Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

0i763f66bz problem [Solved]


  • This topic is locked This topic is locked

#1
finn the human

finn the human

    New Member

  • Member
  • Pip
  • 8 posts
I have problem with starting my McAfee Internet Security 2011 after I allowed 0i763f66bz.exe to run. At first I deny it many times but it kept asking me for permission. I uninstalled the McAfee and try to install Kaspersky Internet Security but the setup end with an error. I also run Kaspersky Virus Removal Tool in safe mode but still no solution. I have run Malwarebytes but no threat detected. I found 0i763f66bz.exe in C:\Users\Lelouch and try to delete it but can't. Can somebody help me with this problem?

OTL logfile created on: 7/11/2012 10:35:10 AM - Run 1
OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\Lelouch\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Malaysia | Language: ENM | Date Format: d/M/yyyy

3.91 Gb Total Physical Memory | 1.36 Gb Available Physical Memory | 34.82% Memory free
7.82 Gb Paging File | 5.26 Gb Available in Paging File | 67.34% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451.01 Gb Total Space | 45.48 Gb Free Space | 10.08% Space Free | Partition Type: NTFS

Computer Name: LELOUCH-PC | User Name: Lelouch | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/07/11 10:20:05 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Lelouch\Desktop\OTL.exe
PRC - [2012/06/19 10:17:38 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/01/03 05:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/10/29 10:08:38 | 000,066,872 | ---- | M] () -- C:\WINDOWS\SysWOW64\PnkBstrA.exe
PRC - [2011/10/15 16:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011/10/15 00:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011/10/01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011/10/01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011/07/25 12:40:56 | 004,766,000 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Users\Lelouch\Desktop\Application\procexp.exe
PRC - [2010/11/18 01:53:16 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2010/11/06 12:54:22 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/11/06 12:54:20 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/11/04 01:01:20 | 001,298,496 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
PRC - [2010/11/04 00:53:28 | 000,897,088 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2010/11/04 00:53:06 | 000,979,008 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
PRC - [2010/11/02 11:40:30 | 002,006,664 | ---- | M] (Sensible Vision ) -- C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe
PRC - [2010/11/02 11:40:30 | 000,093,832 | ---- | M] (Sensible Vision ) -- C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
PRC - [2010/11/02 11:40:28 | 002,428,552 | ---- | M] (Sensible Vision ) -- C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe
PRC - [2010/10/06 10:04:12 | 002,655,768 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/10/06 10:04:08 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010/08/21 07:53:08 | 000,689,472 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
PRC - [2010/08/20 10:55:14 | 000,320,888 | ---- | M] (BUFFALO INC.) -- C:\Program Files (x86)\BUFFALO\Backup_Utility\BUService.exe
PRC - [2010/08/20 07:06:56 | 000,487,562 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
PRC - [2010/08/12 07:19:16 | 000,781,536 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
PRC - [2010/03/12 15:43:38 | 000,241,808 | ---- | M] (Paltiosoft Inc.) -- C:\Program Files (x86)\SoftDenchi\UCManSvc.exe
PRC - [2010/01/12 02:20:48 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2003/02/18 13:19:14 | 000,294,400 | ---- | M] (Shatran Software) -- C:\Program Files (x86)\Quick ShutDown\qsd.exe


