0183 3192 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
11:34:39.0192 3192 viaagp - ok
11:34:39.0226 3192 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
11:34:39.0265 3192 ViaC7 - ok
11:34:39.0299 3192 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
11:34:39.0307 3192 viaide - ok
11:34:39.0343 3192 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
11:34:39.0351 3192 volmgr - ok
11:34:39.0383 3192 volmgrx (98f5ffe6316bd74e9e2c97206c190196) C:\Windows\system32\drivers\volmgrx.sys
11:34:39.0396 3192 volmgrx - ok
11:34:39.0425 3192 volsnap (d8b4a53dd2769f226b3eb374374987c9) C:\Windows\system32\drivers\volsnap.sys
11:34:39.0439 3192 volsnap - ok
11:34:39.0488 3192 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
11:34:39.0498 3192 vsmraid - ok
11:34:39.0575 3192 VSS (d5fb73d19c46ade183f968e13f186b23) C:\Windows\system32\vssvc.exe
11:34:39.0649 3192 VSS - ok
11:34:39.0687 3192 W32Time (1cf9206966a8458cda9a8b20df8ab7d3) C:\Windows\system32\w32time.dll
11:34:39.0721 3192 W32Time - ok
11:34:39.0785 3192 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
11:34:39.0839 3192 WacomPen - ok
11:34:39.0875 3192 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
11:34:39.0915 3192 Wanarp - ok
11:34:39.0925 3192 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
11:34:39.0947 3192 Wanarpv6 - ok
11:34:40.0006 3192 wcncsvc (f3a5c2e1a6533192b070d06ecf6be796) C:\Windows\System32\wcncsvc.dll
11:34:40.0043 3192 wcncsvc - ok
11:34:40.0068 3192 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
11:34:40.0115 3192 WcsPlugInService - ok
11:34:40.0165 3192 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
11:34:40.0173 3192 Wd - ok
11:34:40.0224 3192 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
11:34:40.0249 3192 Wdf01000 - ok
11:34:40.0278 3192 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
11:34:40.0324 3192 WdiServiceHost - ok
11:34:40.0337 3192 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
11:34:40.0368 3192 WdiSystemHost - ok
11:34:40.0402 3192 WebClient (cf9a5f41789b642db967021de06a2713) C:\Windows\System32\webclnt.dll
11:34:40.0433 3192 WebClient - ok
11:34:40.0490 3192 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
11:34:40.0526 3192 Wecsvc - ok
11:34:40.0553 3192 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
11:34:40.0587 3192 wercplsupport - ok
11:34:40.0640 3192 WerSvc (fd1965aaa112c6818a30ab02742d0461) C:\Windows\System32\WerSvc.dll
11:34:40.0691 3192 WerSvc - ok
11:34:40.0789 3192 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
11:34:40.0812 3192 WinDefend - ok
11:34:40.0911 3192 WinHttpAutoProxySvc - ok
11:34:40.0975 3192 Winmgmt (00b79a7c984678f24cf052e5beb3a2f5) C:\Windows\system32\wbem\WMIsvc.dll
11:34:41.0016 3192 Winmgmt - ok
11:34:41.0090 3192 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
11:34:41.0200 3192 WinRM - ok
11:34:41.0316 3192 Wlansvc (275f4346e569df56cfb95243bd6f6ff0) C:\Windows\System32\wlansvc.dll
11:34:41.0381 3192 Wlansvc - ok
11:34:41.0490 3192 wlidsvc (5144ae67d60ec653f97ddf3feed29e77) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:34:41.0537 3192 wlidsvc - ok
11:34:41.0657 3192 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys
11:34:41.0697 3192 WmiAcpi - ok
11:34:41.0764 3192 wmiApSrv (aba4cf9f856d9a3a25f4ddd7690a6e9d) C:\Windows\system32\wbem\WmiApSrv.exe
11:34:41.0790 3192 wmiApSrv - ok
11:34:41.0899 3192 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
11:34:41.0978 3192 WMPNetworkSvc - ok
11:34:42.0068 3192 WPCSvc (5d94cd167751294962ba238d82dd1bb8) C:\Windows\System32\wpcsvc.dll
11:34:42.0100 3192 WPCSvc - ok
11:34:42.0125 3192 WPDBusEnum (396d406292b0cd26e3504ffe82784702) C:\Windows\system32\wpdbusenum.dll
11:34:42.0181 3192 WPDBusEnum - ok
11:34:42.0247 3192 WpdUsb (0cec23084b51b8288099eb710224e955) C:\Windows\system32\DRIVERS\wpdusb.sys
11:34:42.0267 3192 WpdUsb - ok
11:34:42.0424 3192 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
11:34:42.0465 3192 WPFFontCache_v0400 - ok
11:34:42.0519 3192 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
11:34:42.0560 3192 ws2ifsl - ok
11:34:42.0616 3192 wscsvc (683dd16b590372f2c9661d277f35e49c) C:\Windows\system32\wscsvc.dll
11:34:42.0648 3192 wscsvc - ok
11:34:42.0658 3192 WSearch - ok
11:34:42.0784 3192 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
11:34:42.0835 3192 wuauserv - ok
11:34:42.0970 3192 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
11:34:42.0994 3192 WUDFRd - ok
11:34:43.0037 3192 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
11:34:43.0076 3192 wudfsvc - ok
11:34:43.0114 3192 MBR (0x1B8) (3f52334f255df9dc66b0111a308bfa16) \Device\Harddisk0\DR0
11:34:46.0096 3192 \Device\Harddisk0\DR0 - ok
11:34:46.0104 3192 Boot (0x1200) (511cc90714189d8c057ba05c206eed02) \Device\Harddisk0\DR0\Partition0
11:34:46.0105 3192 \Device\Harddisk0\DR0\Partition0 - ok
11:34:46.0109 3192 ============================================================
11:34:46.0109 3192 Scan finished
11:34:46.0109 3192 ============================================================
11:34:46.0124 2760 Detected object count: 9
11:34:46.0124 2760 Actual detected object count: 9
11:35:52.0023 2760 Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
11:35:52.0023 2760 Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:35:52.0029 2760 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
11:35:52.0029 2760 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:35:52.0034 2760 CTAudSvcService ( UnsignedFile.Multi.Generic ) - skipped by user
11:35:52.0035 2760 CTAudSvcService ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:35:52.0043 2760 DrvAgent32 ( UnsignedFile.Multi.Generic ) - skipped by user
11:35:52.0043 2760 DrvAgent32 ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:35:52.0049 2760 ETService ( UnsignedFile.Multi.Generic ) - skipped by user
11:35:52.0049 2760 ETService ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:35:52.0057 2760 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
11:35:52.0057 2760 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:35:52.0063 2760 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
11:35:52.0063 2760 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:35:52.0071 2760 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
11:35:52.0071 2760 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:35:52.0077 2760 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
11:35:52.0077 2760 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
  • 0

#9
Tigersmoondiva

Tigersmoondiva

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.07.03.05

Windows Vista Service Pack 1 x86 NTFS
Internet Explorer 7.0.6001.18000
fred :: FRED-PC [administrator]

7/3/2012 11:40:34 AM
mbam-log-2012-07-03 (11-40-34).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 232767
Time elapsed: 6 minute(s), 5 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
  • 0

#10
Tigersmoondiva

Tigersmoondiva

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
OTL logfile created on: 7/3/2012 11:48:55 AM - Run 2
OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\fred\Desktop
Windows Vista Home Basic Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.87 Gb Total Physical Memory | 0.9e.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 139.05 Gb Total Space | 42.51 Gb Free Space | 30.57% Space Free | Partition Type: NTFS

Computer Name: FRED-PC | User Name: fred | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/07/02 16:25:09 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\fred\Desktop\OTL.exe
PRC - [2008/10/29 01:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2012/06/28 05:28:56 | 000,438,296 | ---- | M] () -- C:\Users\fred\AppData\Local\Google\Chrome\Application\20.0.1132.47\ppgooglenaclpluginchrome.dll
MOD - [2012/06/28 05:28:54 | 003,972,120 | ---- | M] () -- C:\Users\fred\AppData\Local\Google\Chrome\Application\20.0.1132.47\pdf.dll
MOD - [2012/06/28 05:27:40 | 000,554,520 | ---- | M] () -- C:\Users\fred\AppData\Local\Google\Chrome\Application\20.0.1132.47\libglesv2.dll
MOD - [2012/06/28 05:27:38 | 000,117,784 | ---- | M] () -- C:\Users\fred\AppData\Local\Google\Chrome\Application\20.0.1132.47\libegl.dll
MOD - [2012/06/28 05:27:29 | 000,140,328 | ---- | M] () -- C:\Users\fred\AppData\Local\Google\Chrome\Application\20.0.1132.47\avutil-51.dll
MOD - [2012/06/28 05:27:28 | 000,262,184 | ---- | M] () -- C:\Users\fred\AppData\Local\Google\Chrome\Application\20.0.1132.47\avformat-54.dll
MOD - [2012/06/28 05:27:26 | 002,386,984 | ---- | M] () -- C:\Users\fred\AppData\Local\Google\Chrome\Application\20.0.1132.47\avcodec-54.dll
MOD - [2010/07/04 16:32:38 | 000,010,752 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerCOM.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (osppsvc)
SRV - File not found [Auto | Stopped] -- -- (AMPingService)
SRV - [2012/06/03 21:18:05 | 000,529,232 | ---- | M] (Valve Corporation) [Disabled | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/05/15 05:26:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/05/04 15:28:10 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/04/04 00:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/03/07 15:32:23 | 000,079,360 | ---- | M] (Creative Labs) [Disabled | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2012/03/04 08:10:55 | 000,079,360 | ---- | M] (Creative Labs) [Disabled | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2011/04/27 15:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV - [2008/11/18 14:15:30 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Disabled | Stopped] -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2008/07/22 21:14:28 | 000,012,800 | ---- | M] (Agere Systems) [Disabled | Stopped] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2008/06/11 13:18:30 | 000,024,576 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe -- (ETService)
SRV - [2008/01/20 21:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | Boot | Stopped] -- -- (SmartDefragDriver)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\ComboFix\mbr.sys -- (mbr)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\Users\fred\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\Users\fred\AppData\Local\Temp\aswMBR.sys -- (aswMBR)
DRV - [2012/06/09 10:45:20 | 000,023,456 | ---- | M] (Phoenix Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\DrvAgent32.sys -- (DrvAgent32)
DRV - [2012/05/15 05:26:00 | 011,354,944 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2011/04/27 15:25:24 | 000,065,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2011/04/18 13:18:50 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2010/08/12 12:07:50 | 000,292,712 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVNET)
DRV - [2010/08/12 12:07:50 | 000,292,712 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2010/03/10 16:56:21 | 000,247,320 | ---- | M] (silex technology, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\sxuptp.sys -- (sxuptp)
DRV - [2010/02/24 14:11:40 | 000,023,920 | ---- | M] (MediaMall Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\povrtdev.sys -- (msvad_simple)
DRV - [2009/10/16 03:11:56 | 001,168,896 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\P17.sys -- (P17)
DRV - [2009/03/28 08:38:00 | 000,034,128 | ---- | M] (DemoForge, LLC) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dfmirage.sys -- (dfmirage)
DRV - [2008/08/18 19:58:00 | 000,145,952 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2008/07/22 21:14:24 | 001,203,808 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2008/06/11 13:13:24 | 000,015,392 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\int15.sys -- (int15)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...ng}&rlz=1I7ACEW

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/?ref=hp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 2
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...&rlz=1I7GGLL_en
IE - HKCU\..\SearchScopes\{76E9350E-0392-9C19-F83A-99BC015260AF}: "URL" = http://www.bing.com/...039&form=ZGAIDF
IE - HKCU\..\SearchScopes\Yahoo!: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@comrade.gamespy.com/comrade: C:\Program Files\GameSpy\Comrade\npcomrade.dll (IGN Entertainment)
FF - HKLM\Software\MozillaPlugins\@dimdim.com/DimdimPlugin: File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Musicnotes.com/Musicnotes Viewer,version=1.18.9: C:\Program Files\Musicnotes\npmusicn.dll (Musicnotes, Inc.)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realarcade.com/RAClient: C:\ProgramData\RealArcade\npraclient.dll (RealNetworks)
FF - HKLM\Software\MozillaPlugins\@Sibelius.com/Scorch Plugin,version=6.2.0.88: C:\Program Files\Musicnotes\npsibelius.dll ()
FF - HKLM\Software\MozillaPlugins\@soe.sony.com/installer,version=1.0.3: File not found
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\5\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF - HKCU\Software\MozillaPlugins\@soe.sony.com/installer,version=1.0.3: File not found
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\fred\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\fred\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\fred\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\fred\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\fred\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\mattelinc.com/HotWheelsLoader: C:\Users\fred\AppData\Local\sswat_hwrc_win_live\npHotWheelsLoader.dll (Mattel, Inc)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/06/25 22:35:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/06/25 22:35:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 7.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/12/01 23:52:15 | 000,000,000 | ---D | M]

[2011/12/11 17:52:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\fred\AppData\Roaming\Mozilla\Extensions
[2012/07/03 09:29:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009/04/03 11:43:24 | 000,000,000 | ---D | M] (The Browser Highlighter) -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
[2010/12/04 14:23:34 | 000,000,000 | ---D | M] (QuickStores-Toolbar) -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
[2011/08/17 19:39:49 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2000/01/01 03:00:00 | 000,167,704 | ---- | M] (Tracker Software Products Ltd.) -- C:\Program Files\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll
[2009/03/30 17:13:54 | 000,098,304 | ---- | M] (RealNetworks) -- C:\Program Files\mozilla firefox\plugins\npraclient.dll

========== Chrome ==========

CHR - default_search_provider: images.search.yahoo.com (Enabled)
CHR - default_search_provider: search_url = http://search.yahoo....p={searchTerms}
CHR - default_search_provider: suggest_url =
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\fred\AppData\Local\Google\Chrome\Application\20.0.1132.47\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\fred\AppData\Local\Google\Chrome\Application\20.0.1132.47\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\fred\AppData\Local\Google\Chrome\Application\20.0.1132.47\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\fred\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U30 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: ActiveTouch General Plugin Container (Enabled) = C:\Users\fred\AppData\Local\Google\Chrome\Application\plugins\npatgpc.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\fred\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\fred\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Web Player\npdivx32.dll
CHR - plugin: Comrade Plugin (Enabled) = C:\Program Files\GameSpy\Comrade\npcomrade.dll
CHR - plugin: Musicnotes (Enabled) = C:\Program Files\Musicnotes\npmusicn.dll
CHR - plugin: ScorchPlugin (Enabled) = C:\Program Files\Musicnotes\npsibelius.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Media Go Detector (Enabled) = C:\Program Files\Sony\Media Go\npmediago.dll
CHR - plugin: PlayStation®Network Downloader Check Plug-in (Enabled) = C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll
CHR - plugin: PDF-XChange Viewer (Enabled) = C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll
CHR - plugin: WildTangent Games App Presence Detector (Enabled) = C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\5\NP_wtapp.dll
CHR - plugin: RealArcade NPAPI Plugin (Enabled) = C:\ProgramData\RealArcade\npraclient.dll
CHR - plugin: RealNetworks™ RealPlayer Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = c:\program files\real\realplayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = c:\program files\real\realplayer\Netscape6\nprpjplug.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\fred\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Google Update (Enabled) = C:\Users\fred\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: HotWheels Loader (Enabled) = C:\Users\fred\AppData\Local\sswat_hwrc_win_live\npHotWheelsLoader.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = c:\program files\real\realplayer\Netscape6\nprjplug.dll
CHR - Extension: YouTube = C:\Users\fred\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\fred\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\fred\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Gmail = C:\Users\fred\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/07/03 09:54:16 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No CLSID value found.
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creat...13/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2)
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} http://ccfiles.creat...015/CTSUEng.cab (Creative Software AutoUpdate 2)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creat...10926/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{72503EEE-C220-4622-AD9A-2EFD31CB7797}: DhcpNameServer = 192.168.2.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\fred\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\fred\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe - (Hewlett-Packard Co.)
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk - - File not found
MsConfig - StartUpFolder: C:^Users^fred^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CurseClientStartup.ccip - Reg Error: Value error. - File not found
MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: AppleSyncNotifier - hkey= - key= - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
MsConfig - StartUpReg: Comrade.exe - hkey= - key= - C:\Program Files\GameSpy\Comrade\Comrade.exe (IGN Entertainment Inc.)
MsConfig - StartUpReg: Google Update - hkey= - key= - C:\Users\fred\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
MsConfig - StartUpReg: HP Software Update - hkey= - key= - C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard Co.)
MsConfig - StartUpReg: Mattel HWRC Launcher - hkey= - key= - C:\Users\fred\AppData\Local\sswat_hwrc_win_live\mattelhwrc_launcher.exe ()
MsConfig - StartUpReg: MusicManager - hkey= - key= - C:\Users\fred\AppData\Local\Programs\Google\MusicManager\MusicManager.exe (Google Inc.)
MsConfig - StartUpReg: P17RunE - hkey= - key= - File not found
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig - StartUpReg: TkBellExe - hkey= - key= - c:\program files\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
MsConfig - StartUpReg: UnlockerAssistant - hkey= - key= - C:\Program Files\Unlocker\UnlockerAssistant.exe ()
MsConfig - StartUpReg: UpdReg - hkey= - key= - C:\Windows\Updreg.EXE (Creative Technology Ltd.)
MsConfig - StartUpReg: USB Storage Toolbox - hkey= - key= - C:\Windows\UMStor\Res.exe (ali)
MsConfig - StartUpReg: VolPanel - hkey= - key= - C:\Program Files\Creative\SBAudigy\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
MsConfig - StartUpReg: Windows Defender - hkey= - key= - File not found
MsConfig - StartUpReg: WMPNSCFG - hkey= - key= - C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
MsConfig - State: "startup" - 1
MsConfig - State: "services" - 1

SafeBootMin: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} - Microsoft .NET Framework 1.1 Security Update (KB2416447)
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6D32E673-A32C-7588-C820-96CC9205BB6E} - Themes Setup
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.3IV2 - C:\Windows\System32\3ivxVfWCodec_dec.dll (3ivx.com)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.VP60 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\System32\vp6vfw.dll (On2.com)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/07/03 11:39:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/07/03 11:39:44 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/07/03 11:39:44 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/07/03 10:48:41 | 002,135,640 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\fred\Desktop\tdsskiller.exe
[2012/07/03 09:58:04 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/07/03 09:58:01 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/07/03 09:58:01 | 000,000,000 | ---D | C] -- C:\Users\fred\AppData\Local\temp
[2012/07/03 09:41:29 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/07/03 09:41:29 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/07/03 09:41:29 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/07/03 09:41:01 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012/07/03 09:36:27 | 004,568,951 | R--- | C] (Swearware) -- C:\Users\fred\Desktop\ComboFix.exe
[2012/07/03 09:33:09 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\fred\Desktop\aswMBR.exe
[2012/07/03 09:29:23 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/07/02 16:25:07 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\fred\Desktop\OTL.exe
[2012/06/29 00:44:20 | 000,000,000 | ---D | C] -- C:\Users\fred\AppData\Roaming\aliasworlds
[2012/06/29 00:42:57 | 000,000,000 | ---D | C] -- C:\Users\fred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kingdom Chronicles Collector's Edition
[2012/06/29 00:42:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kingdom Chronicles Collector's Edition
[2012/06/29 00:42:57 | 000,000,000 | ---D | C] -- C:\Program Files\Kingdom Chronicles Collector's Edition
[2012/06/28 15:40:07 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012/06/28 14:01:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/06/28 13:58:46 | 000,453,424 | ---- | C] (Microsoft Corporation) -- C:\Users\fred\Desktop\IE9-WindowsVista-x86-enu.exe
[2012/06/28 13:12:23 | 000,000,000 | ---D | C] -- C:\Windows\System32\catroot2
[2012/06/28 02:52:40 | 000,000,000 | ---D | C] -- C:\WINSSLog
[2012/06/28 02:13:31 | 000,000,000 | ---D | C] -- C:\Users\fred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Registry Defrag
[2012/06/28 02:13:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Registry Defrag
[2012/06/28 02:13:31 | 000,000,000 | ---D | C] -- C:\Program Files\Eusing Free Registry Defrag
[2012/06/28 01:56:35 | 000,000,000 | ---D | C] -- C:\Program Files\OApps
[2012/06/28 01:48:49 | 000,000,000 | ---D | C] -- C:\Users\fred\AppData\Roaming\FixCleaner
[2012/06/28 01:48:24 | 000,000,000 | ---D | C] -- C:\Program Files\FixCleaner
[2012/06/28 00:21:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpaceMonger
[2012/06/28 00:21:11 | 000,000,000 | ---D | C] -- C:\Users\fred\AppData\Roaming\SpaceMonger
[2012/06/28 00:21:11 | 000,000,000 | ---D | C] -- C:\Program Files\SpaceMonger
[2012/06/28 00:12:11 | 000,000,000 | ---D | C] -- C:\Users\fred\Desktop\New Folder
[2012/06/25 23:10:00 | 000,000,000 | ---D | C] -- C:\Users\fred\AppData\Roaming\Pokémon Trading Card Game Online
[2012/06/25 22:35:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
[2012/06/21 16:52:41 | 000,000,000 | ---D | C] -- C:\Users\fred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse
[2012/06/18 13:42:57 | 000,000,000 | ---D | C] -- C:\Users\fred\AppData\Roaming\f-secure
[2012/06/18 13:42:36 | 000,000,000 | ---D | C] -- C:\ProgramData\F-Secure
[2012/06/14 20:17:29 | 019,607,872 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll
[2012/06/14 20:17:29 | 011,354,944 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys
[2012/06/14 20:17:28 | 017,551,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll
[2012/06/14 20:17:28 | 005,982,528 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll
[2012/06/14 20:17:28 | 002,524,992 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll
[2012/06/14 20:17:28 | 002,445,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll
[2012/06/09 10:45:20 | 000,023,456 | ---- | C] (Phoenix Technologies) -- C:\Windows\System32\drivers\DrvAgent32.sys
[2012/06/09 10:45:20 | 000,000,000 | ---D | C] -- C:\Users\fred\AppData\Local\eSupport.com
[2012/06/04 18:53:48 | 000,000,000 | ---D | C] -- C:\Users\fred\AppData\Roaming\WeatherLord
[2012/06/04 18:53:48 | 000,000,000 | ---D | C] -- C:\ProgramData\WeatherLord
[2012/06/04 18:00:24 | 000,000,000 | ---D | C] -- C:\Users\fred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Weather Lord
[2012/06/04 18:00:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Weather Lord
[2012/06/04 18:00:24 | 000,000,000 | ---D | C] -- C:\Program Files\Weather Lord
[2012/06/04 17:33:49 | 000,000,000 | ---D | C] -- C:\Users\fred\AppData\Roaming\Rainbow
[2012/06/03 12:25:37 | 000,000,000 | ---D | C] -- C:\Users\fred\AppData\Local\CutePDF Writer
[2012/06/03 12:22:48 | 000,000,000 | ---D | C] -- C:\Program Files\Acro Software