========== Modules (No Company Name) ==========

MOD - [2012/06/19 10:17:38 | 002,042,848 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012/05/18 10:10:03 | 008,797,856 | ---- | M] () -- C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
MOD - [2012/03/31 07:14:34 | 000,475,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\251ae14b51abbfbc5d5a3d418526d7ac\IAStorUtil.ni.dll
MOD - [2012/03/31 06:23:56 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\4285494d2a70dde955020e91b104e525\System.Runtime.Remoting.ni.dll
MOD - [2012/03/31 06:23:29 | 012,431,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\499d73aafa1d12f66c8e265cb00ae596\System.Windows.Forms.ni.dll
MOD - [2012/03/31 06:23:22 | 001,586,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\92ff0a8c79973fbb85c8c7622d293f69\System.Drawing.ni.dll
MOD - [2012/03/31 06:23:10 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\7c538356f30fb0301a6cbe473c6762b4\WindowsBase.ni.dll
MOD - [2012/03/31 06:23:04 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\8478d93bcac19dc38fbb88d5c7c2a705\System.Xml.ni.dll
MOD - [2012/03/31 06:23:01 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2622a07a9014f6ab8c1335c1f5cddfe2\System.Configuration.ni.dll
MOD - [2012/03/31 06:23:00 | 007,952,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\04d66ef176cc7db8a44aaa7a86c188c6\System.ni.dll
MOD - [2011/10/30 06:31:47 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\7d5d2d3b4bc35f65178021474ff3d1fc\IAStorCommon.ni.dll
MOD - [2011/10/29 14:59:08 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\1ec9ca97505278a1f18ce928f0ab6d7f\mscorlib.ni.dll
MOD - [2011/10/15 00:54:26 | 000,265,536 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
MOD - [2010/11/30 10:04:00 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll
MOD - [2010/11/02 11:40:34 | 000,087,176 | ---- | M] () -- C:\WINDOWS\SysWOW64\FAIEExtension.dll
MOD - [2010/11/02 11:40:30 | 000,057,480 | ---- | M] () -- C:\WINDOWS\SysWOW64\FAib.dll
MOD - [2010/11/02 11:40:24 | 000,248,968 | ---- | M] () -- C:\WINDOWS\SysWOW64\FACrashRpt.dll
MOD - [2010/08/12 07:19:34 | 000,077,024 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\zlib1.dll
MOD - [2010/08/12 07:19:32 | 000,109,792 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STPE.dll
MOD - [2010/08/12 07:19:32 | 000,072,928 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STRegistry.dll
MOD - [2010/08/12 07:19:30 | 000,232,672 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STFiles.dll
MOD - [2010/08/12 07:19:30 | 000,126,176 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STLog.dll
MOD - [2010/08/12 07:19:30 | 000,119,008 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STNLS.dll
MOD - [2010/08/12 07:19:26 | 001,121,504 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\libxml2.dll
MOD - [2010/08/12 07:19:16 | 000,781,536 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
MOD - [2009/05/05 19:10:56 | 000,327,168 | ---- | M] () -- C:\Program Files (x86)\WideCap\widecapdrv.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - File not found [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe /McCoreSvc -- (McMPFSvc)
SRV:64bit: - [2012/07/11 06:46:32 | 000,073,688 | ---- | M] () [Unknown (-1) | Unknown] -- C:\Windows\SysNative\drivers\f76e332751cf096b.sys -- (f76e332751cf096b)
SRV:64bit: - [2011/12/14 12:46:50 | 000,035,648 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2011/08/13 18:09:32 | 001,844,224 | ---- | M] (Proxy Labs) [Disabled | Stopped] -- C:\Program Files\Proxy Labs\ProxyCap\pcapsvc.exe -- (pcapsvc)
SRV:64bit: - [2011/01/21 19:47:52 | 000,296,448 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2010/12/18 03:41:32 | 001,515,792 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel®
SRV:64bit: - [2010/12/18 03:28:46 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2010/12/18 03:26:50 | 000,836,880 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel®
SRV:64bit: - [2010/11/30 04:00:56 | 000,149,504 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost) Intel®
SRV:64bit: - [2010/09/23 07:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/01/12 02:20:48 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV:64bit: - [2009/07/14 09:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/03/03 18:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV - [2012/06/19 10:17:38 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/01/03 05:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/12/14 12:47:00 | 002,123,584 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011/12/14 12:46:50 | 000,028,992 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2011/10/29 10:08:38 | 000,066,872 | ---- | M] () [Auto | Running] -- C:\WINDOWS\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011/10/15 16:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011/10/15 00:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011/10/01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010/11/25 18:34:18 | 000,219,632 | ---- | M] (Sonic Solutions) [Disabled | Stopped] -- c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe -- (RoxWatch12)
SRV - [2010/11/25 18:33:18 | 001,116,656 | ---- | M] (Sonic Solutions) [Disabled | Stopped] -- c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM)
SRV - [2010/11/06 12:54:22 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel®
SRV - [2010/11/04 01:01:20 | 001,298,496 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service)
SRV - [2010/11/04 00:53:28 | 000,897,088 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2010/11/02 11:40:28 | 002,428,552 | ---- | M] (Sensible Vision ) [Auto | Running] -- C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe -- (FAService)
SRV - [2010/10/06 10:04:12 | 002,655,768 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®
SRV - [2010/10/06 10:04:08 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®
SRV - [2010/08/26 09:28:54 | 002,823,000 | ---- | M] (Dell, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe -- (NOBU)
SRV - [2010/08/21 07:53:08 | 000,689,472 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService)
SRV - [2010/08/20 10:55:14 | 000,320,888 | ---- | M] (BUFFALO INC.) [Auto | Running] -- C:\Program Files (x86)\BUFFALO\Backup_Utility\BUService.exe -- (BFBackupUtilityService)