========== Files - Modified Within 30 Days ==========

[2012/07/03 11:39:45 | 000,000,915 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/07/03 11:31:43 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/07/03 11:31:42 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/07/03 11:28:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/07/03 11:01:01 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1286577877-1167854462-976776892-1000Core.job
[2012/07/03 11:01:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1286577877-1167854462-976776892-1000UA.job
[2012/07/03 10:48:50 | 002,135,640 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\fred\Desktop\tdsskiller.exe
[2012/07/03 10:47:13 | 000,000,512 | ---- | M] () -- C:\Users\fred\Desktop\MBR.dat
[2012/07/03 09:54:16 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012/07/03 09:37:07 | 004,568,951 | R--- | M] (Swearware) -- C:\Users\fred\Desktop\ComboFix.exe
[2012/07/03 09:33:33 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\fred\Desktop\aswMBR.exe
[2012/07/03 09:31:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/07/02 22:24:52 | 000,002,748 | ---- | M] () -- C:\Users\fred\profiles.xml
[2012/07/02 18:00:00 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\next.job
[2012/07/02 16:25:09 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\fred\Desktop\OTL.exe
[2012/07/02 13:16:01 | 000,000,420 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{DF351888-2C7F-48D3-8BA2-401173E31F50}.job
[2012/07/01 21:16:53 | 000,002,072 | ---- | M] () -- C:\Users\fred\Desktop\Google Chrome.lnk
[2012/07/01 21:16:53 | 000,002,034 | ---- | M] () -- C:\Users\fred\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/07/01 20:37:40 | 000,000,882 | ---- | M] () -- C:\Users\Public\Desktop\World of Warcraft.lnk
[2012/06/29 00:43:48 | 000,035,369 | ---- | M] () -- C:\Windows\wininit.ini
[2012/06/29 00:43:44 | 000,001,981 | ---- | M] () -- C:\Users\Public\Desktop\Play Kingdom Chronicles Collector's Edition.lnk
[2012/06/29 00:43:44 | 000,001,600 | ---- | M] () -- C:\Users\Public\Desktop\More Great Games.lnk
[2012/06/28 13:58:50 | 000,453,424 | ---- | M] (Microsoft Corporation) -- C:\Users\fred\Desktop\IE9-WindowsVista-x86-enu.exe
[2012/06/28 03:07:43 | 000,002,234 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012/06/28 02:36:34 | 000,264,771 | ---- | M] () -- C:\Users\fred\AppData\Local\census.cache
[2012/06/28 02:36:27 | 000,187,966 | ---- | M] () -- C:\Users\fred\AppData\Local\ars.cache
[2012/06/28 02:13:31 | 000,000,861 | ---- | M] () -- C:\Users\fred\Desktop\Eusing Free Registry Defrag.lnk
[2012/06/28 01:38:59 | 000,275,629 | ---- | M] () -- C:\Windows\Let's Clean Up! Plus Uninstaller.exe
[2012/06/25 22:35:52 | 000,000,847 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer.lnk
[2012/06/25 22:35:27 | 000,198,832 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll
[2012/06/25 22:35:19 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5016.dll
[2012/06/25 22:35:19 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5032.dll
[2012/06/21 16:52:41 | 000,000,312 | ---- | M] () -- C:\Users\fred\Desktop\Curse Client.appref-ms
[2012/06/09 10:46:04 | 000,000,950 | ---- | M] () -- C:\Users\fred\Desktop\Find Drivers with DriverAgent.lnk
[2012/06/09 10:45:20 | 000,023,456 | ---- | M] (Phoenix Technologies) -- C:\Windows\System32\drivers\DrvAgent32.sys
[2012/06/05 16:21:17 | 000,541,961 | ---- | M] () -- C:\Users\fred\Desktop\heart-wallpaper-love-10959423-1280-1024.jpg
[2012/06/04 18:00:54 | 000,001,733 | ---- | M] () -- C:\Users\Public\Desktop\Play Weather Lord.lnk
[2012/06/03 12:35:10 | 036,956,558 | ---- | M] () -- C:\Users\fred\Documents\Easyunsecured.pdf

========== Files Created - No Company Name ==========

[2012/07/03 11:39:45 | 000,000,915 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/07/03 10:47:13 | 000,000,512 | ---- | C] () -- C:\Users\fred\Desktop\MBR.dat
[2012/07/03 09:41:29 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/07/03 09:41:29 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/07/03 09:41:29 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/07/03 09:41:29 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/07/03 09:41:29 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/06/29 09:22:56 | 000,001,971 | ---- | C] () -- C:\Users\Public\Desktop\The Sims™ Medieval.lnk
[2012/06/29 00:43:44 | 000,001,981 | ---- | C] () -- C:\Users\Public\Desktop\Play Kingdom Chronicles Collector's Edition.lnk
[2012/06/29 00:43:44 | 000,001,600 | ---- | C] () -- C:\Users\Public\Desktop\More Great Games.lnk
[2012/06/28 02:13:31 | 000,000,861 | ---- | C] () -- C:\Users\fred\Desktop\Eusing Free Registry Defrag.lnk
[2012/06/25 22:35:52 | 000,000,847 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer.lnk
[2012/06/09 10:46:04 | 000,000,950 | ---- | C] () -- C:\Users\fred\Desktop\Find Drivers with DriverAgent.lnk
[2012/06/05 16:21:36 | 000,541,961 | ---- | C] () -- C:\Users\fred\Desktop\heart-wallpaper-love-10959423-1280-1024.jpg
[2012/06/04 18:00:54 | 000,001,733 | ---- | C] () -- C:\Users\Public\Desktop\Play Weather Lord.lnk
[2012/06/03 12:36:21 | 036,956,558 | ---- | C] () -- C:\Users\fred\Documents\Easyunsecured.pdf
[2012/03/03 19:07:09 | 000,001,463 | ---- | C] () -- C:\Windows\System32\AudioDrv.ini
[2012/03/03 19:05:08 | 000,166,912 | ---- | C] () -- C:\Windows\System32\APOMngr.DLL
[2012/03/03 19:05:08 | 000,073,728 | ---- | C] () -- C:\Windows\System32\CmdRtr.DLL
[2012/02/22 08:50:57 | 000,001,534 | ---- | C] () -- C:\ProgramData\ss.ini
[2012/02/18 22:37:41 | 000,000,262 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2011/12/26 22:26:43 | 000,275,629 | ---- | C] () -- C:\Windows\Let's Clean Up! Plus Uninstaller.exe
[2011/12/21 18:09:35 | 000,148,928 | ---- | C] () -- C:\Windows\hpoins19.dat
[2011/12/21 18:09:20 | 000,026,952 | ---- | C] () -- C:\Windows\hpomdl19.dat
[2011/12/06 22:16:07 | 000,264,771 | ---- | C] () -- C:\Users\fred\AppData\Local\census.cache
[2011/12/06 22:15:43 | 000,187,966 | ---- | C] () -- C:\Users\fred\AppData\Local\ars.cache
[2011/12/06 21:06:12 | 000,000,036 | ---- | C] () -- C:\Users\fred\AppData\Local\housecall.guid.cache
[2011/10/06 21:22:35 | 000,000,064 | ---- | C] () -- C:\Windows\GPlrLanc.dat
[2011/09/20 23:58:48 | 000,002,748 | ---- | C] () -- C:\Users\fred\profiles.xml
[2011/09/03 11:52:13 | 000,000,218 | ---- | C] () -- C:\Users\fred\.recently-used.xbel.USWK1V
[2011/07/20 12:29:56 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011/05/04 11:36:26 | 000,000,127 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2011/03/02 19:48:00 | 000,000,008 | ---- | C] () -- C:\Users\fred\AppData\Roaming\DofusAppId0_1
[2011/03/02 18:33:28 | 000,000,169 | ---- | C] () -- C:\Users\fred\AppData\Roaming\D2Info0
[2011/03/02 18:33:28 | 000,000,008 | ---- | C] () -- C:\Users\fred\AppData\Roaming\DofusAppId0_2
[2011/02/14 20:54:50 | 000,000,552 | ---- | C] () -- C:\Users\fred\AppData\Local\d3d8caps.dat
[2010/11/28 22:24:08 | 000,011,164 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2010/11/01 16:21:17 | 000,002,048 | ---- | C] () -- C:\Users\fred\writeordiesettings.db
[2010/07/05 18:35:47 | 000,000,050 | ---- | C] () -- C:\Users\fred\jagex__preferences3.dat
[2010/07/05 18:35:46 | 000,000,117 | ---- | C] () -- C:\Users\fred\jagex_runescape_preferences2.dat
[2010/07/05 18:34:29 | 000,000,046 | ---- | C] () -- C:\Users\fred\jagex_runescape_preferences.dat
[2009/11/03 23:32:43 | 000,034,800 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009/11/03 22:46:48 | 000,034,800 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009/10/14 15:00:07 | 000,000,680 | ---- | C] () -- C:\Users\fred\AppData\Local\d3d9caps.dat
[2009/06/09 16:02:28 | 000,000,000 | -H-- | C] () -- C:\ProgramData\pjwllw
[2009/06/01 15:39:00 | 000,000,000 | ---- | C] () -- C:\Users\fred\AppData\Local\prvlcl.dat
[2009/04/16 19:00:21 | 000,001,458 | ---- | C] () -- C:\Users\fred\.recently-used.xbel
[2009/03/21 11:35:03 | 000,000,092 | ---- | C] () -- C:\Users\fred\AppData\Local\fusioncache.dat
[2009/03/06 22:25:25 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2008/12/13 21:01:14 | 000,005,115 | ---- | C] () -- C:\ProgramData\N360BUOptions.ini
[2008/12/01 17:41:16 | 000,870,128 | ---- | C] () -- C:\Users\fred\AppData\Roaming\mcs.rma
[2008/11/05 02:11:44 | 000,022,528 | ---- | C] () -- C:\Users\fred\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*.exe >

< %APPDATA%\*. >
[2012/01/03 16:35:38 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\A2 Entertainment
[2011/01/20 22:56:15 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Academagia
[2008/11/06 01:48:11 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Acreon
[2011/05/08 10:59:24 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Adobe
[2011/12/06 21:07:29 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Alawar
[2012/04/10 00:38:38 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Alawar Entertainment
[2012/06/29 00:44:20 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\aliasworlds
[2010/12/21 16:16:26 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Amaranth Games
[2011/12/05 20:14:14 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Amazon
[2012/03/27 00:15:57 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Anino Games
[2010/05/09 20:37:01 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Apple Computer
[2012/04/12 22:23:26 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Artifex Mundi
[2009/11/19 18:36:28 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Atari
[2011/01/11 21:24:15 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Aveyond 3
[2010/05/09 20:47:10 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\AVS4YOU
[2011/09/21 12:01:58 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Azureus
[2010/04/06 20:24:40 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\BabyPanda.AE596E2C895946753C836133BB20D7D0CC6BAC08.1
[2012/04/02 22:09:17 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Big Fish Games
[2012/04/16 23:42:50 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\BigFishGames
[2010/09/03 19:30:40 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\blg
[2010/09/03 19:40:37 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Boolat Games
[2009/06/12 17:48:53 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Boomzap
[2011/12/15 15:30:29 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\BowWow
[2011/01/13 18:57:10 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Brunhilda_real
[2011/12/06 21:03:25 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\casualArts
[2009/07/16 13:28:00 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Coding4Fun
[2010/11/01 16:21:18 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\com.drwicked.writeordie.WriteorDieDesktop.6612D25620E961818EB6367A60EAB552BE4CD874.1
[2012/03/03 19:18:16 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Creative
[2010/01/21 01:47:06 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\cronometer
[2008/11/10 13:28:59 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\CyberLink
[2011/10/26 21:00:32 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\dekovir
[2010/11/28 21:50:44 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\DeviceDoctorSoftware
[2010/10/16 13:30:51 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\dimdim
[2011/11/29 14:23:19 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\DivoGames
[2011/03/02 19:51:14 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Dofus 2
[2011/03/02 18:33:28 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Dofus-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2011/03/02 19:48:00 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2011/09/23 12:29:14 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Electronic Arts
[2012/06/18 13:42:57 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\f-secure
[2011/10/27 14:13:21 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\FamilyVacationCalifornia
[2012/06/28 01:53:08 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\FixCleaner
[2010/05/09 20:51:25 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\FreeAudioPack
[2012/01/11 14:52:30 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Friday's games
[2009/08/20 22:28:14 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\FUJIFILM
[2012/01/10 13:11:12 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Gaijin Ent
[2011/01/13 20:51:10 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\GameHouse
[2011/12/06 19:23:19 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\GameInvest
[2008/12/10 21:07:35 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Gamelab
[2010/09/21 18:59:54 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Ghost Ship Studios
[2012/01/11 15:41:46 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Go-Go Gourmet Chef of the Year
[2009/11/30 15:10:01 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\GOA
[2008/11/06 01:47:01 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Google
[2011/06/30 14:30:39 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\GreenSauceGames
[2009/04/16 19:00:21 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\gtk-2.0
[2012/04/01 22:14:30 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Happy Artist Studio
[2012/03/27 00:06:10 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Happy Chef
[2009/08/04 21:20:42 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Home Sweet Home
[2011/12/25 00:03:45 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Hotdog Hotshot
[2011/12/22 00:02:58 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\HP
[2011/12/25 11:27:37 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\HpUpdate
[2011/08/22 15:17:00 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\HTML Executable
[2008/11/05 01:57:16 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Identities
[2009/04/13 15:28:25 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\iLike
[2011/12/22 00:09:32 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Image Zone Express
[2009/08/20 22:28:08 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\InstallShield
[2011/07/13 22:47:29 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\IObit
[2011/12/06 12:58:36 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Islands
[2011/06/26 13:01:42 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Islands2
[2012/01/08 22:39:05 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Islands3
[2010/05/09 19:51:36 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\iTunes Agent
[2009/04/07 13:34:07 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\iWin
[2009/06/10 11:05:32 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\LimeWire
[2011/09/15 22:43:10 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Ludia
[2008/11/05 13:13:30 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Macromedia
[2012/06/28 14:01:30 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Malwarebytes
[2012/04/01 22:50:21 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Maximize Games
[2011/11/29 12:54:06 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\MegaplexMadnessSummerBlockbuster
[2011/10/08 11:17:20 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Meridian93
[2010/04/02 00:34:14 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Merscom
[2012/06/28 02:43:57 | 000,000,000 | --SD | M] -- C:\Users\fred\AppData\Roaming\Microsoft
[2011/12/05 15:41:03 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\minimem
[2010/09/15 15:39:25 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\MMOUI
[2012/06/26 03:03:45 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Mozilla
[2009/05/30 20:41:55 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\MozillaControl
[2011/07/27 11:43:00 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\MyTunesRSS4
[2011/09/21 11:57:30 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Namco
[2011/12/06 13:58:42 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\NevoSoft
[2011/09/22 14:10:02 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Norseman Games
[2011/12/21 22:57:03 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\NVIDIA
[2010/05/28 17:43:31 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\OverDrive
[2011/08/24 19:25:25 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\PathToSuccess
[2012/04/03 23:57:17 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\PlayFirst
[2011/10/27 14:27:58 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\playmink
[2012/01/05 20:00:28 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Playrix Entertainment
[2010/08/27 19:53:15 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Pogo Games
[2012/06/25 23:11:51 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Pokémon Trading Card Game Online
[2011/12/22 00:09:32 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Printer Info Cache
[2011/08/17 19:49:44 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\ProfitUI Reborn Updater
[2010/12/05 20:15:00 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\QuickStoresToolbar
[2012/06/04 17:33:49 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Rainbow
[2009/08/20 22:16:51 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\RayV
[2012/06/25 22:36:01 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Real
[2011/10/09 08:29:47 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Realore_Whiterra Roads Of Rome 3
[2011/03/02 18:33:34 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2010/12/05 11:55:00 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Registry Mechanic
[2011/02/08 20:12:24 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Relentless Software
[2012/01/05 21:12:42 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\RenPy
[2009/10/27 22:20:45 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\runic games
[2011/11/26 13:23:15 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Schoolhouse Technologies
[2009/08/03 21:32:14 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\SecondLife
[2010/07/01 16:43:39 | 000,000,000 | RH-D | M] -- C:\Users\fred\AppData\Roaming\SecuROM
[2010/03/14 12:28:45 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\ShinyTales
[2012/05/20 10:33:26 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Shop'NCook Menu
[2011/01/22 19:46:25 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Sibelius Software
[2010/02/24 11:41:35 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\skypePM
[2011/06/28 20:58:22 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Sony
[2012/02/22 09:00:55 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Sony Network Entertainment International LLC
[2010/10/19 21:07:29 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Spacejock Software
[2012/06/28 00:21:11 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\SpaceMonger
[2011/01/11 00:06:06 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Spark Plug Games
[2012/01/09 16:02:34 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Stand O'Food 3
[2011/03/02 16:36:26 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\StormFront
[2012/06/03 16:16:09 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\SulusGames
[2008/11/07 14:22:25 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Symantec
[2011/12/19 21:00:32 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\SystemRequirementsLab
[2011/10/06 10:48:43 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Thunderbird
[2009/04/03 21:26:02 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\TimeQuest
[2010/07/28 12:32:24 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Uniblue
[2009/12/21 02:57:28 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Unity
[2011/09/12 09:40:09 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\uTorrent
[2012/04/01 22:17:21 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Valusoft
[2011/05/04 16:49:53 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Vasilek Games
[2011/10/11 20:30:15 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\VC 2 Paradise Resort
[2009/08/06 12:13:19 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Ventrilo
[2011/10/25 10:43:53 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\ViquaSoft
[2009/05/30 20:42:12 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\vlc
[2012/06/04 18:53:48 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\WeatherLord
[2011/12/13 15:28:43 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\WendigoStudios
[2011/01/13 17:05:35 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\WinRAR
[2009/07/16 13:35:16 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Witty
[2011/09/04 04:00:00 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Workrave
[2008/12/01 17:41:05 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\Yahoo!
[2012/04/13 01:54:44 | 000,000,000 | ---D | M] -- C:\Users\fred\AppData\Roaming\YoudaGames

< MD5 for: ATAPI.SYS >
[2009/04/11 01:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008/01/20 21:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\erdnt\cache\atapi.sys
[2008/01/20 21:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\drivers\atapi.sys
[2008/01/20 21:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/20 21:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 04:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys

< MD5 for: EXPLORER.EXE >
[2008/10/29 01:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/29 01:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\erdnt\cache\explorer.exe
[2008/10/29 01:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\explorer.exe
[2008/10/29 01:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008/10/29 22:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008/10/27 21:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008/01/20 21:34:05 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: SVCHOST.EXE >
[2012/04/04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2008/01/20 21:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\erdnt\cache\svchost.exe
[2008/01/20 21:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008/01/20 21:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe

< MD5 for: USERINIT.EXE >
[2008/01/20 21:34:37 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\erdnt\cache\userinit.exe
[2008/01/20 21:34:37 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008/01/20 21:34:37 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe

< MD5 for: WINLOGON.EXE >
[2012/04/04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009/04/11 01:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008/01/20 21:34:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\erdnt\cache\winlogon.exe
[2008/01/20 21:34:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\System32\winlogon.exe
[2008/01/20 21:34:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< %systemroot%\*. /mp /s >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Users\fred\AppData\Local\Google\Chrome\Application\chrome.exe" --show-icons [2012/06/28 05:28:57 | 001,250,328 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Users\fred\AppData\Local\Google\Chrome\Application\chrome.exe" --hide-icons [2012/06/28 05:28:57 | 001,250,328 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Users\fred\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/06/28 05:28:57 | 001,250,328 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Users\fred\AppData\Local\Google\Chrome\Application\chrome.exe" [2012/06/28 05:28:57 | 001,250,328 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2008/01/20 21:33:55 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2008/01/20 21:33:55 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2008/01/20 21:33:55 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" [2011/04/21 10:02:30 | 000,634,648 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Users\fred\AppData\Local\Google\Chrome\Application\chrome.exe" --show-icons [2012/06/28 05:28:57 | 001,250,328 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Users\fred\AppData\Local\Google\Chrome\Application\chrome.exe" --hide-icons [2012/06/28 05:28:57 | 001,250,328 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Users\fred\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/06/28 05:28:57 | 001,250,328 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Users\fred\AppData\Local\Google\Chrome\Application\chrome.exe" [2012/06/28 05:28:57 | 001,250,328 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2008/01/20 21:33:55 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2008/01/20 21:33:55 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2008/01/20 21:33:55 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" [2011/04/21 10:02:30 | 000,634,648 | ---- | M] (Microsoft Corporation)