SRV - [2010/04/28 12:17:02 | 000,359,288 | ---- | M] (BUFFALO INC.) [Auto | Running] -- C:\Program Files (x86)\BUFFALO\Backup_Utility\BUVSSService64.exe -- (BFBackupUtilityVSSService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/12 15:43:38 | 000,241,808 | ---- | M] (Paltiosoft Inc.) [Auto | Running] -- C:\Program Files (x86)\SoftDenchi\UCManSvc.exe -- (UCManSvc)
SRV - [2009/07/13 01:08:04 | 000,024,168 | ---- | M] (The Within Network, LLC) [Auto | Running] -- C:\WINDOWS\UnsignedThemesSvc.exe -- (UnsignedThemes)
SRV - [2009/06/11 05:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/07/11 06:46:32 | 000,073,688 | ---- | M] () [Unknown (-1) | Unknown (-1) | Unknown] -- C:\Windows\SysNative\drivers\f76e332751cf096b.sys -- (f76e332751cf096b)
DRV:64bit: - [2012/04/03 14:56:21 | 000,283,200 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012/04/03 14:47:11 | 000,564,792 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\sptd.sys -- (sptd)
DRV:64bit: - [2011/10/15 16:53:00 | 000,249,152 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\nvkflt.sys -- (nvkflt)
DRV:64bit: - [2011/10/15 16:53:00 | 000,028,992 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2011/10/01 08:30:22 | 000,022,376 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011/10/01 08:30:18 | 000,268,648 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011/10/01 08:30:18 | 000,025,960 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011/10/01 08:30:10 | 000,764,264 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011/08/03 15:20:38 | 000,027,848 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\vproiah.sys -- (vproiah)
DRV:64bit: - [2011/07/13 14:22:00 | 000,072,016 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\bftpdskc64.sys -- (bftpdskc64)
DRV:64bit: - [2011/07/08 07:21:28 | 000,174,184 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011/07/06 23:14:42 | 000,145,008 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\idmwfp.sys -- (IDMWFP)
DRV:64bit: - [2011/07/01 17:46:40 | 000,031,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\tap0901.sys -- (tap0901)
DRV:64bit: - [2011/01/21 19:47:52 | 000,520,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\stwrt64.sys -- (STHDA)
DRV:64bit: - [2011/01/16 00:21:04 | 000,036,352 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\VClone.sys -- (VClone)
DRV:64bit: - [2011/01/08 09:42:34 | 012,262,688 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/12/21 22:08:48 | 008,505,856 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\NETwNs64.sys -- (NETwNs64) ___ Intel®
DRV:64bit: - [2010/12/11 05:50:36 | 000,181,248 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010/12/11 05:50:36 | 000,080,384 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010/12/04 06:32:24 | 000,316,024 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2010/12/01 18:02:22 | 000,042,392 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\WDKMD.sys -- (wdkmd)
DRV:64bit: - [2010/11/30 04:00:04 | 000,016,120 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\TurboB.sys -- (TurboB)
DRV:64bit: - [2010/11/23 00:41:08 | 000,167,920 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\c2scsi64.sys -- (c2scsi64)
DRV:64bit: - [2010/11/06 12:45:48 | 000,438,808 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/11/04 18:07:06 | 000,058,128 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\btmaux.sys -- (btmaux)
DRV:64bit: - [2010/11/04 16:31:44 | 000,059,904 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\iBtFltCoex.sys -- (iBtFltCoex)
DRV:64bit: - [2010/10/30 08:11:42 | 000,250,984 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/10/27 03:08:08 | 000,406,632 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/10/21 15:47:12 | 000,020,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bftpusbx64.sys -- (bftpusbx64)
DRV:64bit: - [2010/10/20 07:12:58 | 000,274,432 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\btmhsf.sys -- (btmhsf)
DRV:64bit: - [2010/09/21 22:59:38 | 000,056,344 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\HECIx64.sys -- (MEIx64) Intel®
DRV:64bit: - [2010/08/12 23:51:30 | 000,175,168 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2010/07/31 07:36:38 | 000,025,072 | ---- | M] () [Kernel | On_Demand | Stopped] -- c:\program files\dell support center\pcdsrvc_x64.pkms -- (PCDSRVC{1E208CE0-FB7451FF-06020101}_0)
DRV:64bit: - [2010/07/02 01:11:24 | 000,012,352 | ---- | M] () [Kernel | "Start" not found. | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV:64bit: - [2010/05/12 16:37:32 | 000,107,912 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\amdsata.sys -- (amdsata)
DRV:64bit: - [2010/05/12 16:37:32 | 000,027,016 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/03/19 16:00:00 | 000,055,856 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010/03/10 10:30:00 | 000,047,232 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\BFRD4G.sys -- (BFRD4G)
DRV:64bit: - [2009/07/14 09:52:20 | 000,194,128 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 09:48:04 | 000,065,600 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 09:47:48 | 000,077,888 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/14 09:47:48 | 000,023,104 | ---- | M] () [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009/07/14 09:45:55 | 000,024,656 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 01:09:20 | 000,030,568 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\uxpatch.sys -- (uxpatch)
DRV:64bit: - [2009/06/11 04:35:33 | 000,389,120 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/06/11 04:34:33 | 003,286,016 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/11 04:34:28 | 000,468,480 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/11 04:34:23 | 000,270,848 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/11 04:31:59 | 000,031,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/02/24 18:35:44 | 000,255,552 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\mcdbus.sys -- (mcdbus)
DRV:64bit: - [2008/09/25 09:36:14 | 000,238,848 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\facap.sys -- (FACAP)
DRV:64bit: - [2006/11/02 01:51:00 | 000,151,656 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wimfltr.sys -- (WimFltr)
DRV - [2012/04/15 06:57:30 | 000,002,368 | ---- | M] (AntiCracking) [Kernel | Auto | Stopped] -- C:\WINDOWS\SysWOW64\STEC3.sys -- (STEC3)
DRV - [2009/07/14 09:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}: "URL" = http://www.bing.com/...rc=IE-SearchBox


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3405665497-2748038552-3055002692-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3405665497-2748038552-3055002692-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-3405665497-2748038552-3055002692-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3405665497-2748038552-3055002692-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://inm.startya.c...=575&country=MY
IE - HKU\S-1-5-21-3405665497-2748038552-3055002692-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www1.ap.dell....c=my&l=en&s=gen
IE - HKU\S-1-5-21-3405665497-2748038552-3055002692-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3405665497-2748038552-3055002692-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-3405665497-2748038552-3055002692-1001\..\SearchScopes\{32F9BA74-B3CA-4441-9A16-E7E7C6EC4183}: "URL" = http://malaysia.sear...p={searchTerms}
IE - HKU\S-1-5-21-3405665497-2748038552-3055002692-1001\..\SearchScopes\{A89CA510-D2CE-B184-4A81-8F61AD65D953}: "URL" = http://inm.startya.c...o&cfg=2-575-0-0
IE - HKU\S-1-5-21-3405665497-2748038552-3055002692-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..keyword.URL: "http://www.google.co...-8&oe=utf-8&q="
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_235.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@iahgames.com/prodown: C:\Program Files (x86)\IAHgames\Playfast\npiahpd.dll (RSJ Software GmbH)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@rsj.de/prodown: File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Lelouch\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Lelouch\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Lelouch\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso\ [2011/03/30 17:08:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/19 10:17:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/17 23:10:30 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\Lelouch\AppData\Roaming\IDM\idmmzcc5 [2011/11/27 07:04:03 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/19 10:17:39 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/17 23:10:30 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\[email protected]: C:\Users\Lelouch\AppData\Roaming\IDM\idmmzcc5 [2011/11/27 07:04:03 | 000,000,000 | ---D | M]