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

========== Alternate Data Streams ==========

@Alternate Data Stream - 99 bytes -> C:\ProgramData\TEMP:9EC86225
@Alternate Data Stream - 99 bytes -> C:\ProgramData\TEMP:900BE829
@Alternate Data Stream - 97 bytes -> C:\ProgramData\TEMP:14750D76
@Alternate Data Stream - 94 bytes -> C:\ProgramData\TEMP:DDEB08FD
@Alternate Data Stream - 94 bytes -> C:\ProgramData\TEMP:538B96B5
@Alternate Data Stream - 257 bytes -> C:\ProgramData\TEMP:A039EDF9
@Alternate Data Stream - 243 bytes -> C:\ProgramData\TEMP:36608448
@Alternate Data Stream - 240 bytes -> C:\ProgramData\TEMP:371A321E
@Alternate Data Stream - 238 bytes -> C:\ProgramData\TEMP:A2B3764A
@Alternate Data Stream - 236 bytes -> C:\ProgramData\TEMP:0E67073E
@Alternate Data Stream - 235 bytes -> C:\ProgramData\TEMP:9D6EAEC3
@Alternate Data Stream - 229 bytes -> C:\ProgramData\TEMP:9CF728A6
@Alternate Data Stream - 226 bytes -> C:\ProgramData\TEMP:D0AB0B4A
@Alternate Data Stream - 224 bytes -> C:\ProgramData\TEMP:F2CEC0E8
@Alternate Data Stream - 224 bytes -> C:\ProgramData\TEMP:5F1019FF
@Alternate Data Stream - 221 bytes -> C:\ProgramData\TEMP:3766E957
@Alternate Data Stream - 220 bytes -> C:\ProgramData\TEMP:E8BF029E
@Alternate Data Stream - 217 bytes -> C:\ProgramData\TEMP:0D52F295
@Alternate Data Stream - 214 bytes -> C:\ProgramData\TEMP:DD629819
@Alternate Data Stream - 214 bytes -> C:\ProgramData\TEMP:6378B6B8
@Alternate Data Stream - 212 bytes -> C:\ProgramData\TEMP:A4AF8D0D
@Alternate Data Stream - 205 bytes -> C:\ProgramData\TEMP:723E56EC
@Alternate Data Stream - 200 bytes -> C:\ProgramData\TEMP:18897B1D
@Alternate Data Stream - 153 bytes -> C:\ProgramData\TEMP:D987CB43
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:F1F936DF
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:E6B6120A
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:6ECD2470
@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:41B89F80
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:93F3E4C9
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:EB9EF516
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:E6540C35
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:3A4C8FE7
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:F53B274A
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:B790962B
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:A819A132
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:A652BC99
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:0E5CFA74
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:751D6870
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:413E2927
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:0DE96CF5
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:F3591DDB
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:CAF8DAC8
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:AE289451
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:35629AE6
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:D770A15D
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:9D03192E
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:1BEAD68C
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:F35AE645
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:E9900C74
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:DCA79AB3
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:BB718C46
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:701B92FB
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:7DF1EF45
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:517EFA90
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:3FB71C37
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:0968E571
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:F98E6C67
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:4C21784C
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:FEECF2C8
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:A1A86E40
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:7E4E56EA
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:F5FC5DCE
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:1A15C0AF
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:D3A89E47
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:5313B881
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:E6EC5C2A
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:C4870D32
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:B1E64E47
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:6DA18708
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:56C66609
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:44E16D4A
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:1B3549F2
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:EB5BDBB0
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:92DB4653
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:3FAE5A2A
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:3A4676D7
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:06C34166
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:CFC8A5FD
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:1CA73D29
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:10CFA7D4
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:C43C957E
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:6BFA43EB
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:014BC3B4
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:E6537A16
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:AED4FFF5
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:96646EC1
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:80E965A3
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:3AC0ED43
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:AEEC88F6
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:417B6FAC
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:04BB186B
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:290A724C
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:10D45FC3
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:0DFE2AE1
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:0ACF1AF5
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:D576A536
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:D01ACC06
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:7AF9CAEB
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:73B78E79
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:162E02F7
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:BA24E689
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:6DDFD746
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:3C9B05C4
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:385BC52C
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:9B2BD056
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:38D2EA83
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:E4EE99EF
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:D6DD5F62
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:CFF6B3FF
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:9857FAE3
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:69FE2EE4
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:5D17C178
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:28819F45
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:2216A431
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:1B262C29
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:EA7D76BE
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:48FEA089
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:ADFAD95A
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:A688EF17
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:42478B0E
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:29C0641D
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:EE49CE4E
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:EB68CA55
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:6F1F66C0
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:349E5B74
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:A6CDBCAC
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:041C0562
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:A9ABA3FF
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:393F7B1E
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:07C99568
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:C80C7DFB
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:294F888B
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:15752405
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:0BF96601
@Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:A00BCDEF
@Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:A561576B
@Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:423A67E6
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:13DF9DD1
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:D1B5B4F1
@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:A0C7D68A
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:8247A199
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:48081133
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:24E8169B
@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:883EDFB5

< End of report >
  • 0

Advertisements


#11
Tigersmoondiva

Tigersmoondiva

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
OTL Extras logfile created on: 7/3/2012 11:48:55 AM - Run 2
OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\fred\Desktop
Windows Vista Home Basic Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.87 Gb Total Physical Memory | 0.96 Gb Available Physical Memory | 51.45% Memory free
3.99 Gb Paging File | 3.06 Gb Available in Paging File | 76.87% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 139.05 Gb Total Space | 42.51 Gb Free Space | 30.57% Space Free | Partition Type: NTFS

Computer Name: FRED-PC | User Name: fred | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (All) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = ComFile] -- "%1" %*
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\System32\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf [@ = inffile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
.js [@ = JSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- Reg Error: Key error. File not found
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\system32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
InternetShortcut [print] -- rundll32.exe C:\Windows\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [SpaceMonger] -- "C:\Program Files\SpaceMonger\SpaceMonger.exe" ; show-free-space false ; show-system-space false ; set-root "%l" (Sixty-Five Software, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A83F5BD-592E-4650-A663-6BE241A3C0DB}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{5D96F348-0CCC-4181-A98B-22C74ACE1234}" = rport=10243 | protocol=6 | dir=out | app=system |
"{737F1482-4176-446D-B3C4-4D8BA52A8C59}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7A0618EA-E8AF-4B1C-9F51-CA67E5397065}" = lport=10243 | protocol=6 | dir=in | app=system |
"{7A2A295A-614B-4A96-89B6-811A6147A523}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{84DF02BA-DCB0-4B08-8A98-8EDE6A61C4C7}" = lport=139 | protocol=6 | dir=in | app=system |
"{A0605AEE-335B-470F-ABA2-E298272C9A80}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AD9675C5-BD52-4F80-837B-4057C5201F0E}" = lport=49170 | protocol=6 | dir=in | name=akamai netsession interface |
"{ADF0D148-C77B-4300-9C20-E44E2577EA48}" = rport=137 | protocol=17 | dir=out | app=system |
"{B74D8997-D9E6-4CC9-99B7-093E73E7E20E}" = rport=138 | protocol=17 | dir=out | app=system |
"{BED8B44C-4271-4B9B-948B-4A33C6A6558E}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BF2D0FC4-A040-4148-82A2-CE09FF3A2719}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{BFF4A8DD-84C9-4B5E-A208-4EB0F8BFD720}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C154BA2F-E275-4CFA-A2EA-3BFDDD9C7BBA}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{D08CF023-482A-4185-ACE0-040507790AF6}" = lport=445 | protocol=6 | dir=in | app=system |
"{D4AE5403-522E-4ADD-9A2A-FCB0F3733FE3}" = rport=139 | protocol=6 | dir=out | app=system |
"{DD0FA6EB-E847-470B-83AD-0EE61277FC3F}" = lport=137 | protocol=17 | dir=in | app=system |
"{E3AE172F-C754-4A31-9B77-80D3A89DABB5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E4BBEF3C-D4D1-4D04-96BF-DD9B0608875E}" = rport=445 | protocol=6 | dir=out | app=system |
"{E5BA6167-A4A9-4350-824E-7CCF29FA0D9E}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E6DB8724-1254-4E66-8138-3D694B992E5B}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe |
"{F0E9E94C-5622-49AC-9CCB-356D3C821706}" = lport=138 | protocol=17 | dir=in | app=system |
"{F87AEADF-B270-4C8B-B0AB-A128903C632E}" = lport=3724 | protocol=6 | dir=in | name=blizzard downloader: 3724 |
"{FC00C643-3AFA-42FC-A57B-473C2B4DC140}" = lport=2869 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{09DCB448-641A-4F31-9EE9-8AD21C6BC47F}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"{0D2100CC-519B-4EB1-8557-C2781896A461}" = protocol=17 | dir=in | app=c:\program files\curse\curseclient.exe |
"{1144F30F-9B94-4BBD-8B58-CDE9AD0CA767}" = dir=in | app=c:\programdata\dimdim\updater\next.exe |
"{139812A4-C658-403C-A3DE-EC3C5000979A}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{15930563-D1E4-440D-892A-A20A8388A398}" = protocol=17 | dir=in | app=c:\program files\quest online\alganon\launcher.exe |
"{1A7CD7D4-DE07-4415-9621-33A4ABB21AE6}" = protocol=17 | dir=in | app=c:\program files\turbine\turbine download manager\turbinenetworkservice.exe |
"{1B72CEAA-ABD0-4069-80FA-CDB68345D101}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-2.4.3-to-3.0.2-enus-win-final-downloader.exe |
"{1EC68E49-C274-40A9-9A90-C63B90CEE8D8}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\plants vs zombies\plantsvszombies.exe |
"{1FE2E1DD-D4C6-48B5-BE33-6ACEA31D0EA0}" = protocol=17 | dir=in | app=c:\program files\turbine\turbine download manager\turbinemessageservice.exe |
"{252C22E7-8B3F-4244-8614-AF8091E64674}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2D5DFC4B-334B-44C1-B57A-31FB25C88052}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{2E9AADAE-64EB-4F8C-AAD3-0B13B9B09ADD}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{3312087D-C0B4-478F-A35D-FCC9A2FC8546}" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"{3482200B-4610-4A79-98EA-46E8D654852F}" = protocol=17 | dir=in | app=c:\users\fred\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{3AB79E43-1B1D-4F1E-BE42-45FCB6920712}" = protocol=6 | dir=in | app=c:\program files\turbine\turbine download manager\turbinemessageservice.exe |
"{3CB47E12-9CF2-4399-98CD-2C549AD65B68}" = protocol=1 | dir=in | [email protected],-28543 |
"{42280ECB-7F31-4A22-A4FE-389AB228711B}" = protocol=17 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{4D1D61E1-52A3-403E-9664-3D62B3B80575}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4DB4B4B3-736A-4E27-918E-826B9D25DFC0}" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"{51B1FA6F-CA62-4637-9314-1EB395AAEC8B}" = protocol=6 | dir=in | app=c:\program files\curse\curseclient.exe |
"{5992F885-F29F-480E-BC1C-0C52AFD9F133}" = protocol=1 | dir=out | [email protected],-28544 |
"{5A197832-13ED-4C52-90F9-1558C5236ECC}" = protocol=58 | dir=in | [email protected],-28545 |
"{5BA2CE4E-71D4-4E34-BE85-B18417EA7082}" = protocol=6 | dir=in | app=c:\program files\world of warcraft\launcher.patch.exe |
"{608F56DA-69CA-4D38-895C-F0074050ACEA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{649EC050-D32C-48EC-BB34-76392F7FA764}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{6D42850F-B8FF-4271-95D1-D94976B7466A}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\recettear\custom.exe |
"{6D8892F3-F703-4EE8-B606-4D1A25228FF4}" = protocol=6 | dir=in | app=c:\program files\rhapsody\rhapsody.exe |
"{6DCE8360-642C-4843-882D-5F62A3E94432}" = protocol=17 | dir=in | app=c:\program files\quest online\alganon\alganon.exe |
"{6F36A72F-7BE1-4338-AB9D-393FB3F95A1F}" = protocol=17 | dir=in | app=c:\program files\mediamall\mediamallserver.exe |
"{6F394255-AA42-4382-8C00-E5CBC85E862B}" = protocol=6 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{7158858C-4129-4CF2-BAF0-EE50D52F1F80}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{737CFFA9-F376-4320-9394-79A8B0FB1FDC}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\plants vs zombies\plantsvszombies.exe |
"{764B5953-FFE3-4844-B88A-E0ADB05A8CAA}" = protocol=17 | dir=in | app=c:\program files\world of warcraft\launcher.exe |
"{803CFE89-EFBD-4487-A367-457963B2E339}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{833B0E08-8C6F-4068-A4C6-22AFEC46E0D7}" = protocol=17 | dir=in | app=c:\program files\quest online\alganon\repair.exe |
"{8AD184E9-A7F0-4729-BF84-BF03F9394CC3}" = protocol=6 | dir=in | app=c:\users\fred\appdata\local\akamai\netsession_win.exe |
"{8BC756BD-A43C-495F-A0C3-7CAA68C930AB}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8DD171C5-1D66-4F67-894E-004171F39D31}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{9419F7CB-8719-4B05-B756-8F750B6A8AAA}" = protocol=17 | dir=in | app=c:\program files\world of warcraft\launcher.patch.exe |
"{9B531658-9070-48DB-9180-2CF4631FF798}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{9E9D7B6B-A795-472F-BFAA-393C0ED3CEEA}" = protocol=6 | dir=out | app=system |
"{A172744E-D949-43D1-B806-16E56440A989}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{A3FDAEF8-CDB9-47F4-9958-D137A4ED2F13}" = protocol=6 | dir=in | app=c:\users\fred\downloads\ringtonemakersetup.exe |
"{B0CAA51A-6A47-4142-9C70-8D4C628C0CCD}" = protocol=17 | dir=in | app=c:\users\fred\appdata\local\akamai\netsession_win.exe |
"{B2010A89-8FDB-4896-A003-0AAD7F1049CD}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{B4AC1427-DC17-4EEA-89EB-80B7728DCCD0}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{B677D02E-F5AF-42C0-A2B5-F993412FB14C}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-2.4.3-to-3.0.2-enus-win-final-downloader.exe |
"{B95332C4-AA21-4A79-BC80-915A871710A3}" = protocol=58 | dir=out | [email protected],-28546 |
"{B9C04B35-4AC1-4BEA-9024-DF367D61AF91}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{BCCE5B68-67E1-4106-91A8-BD90FFFC0653}" = dir=in | app=c:\program files\dimdim\plugin\application\myscreen.exe |
"{C068F171-3E88-4E62-B527-1CC3CBC41E80}" = protocol=6 | dir=in | app=c:\program files\mediamall\mediamallserver.exe |
"{C4847D18-03A7-48FE-B55A-4725A4E4A8BC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C8660A5E-8050-451D-A4B8-8AD1E9922B7A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C9500D22-F32C-43A6-AAF0-3095539D0345}" = protocol=6 | dir=in | app=c:\users\fred\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{CAB0E85B-F68E-4DC1-A3D7-F3C915D24CF9}" = protocol=17 | dir=in | app=c:\program files\rhapsody\rhapsody.exe |
"{D0F52579-A979-4CC8-BD66-D0649B00BA9A}" = protocol=6 | dir=in | app=c:\program files\turbine\turbine download manager\turbinenetworkservice.exe |
"{D9398957-27BF-4C2F-B30B-07E31D8C44AA}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\recettear\recettear.exe |
"{D9B232BD-B8D9-4A2A-8685-EEBE182AA3EE}" = protocol=17 | dir=in | app=c:\users\fred\downloads\ringtonemakersetup.exe |
"{DE2C340A-C09D-432D-B054-D1FC803A3930}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E420BBE4-62C8-42F7-931C-C9AC215BC936}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\recettear\custom.exe |
"{E5A1206B-B02A-4B91-8A5A-D95F38E0C502}" = protocol=6 | dir=in | app=c:\program files\quest online\alganon\launcher.exe |
"{E76819B0-0FA3-496B-BAC2-B4EF59E58CE2}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\recettear\recettear.exe |
"{E876CBD6-4FC1-4800-AA71-B458EBE22961}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{EB386BE0-CB2E-4F6B-97C0-A5736A49B31C}" = dir=in | app=c:\program files\dimdim\plugin\application\dimdim.exe |
"{ED2FB5F5-C80D-4874-819D-30EB7CE5B8EC}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{EF42A712-6E91-4452-A0BA-30CC9ED171E5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F0CBEA4E-EBB3-43A3-A885-113EDBBB2B91}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"{F3926AC4-CBD1-474C-8471-8ED76AEB3D63}" = protocol=6 | dir=in | app=c:\program files\quest online\alganon\alganon.exe |
"{F3DC2B15-ED06-4493-AB9D-59A7E34942F5}" = protocol=6 | dir=in | app=c:\program files\quest online\alganon\repair.exe |
"{F424F641-ADD0-4199-86D4-2DE57D80806A}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{FBD124F2-8497-4330-A88D-EAAA144181EF}" = protocol=6 | dir=in | app=c:\program files\world of warcraft\launcher.exe |
"TCP Query User{17C21111-4D7B-4365-904A-2F269C8691B4}C:\program files\world of warcraft\temp\wow-4.2.1.2730-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\program files\world of warcraft\temp\wow-4.2.1.2730-enus-tools-downloader.exe |
"TCP Query User{35E2A2F6-4AD9-4E6C-ACCB-9553649C335D}C:\program files\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=c:\program files\world of warcraft\backgrounddownloader.exe |
"TCP Query User{3900DBBA-A786-4F16-84F9-F5ED73852786}C:\program files\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"TCP Query User{6830759B-E22C-40CF-BABC-BBF694A54853}C:\program files\world of warcraft\temp\wow-4.2.1.2727-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\program files\world of warcraft\temp\wow-4.2.1.2727-enus-tools-downloader.exe |
"TCP Query User{B0DB6870-1281-4A69-ABB1-450A2B1258CC}C:\program files\mytunesrss\data\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\mytunesrss\data\jre\bin\javaw.exe |
"TCP Query User{B339C977-B866-4B8D-964B-57CC68CFD047}C:\program files\rhapsody\rhapsody.exe" = protocol=6 | dir=in | app=c:\program files\rhapsody\rhapsody.exe |
"TCP Query User{BA284651-D853-46DB-9C06-69AA0B5C2C5F}C:\program files\java\jre1.6.0_05\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre1.6.0_05\bin\javaw.exe |
"TCP Query User{D674F884-823D-4B69-B0C9-B6841BCC85A7}C:\program files\atari-infogrames\monopoly tycoon\mc.exe" = protocol=6 | dir=in | app=c:\program files\atari-infogrames\monopoly tycoon\mc.exe |
"TCP Query User{DD1C1CF7-D305-42CB-AF86-ABB3AC0789A6}C:\program files\playonline\squareenix\playonlineviewer\pol.exe" = protocol=6 | dir=in | app=c:\program files\playonline\squareenix\playonlineviewer\pol.exe |
"TCP Query User{F1C6462E-9981-40B0-819B-052CDFFB4E6C}C:\program files\world of warcraft\wow-4.2.1.2736-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\program files\world of warcraft\wow-4.2.1.2736-enus-tools-downloader.exe |
"UDP Query User{03008CFF-0DE1-47B5-B771-D87428127545}C:\program files\mytunesrss\data\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\mytunesrss\data\jre\bin\javaw.exe |
"UDP Query User{30CF7832-6C8A-4C2B-AE51-C8D25830F9B7}C:\program files\rhapsody\rhapsody.exe" = protocol=17 | dir=in | app=c:\program files\rhapsody\rhapsody.exe |
"UDP Query User{583E2846-5CAB-48B6-A50C-31E2CB3C1749}C:\program files\world of warcraft\temp\wow-4.2.1.2730-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\program files\world of warcraft\temp\wow-4.2.1.2730-enus-tools-downloader.exe |
"UDP Query User{635C4581-1C12-4599-8BC4-1A4878CFFE64}C:\program files\java\jre1.6.0_05\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre1.6.0_05\bin\javaw.exe |
"UDP Query User{693D3A7C-6ED4-40CB-B293-8199BF62DD7A}C:\program files\atari-infogrames\monopoly tycoon\mc.exe" = protocol=17 | dir=in | app=c:\program files\atari-infogrames\monopoly tycoon\mc.exe |
"UDP Query User{6E9A256C-7F7D-4938-8279-35381FA1613F}C:\program files\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=c:\program files\world of warcraft\backgrounddownloader.exe |
"UDP Query User{7ED469D6-3C35-4FB6-BA12-F890F326415E}C:\program files\world of warcraft\wow-4.2.1.2736-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\program files\world of warcraft\wow-4.2.1.2736-enus-tools-downloader.exe |
"UDP Query User{8986C44A-E3CD-4B8E-9749-A7367513D942}C:\program files\world of warcraft\temp\wow-4.2.1.2727-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\program files\world of warcraft\temp\wow-4.2.1.2727-enus-tools-downloader.exe |
"UDP Query User{E09D389C-903B-4681-853B-B0148547F728}C:\program files\playonline\squareenix\playonlineviewer\pol.exe" = protocol=17 | dir=in | app=c:\program files\playonline\squareenix\playonlineviewer\pol.exe |
"UDP Query User{E7983AEC-FF55-494D-8ED6-31BD2A3B35D0}C:\program files\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\program files\warcraft iii\war3.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{019F4D2E-1FAC-4EC0-8C80-21AABACAC73F}_is1" = PrestoKeys version 0.43
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0D2E9DCB-9938-475E-B4DD-8851738852FF}" = AIO_Scan
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation®Store
"{0FB242C4-0C1A-4AB9-B470-027A4337DFCD}" = Academagia
"{11AE6807-50D2-4F59-82B3-2C3E695E94C2}" = NVIDIA PhysX v8.05.26
"{12093705-CD84-20BF-F9A6-10AE07111754}" = Daily Language Review, 2 Trial
"{167A1F6A-9BF2-4B24-83DB-C6D659F680EA}" = Media Go
"{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan
"{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1E8EB086-AE5F-45F6-887C-E5178868290F}" = Living Cookbook 2011
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20556CF2-5506-4965-A0C2-A70B66FB01B1}_is1" = Hello Kitty Online POD Installer
"{23157413-FB7F-404D-B558-F33B9827F579}" = Minimem
"{2614F54E-A828-49FA-93BA-45A3F756BFAA}" = 32 Bit HP CIO Components Installer
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java™ 6 Update 30
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{29899C36-173D-4E3B-9B82-64A0D4E15962}" = World of Warcraft Model Viewer 32-bit
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java™ 6 Update 5
"{361AA6F2-124E-4E98-9402-83B1445B8448}" = GameSpy Comrade
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{49F2B650-2D7B-4F59-B33D-346F63776BD3}" = DocProc
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B}" = Microsoft Security Client
"{5D5637DD-DCBC-4DA7-A505-14528039F5DF}" = Rocket Piano Bonus Software
"{5E6D6161-5509-4f55-9372-1E01792F843A}" = F300_Help
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{612F4E20-3661-4D44-AD79-823F1B613FB3}" = HP Update
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-wildgames" = WildTangent Games App
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7350328A-8CAF-4E1F-00A0-CC6262B6CF75}" = Fairy Godmother Tycoon
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{779DECD7-E072-4B56-9B6B-BEB5973EEEB5}" = MobileMe Control Panel
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{79E914E8-0264-37B4-825D-FC79A793BAEE}" = ATI Catalyst Install Manager
"{7A7DC702-DEDE-42A8-8722-B3BA724D546F}" = Fax
"{7B2A623E-AF79-4C51-9843-62C0C5D45F74}_is1" = Shop'NCook Menu version 4.0.14
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7D62ABA3-35EC-623E-2C5F-1B3332CB705B}" = Media Go Video Playback Engine 1.64.102.02270
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = eMachines Recovery Management
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83BEEFB4-8C28-4F4F-8A9D-E0D1ADCE335B}" = The Sims Medieval
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{87A3CC29-191B-AB49-07F1-8364D358138E}" = Write or Die Desktop Edition
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo Layers Runtime 1.10.01
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001C-0409-0000-0000000FF1CE}" = Microsoft Office Access Runtime (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-001C-0409-0000-0000000FF1CE}" = Microsoft Office Access Runtime MUI (English) 2010
"{90140000-001C-0409-0000-0000000FF1CE}_Office14.AccessRT_{FF0EF2BE-3400-4E0C-BE30-6D04441CE0ED}" = Microsoft Access 2010 Runtime Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.AccessRT_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.AccessRT_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch
"{975C3A93-2491-3D44-A071-F6CBF153E46D}" = Google Talk Plugin
"{978C25EE-5777-46e4-8988-732C297CBDBD}" = Status
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B1FD9CE-0776-4f0b-A6F5-C6AB7B650CDF}" = Destinations
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1" = PDF-Viewer
"{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter
"{A3B7C670-4A1E-4EE2-950E-C875BC1965D0}" = Copy
"{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}" = Windows 7 Upgrade Advisor
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3)
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.8.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation®Network Downloader
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = The Sims™ 3 World Adventures
"{BE2CC4A5-2128-4EA2-941D-14F7A6A1AB61}" = Digital Media Reader
"{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm
"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5
"{BF5EE349-90CD-4422-A43B-661778180173}" = USB Disk Win98 Driver
"{C5828861-B97B-4037-995C-C65E9CC13A3B}" = Sound Blaster Audigy
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}" = HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B
"{C9C641B6-DB5C-4C84-B6C9-9540388DA0DA}" = WebMeeting Plug-in
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB84F0F2-927B-458D-9DC5-87832E3DC653}" = GearDrvs
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{CD095458-EFF3-46CB-8BE4-DC1675FB8B49}" = Relentless Software Prerequisites
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D647F06F-2908-487E-9CDA-DE52148CBF49}" = OverDrive Media Console
"{DA0A12C2-D7F5-41AE-8D61-8CF29D6F2116}" = Math Resource Studio
"{DD1E51DF-C3C0-400C-A0D7-C67DB49C9D9C}" = RingtoneJunkiez Desktop
"{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport
"{E09575B2-498D-4C8B-A9D2-623F78574F29}" = AIO_CDB_Software
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext
"{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
"{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}" = HPSSupply
"{F1568757-E564-4cb5-8980-9333119A4384}" = F300
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F6AC5364-2FB7-437a-811A-D645F22AA6AC}" = F300Trb
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"{FF075778-6E50-47ed-991D-3B07FD4E3250}" = TrayApp
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 9.20
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Agere Systems Soft Modem" = Agere Systems PCI-SV92PP Soft Modem
"ALchemy" = Creative ALchemy
"AudioCS" = Creative Audio Control Panel
"BFG-Burger Island 2 - The Missing Ingredients" = Burger Island 2: The Missing Ingredients
"BFGC" = Big Fish Games: Game Manager
"BFG-Grave Mania - Undead Fever" = Grave Mania: Undead Fever
"BFG-Hells Kitchen" = [bleep]'s Kitchen
"BFG-Kingdom Chronicles Collector's Edition" = Kingdom Chronicles Collector's Edition
"BFG-Kitchen Brigade" = Kitchen Brigade
"BFG-Life Quest" = Life Quest ™
"BFG-Life Quest 2 - Metropoville" = Life Quest&reg; 2: Metropoville
"BFG-Magic Farm 2" = Magic Farm 2
"BFG-My Life Story - Adventures" = My Life Story: Adventures
"BFG-Potion Bar" = Potion Bar
"BFG-Puzzle Quest 2" = Puzzle Quest 2
"BFG-Spooky Mall" = Spooky Mall
"BFG-Top Chef" = Top Chef
"BFG-Trade Mania" = Trade Mania
"BFG-Weather Lord" = Weather Lord
"BFG-Yummy Drink Factory" = Yummy Drink Factory
"Cake Mania 3" = Cake Mania 3 (remove only)
"com.drwicked.writeordie.WriteorDieDesktop.6612D25620E961818EB6367A60EAB552BE4CD874.1" = Write or Die Desktop Edition
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Creative Sound Blaster Properties" = Creative Sound Blaster Properties
"DailyLanguageReview2.7A6C9FC75A74FD42A1B64635F2403F839033BABE.1" = Daily Language Review, 2 Trial
"Dolce Music Flash Cards_is1" = Dolce Music Flash Cards v3.5
"DriverAgent.exe" = DriverAgent by eSupport.com
"EADM" = EA Download Manager
"ESET Online Scanner" = ESET Online Scanner v3
"Eusing Free Registry Cleaner" = Eusing Free Registry Cleaner
"Eusing Free Registry Defrag" = Eusing Free Registry Defrag
"Game Console - WildGames" = WildTangent ORB Game Console
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Imaging Device Functions" = HP Imaging Device Functions 8.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0
"HPExtendedCapabilities" = HP Customer Participation Program 8.0
"HPOCR" = HP OCR Software 8.0
"InstallShield_{BE2CC4A5-2128-4EA2-941D-14F7A6A1AB61}" = Digital Media Reader
"Kudos 2_is1" = Kudos 2
"Let's Clean Up! Plus" = Let's Clean Up! Plus
"LifeJournal2" = LifeJournal2
"Living Cookbook 2011" = Living Cookbook 2011
"Magic Life_is1" = Magic Life 1.004
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mozilla Thunderbird (7.0.1)" = Mozilla Thunderbird (7.0.1)
"Musicnotes Combined Installer_is1" = Musicnotes Software Suite 1.5.3
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"Office14.AccessRT" = Microsoft Access Runtime 2010
"Open Codecs" = Xiph.Org Open Codecs 0.85.17777
"Quarter Mile Math Levels 1-3 Deluxe" = Quarter Mile Math Levels 1-3 Deluxe
"QuickStores-Toolbar_is1" = QuickStores-Toolbar 1.1.0
"RealPlayer 15.0" = RealPlayer
"RealPlayer 6.0" = RealPlayer
"Runic Games Torchlight" = Torchlight
"SpaceMonger" = SpaceMonger 2.1.1
"Steam App 3590" = Plants vs. Zombies: Game of the Year
"Steam App 70400" = Recettear: An Item Shop's Tale
"SysInfo" = Creative System Information
"SystemRequirementsLab" = System Requirements Lab
"Unlocker" = Unlocker 1.9.0
"Video Voice" = Video Voice 3.0
"Vuze_Remote Toolbar" = Vuze Remote Toolbar
"Warcraft III" = Warcraft III
"WaveStudio 7" = Creative WaveStudio 7
"WebMeeting Plug-in" = WebMeeting Plug-in
"WildTangent wildgames Master Uninstall" = WildTangent Games
"World of Warcraft" = World of Warcraft