[2011/06/26 09:48:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lelouch\AppData\Roaming\Mozilla\Extensions
[2012/07/04 18:44:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lelouch\AppData\Roaming\Mozilla\Firefox\Profiles\hhq0uue9.default\extensions
[2011/11/27 10:08:46 | 000,000,000 | ---D | M] (Cookies Manager+) -- C:\Users\Lelouch\AppData\Roaming\Mozilla\Firefox\Profiles\hhq0uue9.default\extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25d}
[2012/07/11 06:50:46 | 000,001,398 | ---- | M] () -- C:\Users\Lelouch\AppData\Roaming\Mozilla\Firefox\Profiles\hhq0uue9.default\searchplugins\sankaku-channel.xml
[2011/06/26 11:22:52 | 000,001,056 | ---- | M] () -- C:\Users\Lelouch\AppData\Roaming\Mozilla\Firefox\Profiles\hhq0uue9.default\searchplugins\yahoo-zugo.xml
[2012/03/19 20:55:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/08/29 00:16:31 | 000,000,000 | ---D | M] (QuickStores-Toolbar) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
[2011/07/17 22:47:13 | 000,097,169 | ---- | M] () (No name found) -- C:\USERS\LELOUCH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HHQ0UUE9.DEFAULT\EXTENSIONS\{3D7EB24F-2740-49DF-8937-200B1CC08F8A}.XPI
[2012/05/27 20:21:56 | 000,258,567 | ---- | M] () (No name found) -- C:\USERS\LELOUCH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HHQ0UUE9.DEFAULT\EXTENSIONS\{46551EC9-40F0-4E47-8E18-8E5CF550CFB8}.XPI
[2012/03/23 23:38:44 | 000,049,303 | ---- | M] () (No name found) -- C:\USERS\LELOUCH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HHQ0UUE9.DEFAULT\EXTENSIONS\{4C7097F7-08F2-4EF2-9B9F-F95FA4CBB064}.XPI
[2011/07/03 15:41:22 | 000,059,893 | ---- | M] () (No name found) -- C:\USERS\LELOUCH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HHQ0UUE9.DEFAULT\EXTENSIONS\{792BDDFE-2E7C-42ED-B18D-18154D2761BD}.XPI
[2012/07/04 18:44:26 | 000,743,290 | ---- | M] () (No name found) -- C:\USERS\LELOUCH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HHQ0UUE9.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2012/02/14 18:13:26 | 000,105,380 | ---- | M] () (No name found) -- C:\USERS\LELOUCH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HHQ0UUE9.DEFAULT\EXTENSIONS\[email protected]
[2011/06/26 10:21:26 | 000,330,316 | ---- | M] () (No name found) -- C:\USERS\LELOUCH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HHQ0UUE9.DEFAULT\EXTENSIONS\[email protected]
[2012/06/19 10:17:38 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/04/14 14:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\mozilla firefox\components\Scriptff.dll
[2012/02/20 11:02:34 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011/07/12 05:48:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2012/06/19 10:17:36 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/06/19 10:17:36 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Lelouch\AppData\Local\Google\Chrome\Application\20.0.1132.47\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Lelouch\AppData\Local\Google\Chrome\Application\20.0.1132.47\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Lelouch\AppData\Local\Google\Chrome\Application\20.0.1132.47\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Lelouch\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: IAHGames (Enabled) = C:\Program Files (x86)\IAHgames\Playfast\npiahpd.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Lelouch\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Lelouch\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: McAfee SecurityCenter (Enabled) = c:\progra~2\mcafee\msc\npmcsn~1.dll
CHR - Extension: Mr. Bounce = C:\Users\Lelouch\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajfdmocmkakkkbgcoifcenchgkokpecl\1.0.52_0\
CHR - Extension: Marvel Comics = C:\Users\Lelouch\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjhfaknohpjconjoefidanhihokmkice\1.0.0.0_0\
CHR - Extension: Troll Emoticons = C:\Users\Lelouch\AppData\Local\Google\Chrome\User Data\Default\Extensions\hndllphbhpadfpoikpaofkkkpkpnmjik\4.6.7_0\
CHR - Extension: Curling = C:\Users\Lelouch\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhalnajmigjnpjpdbpkpgfhekbjmolhp\1.0.10_0\
CHR - Extension: Robot Theme, inspired by Android\u2122 = C:\Users\Lelouch\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeljdmeofcikjblcoehpmdnooimalbmj\0.2.2_0\