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"090215de958f1060" = Curse Client
"Google Chrome" = Google Chrome
"MMOUI Minion Installer" = MMOUI Minion Installer
"MusicManager" = Music Manager
"ProfitUI Reborn Updater" = ProfitUI Reborn Updater
"UnityWebPlayer" = Unity Web Player

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 7/5/2011 2:09:18 PM | Computer Name = fred-PC | Source = WinMgmt | ID = 10
Description =

Error - 7/5/2011 4:43:22 PM | Computer Name = fred-PC | Source = WinMgmt | ID = 10
Description =

Error - 7/5/2011 4:48:33 PM | Computer Name = fred-PC | Source = IMFservice | ID = 0
Description =

Error - 7/5/2011 4:48:33 PM | Computer Name = fred-PC | Source = IMFservice | ID = 0
Description =

Error - 7/5/2011 4:51:27 PM | Computer Name = fred-PC | Source = WinMgmt | ID = 10
Description =

Error - 7/5/2011 4:57:07 PM | Computer Name = fred-PC | Source = WinMgmt | ID = 10
Description =

Error - 7/5/2011 4:59:25 PM | Computer Name = fred-PC | Source = EventSystem | ID = 4609
Description =

Error - 7/5/2011 5:00:32 PM | Computer Name = fred-PC | Source = IMFservice | ID = 0
Description =

Error - 7/5/2011 5:03:02 PM | Computer Name = fred-PC | Source = WinMgmt | ID = 10
Description =

Error - 7/5/2011 5:17:26 PM | Computer Name = fred-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 7/5/2011 5:29:25 PM | Computer Name = fred-PC | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 7/9/2011 6:34:56 PM | Computer Name = fred-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!