O1 HOSTS File: ([2009/06/11 05:00:26 | 000,000,824 | ---- | M]) - C:\WINDOWS\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL File not found
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2:64bit: - BHO: (SSOIEAddonBHO Class) - {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files (x86)\Sensible Vision\Fast Access\x64\FAIESSO.dll (Sensible Vision )
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll File not found
O2 - BHO: (AddTask Class) - {6A19C29D-ED45-4483-8999-9F939C8161F2} - C:\Program Files\eREAD6.0\eREAD6.0\WebHook.dll ()
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (SSOIEAddonBHO Class) - {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll (Sensible Vision )
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\WINDOWS\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)
O4:64bit: - HKLM..\Run: [NVHotkey] C:\Windows\SysNative\nvHotkey.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\WINDOWS\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe (Dell, Inc.)
O4 - HKLM..\Run: [Dell Registration] C:\Program Files (x86)\System Registration\prodreg.exe (Dell, Inc.)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [FAStartup] File not found
O4 - HKLM..\Run: [FATrayAlert] C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe (Sensible Vision )
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3405665497-2748038552-3055002692-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3405665497-2748038552-3055002692-1001..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKLM..\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe (Softthinks)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-3405665497-2748038552-3055002692-1000..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Lelouch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Quick ShutDown.lnk = C:\Program Files (x86)\Quick ShutDown\qsd.exe (Shatran Software)
O4 - Startup: C:\Users\Lelouch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_.lnk = C:\Users\Lelouch\AppData\Local\Temp\_uninst_.bat ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8:64bit: - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Windows\SysNative\pcapwsp.dll (Proxy Labs)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - ppcapwsp.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - ppcapwsp.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - ppcapwsp.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - ppcapwsp.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000016 - ppcapwsp.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\WideCap\widecapdrv.dll ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000011 [] - C:\Windows\SysWow64\pcapwsp.dll (Proxy Labs)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - pcapwsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - pcapwsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - pcapwsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - pcapwsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\WideCap\widecapdrv.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\WideCap\widecapdrv.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\WideCap\widecapdrv.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\WideCap\widecapdrv.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files (x86)\WideCap\widecapdrv.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files (x86)\WideCap\widecapdrv.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - pcapwsp.dll File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4671B274-FAEB-4888-BE49-59D743A69CD7}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\WINDOWS\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\WINDOWS\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\WINDOWS\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\FastAccess: DllName - (C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll) - C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll ()
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:64bit: - HKLM IFEO\creator12oem.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\discimageloader12oem.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\nobuclient.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\pcapui.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\prodreg.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\retrieve12oem.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\roxiocentralfx.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\creator12oem.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\discimageloader12oem.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\nobuclient.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\pcapui.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\prodreg.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\retrieve12oem.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\roxiocentralfx.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{4c8fd299-aea5-11e1-8bfc-bc77372f502f}\Shell - "" = AutoRun
O33 - MountPoints2\{4c8fd299-aea5-11e1-8bfc-bc77372f502f}\Shell\AutoRun\command - "" = G:\Install.exe
O33 - MountPoints2\{6c6fcf0d-d619-11e0-b690-bc77372f502f}\Shell - "" = AutoRun
O33 - MountPoints2\{6c6fcf0d-d619-11e0-b690-bc77372f502f}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{6c6fcf20-d619-11e0-b690-bc77372f502f}\Shell - "" = AutoRun
O33 - MountPoints2\{6c6fcf20-d619-11e0-b690-bc77372f502f}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{a4421972-aee2-11e0-a186-bc77372f502f}\Shell - "" = AutoRun
O33 - MountPoints2\{a4421972-aee2-11e0-a186-bc77372f502f}\Shell\AutoRun\command - "" = H:\Windows\CHECK\DriveNavigator.exe
O33 - MountPoints2\{d4fd73f5-d565-11e0-817b-bc77372f502f}\Shell - "" = AutoRun
O33 - MountPoints2\{d4fd73f5-d565-11e0-817b-bc77372f502f}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{d4fd7404-d565-11e0-817b-bc77372f502f}\Shell - "" = AutoRun
O33 - MountPoints2\{d4fd7404-d565-11e0-817b-bc77372f502f}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/07/11 10:19:58 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Lelouch\Desktop\OTL.exe
[2012/07/11 10:09:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/07/11 10:09:47 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/07/11 10:09:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/07/11 10:05:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/07/11 09:24:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2012/06/29 21:14:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ノ「サェタヨ(Sankarea) WINDOWS 7 THEME
[2012/06/24 19:49:04 | 000,000,000 | ---D | C] -- C:\TEATIME
[2012/06/24 08:39:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
[2012/06/24 08:39:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CrystalDiskInfo
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/07/11 10:20:05 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Lelouch\Desktop\OTL.exe
[2012/07/11 10:09:48 | 000,001,075 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/07/11 09:54:43 | 000,013,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/07/11 09:54:43 | 000,013,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/07/11 09:50:00 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3405665497-2748038552-3055002692-1001UA.job
[2012/07/11 09:47:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/07/11 09:47:13 | 3148,218,368 | -HS- | M] () -- C:\hiberfil.sys
[2012/07/11 09:37:12 | 000,000,936 | ---- | M] () -- C:\Users\Lelouch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_.lnk
[2012/07/11 09:29:01 | 000,727,182 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/07/11 09:29:01 | 000,616,254 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/07/11 09:29:01 | 000,106,376 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/07/11 09:04:12 | 142,544,568 | ---- | M] () -- C:\Users\Lelouch\Desktop\setup_11.0.0.1245.x01_2012_07_11_02_52.exe
[2012/07/11 06:46:32 | 000,073,688 | ---- | M] () -- C:\Windows\SysNative\drivers\f76e332751cf096b.sys
[2012/07/11 00:09:48 | 000,038,400 | ---- | M] () -- C:\Users\Lelouch\0i763f66bz.exe
[2012/07/10 00:25:58 | 000,053,380 | ---- | M] () -- C:\Users\Lelouch\Desktop\619s3vspzp.jpg
[2012/07/07 17:48:54 | 013,199,462 | ---- | M] () -- C:\Users\Lelouch\Documents\Katawa_Shoujo_Midwinter_EN.pdf
[2012/07/05 06:02:34 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3405665497-2748038552-3055002692-1001Core.job
[2012/06/16 14:45:22 | 000,002,863 | ---- | M] () -- C:\Users\Lelouch\AppData\Local\recently-used.xbel
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/07/11 10:09:48 | 000,001,075 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/07/11 09:37:12 | 000,000,936 | ---- | C] () -- C:\Users\Lelouch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_.lnk
[2012/07/11 09:21:11 | 142,544,568 | ---- | C] () -- C:\Users\Lelouch\Desktop\setup_11.0.0.1245.x01_2012_07_11_02_52.exe
[2012/07/11 06:46:32 | 000,073,688 | ---- | C] () -- C:\Windows\SysNative\drivers\f76e332751cf096b.sys
[2012/07/11 00:09:48 | 000,038,400 | ---- | C] () -- C:\Users\Lelouch\0i763f66bz.exe
[2012/07/10 00:38:35 | 000,053,380 | ---- | C] () -- C:\Users\Lelouch\Desktop\619s3vspzp.jpg
[2012/07/07 17:48:54 | 013,199,462 | ---- | C] () -- C:\Users\Lelouch\Documents\Katawa_Shoujo_Midwinter_EN.pdf
[2012/06/16 14:45:22 | 000,002,863 | ---- | C] () -- C:\Users\Lelouch\AppData\Local\recently-used.xbel
[2012/03/31 08:41:35 | 000,217,200 | ---- | C] () -- C:\ProgramData\Zl0Mt82b.exe
[2012/