Error - 7/9/2011 6:35:00 PM | Computer Name = fred-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!

Error - 7/10/2011 2:59:08 AM | Computer Name = fred-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!

Error - 7/10/2011 2:59:13 AM | Computer Name = fred-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!

Error - 7/10/2011 11:54:28 AM | Computer Name = fred-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!

Error - 7/10/2011 11:54:32 AM | Computer Name = fred-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!

Error - 7/10/2011 4:40:33 PM | Computer Name = fred-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!

Error - 7/10/2011 4:40:37 PM | Computer Name = fred-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!

Error - 7/10/2011 11:30:22 PM | Computer Name = fred-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!

Error - 7/10/2011 11:30:26 PM | Computer Name = fred-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!


< End of report >
  • 0

#12
Tigersmoondiva

Tigersmoondiva

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
Vino's Event Viewer v01c run on Windows Vista in English
Report run at 03/07/2012 1:35:00 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 03/07/2012 6:10:48 PM
Type: Error Category: 0
Event: 46 Source: volmgr
Crash dump initialization failed!

Log: 'System' Date/Time: 03/07/2012 6:10:53 PM
Type: Error Category: 0
Event: 46 Source: volmgr
Crash dump initialization failed!

Log: 'System' Date/Time: 03/07/2012 6:11:00 PM
Type: Error Category: 0
Event: 15016 Source: Microsoft-Windows-HttpEvent
Unable to initialize the security package Kerberos for server side authentication. The data field contains the error number.

Log: 'System' Date/Time: 03/07/2012 6:12:44 PM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The AMPingService service failed to start due to the following error: The system cannot find the path specified.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 03/07/2012 6:10:13 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 03/07/2012 6:11:07 PM
Type: Warning Category: 0
Event: 2511 Source: Server
The server service was unable to recreate the share Turbine Download Manager because the directory C:\Program Files\Turbine\Turbine Download Manager no longer exists. Please run "net share Turbine Download Manager /delete" to delete the share, or recreate the directory C:\Program Files\Turbine\Turbine Download Manager.

Log: 'System' Date/Time: 03/07/2012 6:11:07 PM
Type: Warning Category: 0
Event: 2511 Source: Server
The server service was unable to recreate the share raw because the directory C:\Program Files\Turbine\The Lord of the Rings Online\raw no longer exists. Please run "net share raw /delete" to delete the share, or recreate the directory C:\Program Files\Turbine\The Lord of the Rings Online\raw.

Log: 'System' Date/Time: 03/07/2012 6:11:07 PM
Type: Warning Category: 0
Event: 2511 Source: Server
The server service was unable to recreate the share en2 because the directory C:\Program Files\Turbine\The Lord of the Rings Online\raw\en no longer exists. Please run "net share en2 /delete" to delete the share, or recreate the directory C:\Program Files\Turbine\The Lord of the Rings Online\raw\en.

Log: 'System' Date/Time: 03/07/2012 6:11:07 PM
Type: Warning Category: 0
Event: 2511 Source: Server
The server service was unable to recreate the share Licenses because the directory C:\Program Files\Turbine\The Lord of the Rings Online\en\Licenses no longer exists. Please run "net share Licenses /delete" to delete the share, or recreate the directory C:\Program Files\Turbine\The Lord of the Rings Online\en\Licenses.

Log: 'System' Date/Time: 03/07/2012 6:11:08 PM
Type: Warning Category: 0
Event: 2511 Source: Server
The server service was unable to recreate the share chrome because the directory C:\Program Files\Turbine\The Lord of the Rings Online\browser\chrome no longer exists. Please run "net share chrome /delete" to delete the share, or recreate the directory C:\Program Files\Turbine\The Lord of the Rings Online\browser\chrome.

Log: 'System' Date/Time: 03/07/2012 6:11:08 PM
Type: Warning Category: 0
Event: 2511 Source: Server
The server service was unable to recreate the share components because the directory C:\Program Files\Turbine\The Lord of the Rings Online\browser\components no longer exists. Please run "net share components /delete" to delete the share, or recreate the directory C:\Program Files\Turbine\The Lord of the Rings Online\browser\components.

Log: 'System' Date/Time: 03/07/2012 6:11:08 PM
Type: Warning Category: 0
Event: 2511 Source: Server
The server service was unable to recreate the share plugins because the directory C:\Program Files\Turbine\The Lord of the Rings Online\browser\plugins no longer exists. Please run "net share plugins /delete" to delete the share, or recreate the directory C:\Program Files\Turbine\The Lord of the Rings Online\browser\plugins.

Log: 'System' Date/Time: 03/07/2012 6:11:08 PM
Type: Warning Category: 0
Event: 2511 Source: Server
The server service was unable to recreate the share dtd because the directory C:\Program Files\Turbine\The Lord of the Rings Online\browser\res\dtd no longer exists. Please run "net share dtd /delete" to delete the share, or recreate the directory C:\Program Files\Turbine\The Lord of the Rings Online\browser\res\dtd.

Log: 'System' Date/Time: 03/07/2012 6:11:08 PM
Type: Warning Category: 0
Event: 2511 Source: Server
The server service was unable to recreate the share entityTables because the directory C:\Program Files\Turbine\The Lord of the Rings Online\browser\res\entityTables no longer exists. Please run "net share entityTables /delete" to delete the share, or recreate the directory C:\Program Files\Turbine\The Lord of the Rings Online\browser\res\entityTables.

Log: 'System' Date/Time: 03/07/2012 6:11:08 PM
Type: Warning Category: 0
Event: 2511 Source: Server
The server service was unable to recreate the share fonts because the directory C:\Program Files\Turbine\The Lord of the Rings Online\browser\res\fonts no longer exists. Please run "net share fonts /delete" to delete the share, or recreate the directory C:\Program Files\Turbine\The Lord of the Rings Online\browser\res\fonts.
  • 0

#13
Tigersmoondiva

Tigersmoondiva

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
Vino's Event Viewer v01c run on Windows Vista in English
Report run at 03/07/2012 1:37:23 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 03/07/2012 6:12:43 PM
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 03/07/2012 6:10:03 PM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 5 user registry handles leaked from \Registry\User\S-1-5-21-1286577877-1167854462-976776892-1000:
Process 1260 (\Device\HarddiskVolume2\Windows\System32\spoolsv.exe) has opened key \REGISTRY\USER\S-1-5-21-1286577877-1167854462-976776892-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings
Process 1260 (\Device\HarddiskVolume2\Windows\System32\spoolsv.exe) has opened key \REGISTRY\USER\S-1-5-21-1286577877-1167854462-976776892-1000\Software\Policies
Process 1260 (\Device\HarddiskVolume2\Windows\System32\spoolsv.exe) has opened key \REGISTRY\USER\S-1-5-21-1286577877-1167854462-976776892-1000\Software\Policies
Process 1260 (\Device\HarddiskVolume2\Windows\System32\spoolsv.exe) has opened key \REGISTRY\USER\S-1-5-21-1286577877-1167854462-976776892-1000\Software
Process 1260 (\Device\HarddiskVolume2\Windows\System32\spoolsv.exe) has opened key \REGISTRY\USER\S-1-5-21-1286577877-1167854462-976776892-1000\Software


Log: 'Application' Date/Time: 03/07/2012 6:10:04 PM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 1 user registry handles leaked from \Registry\User\S-1-5-21-1286577877-1167854462-976776892-1000_Classes:
Process 1260 (\Device\HarddiskVolume2\Windows\System32\spoolsv.exe) has opened key \REGISTRY\USER\S-1-5-21-1286577877-1167854462-976776892-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
  • 0

#14
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,002 posts
  • MVP
When you finish with the other stuff:

Clear the Java Cache by following the instructions on
http://www.java.com/...lugin_cache.xml

You do not have the latest Java.
First go into Control Panel, Add/Remove Software and remove any old versions (which may call themselves: Java Runtime, Runtime Environment, Runtime, JRE, Java Virtual Machine, Virtual Machine, Java VM, JVM, VM, J2RE, J2SE)
I see:
Java™ 6 Update 30
Java™ 6 Update 5

Get the latest Java at:
http://www.java.com/en/

Save it to your PC then close all browsers and install it. Do not let it install the yahoo toolbar or other foistware.


Uninstall

Vuze Remote Toolbar
Malwarebytes Anti-Malware (so it won't interfere)

Copy the text in the code box by highlighting and Ctrl + c

:OTL
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No CLSID value found.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk - - File not found
MsConfig - StartUpFolder: C:^Users^fred^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CurseClientStartup.ccip - Reg Error: Value error. - File not found
MsConfig - StartUpReg: Windows Defender - hkey= - key= - File not found
[2009/06/09 16:02:28 | 000,000,000 | -H-- | C] () -- C:\ProgramData\pjwllw

:files
sc config osppsvc start= disabled /c
sc config AMPingService start= disabled /c
sc config SmartDefragDriver start= disabled /c
net share Turbine Download Manager /delete /c
net share raw /delete /c
net share en2 /delete /c
net share Licenses /delete /c
net share chrome /delete /c
net share components /delete /c
net share plugins /delete /c
net share dtd /delete /c
net share entityTables /delete /c
net share fonts /delete /c
net start /c

:reg
[-HKEY_CURRENT_USER\SOFTWARE\Classes\.bat]
[-HKEY_CURRENT_USER\SOFTWARE\Classes\.html]
     
:Commands
[EMPTYTEMP]
[Reboot]


then Rightclick on OTL and select Run As Administrator to start. Under the Custom Scans/Fixes box at the bottom, paste (ctrl +v) the text. Verify that you got it all and Then click the RUN FIX button (NOT THE QUICK SCAN button!) at the top
Let the program run unhindered, OTL will reboot the PC when it is done. Please save the log and copy and paste it into a reply.
  • 0

#15
Tigersmoondiva

Tigersmoondiva

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
07/03/2012 13:57
Scan of all local drives

File C:\Users\fred\AppData\Roaming\Thunderbird\Profiles\2z6iqck3.default\ImapMail\mail.cableone.net\INBOX.sbd\Spam|>Resume.html#1539132677 is infected by JS:ScriptPE-inf [Trj], Moved to chest
File C:\Users\fred\Desktop\rocketpiano\book 1.zip|>track68.mp3 Error 42125 {ZIP archive is corrupted.}
Number of searched folders: 29700
Number of tested files: 666880
Number of infected files: 1
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP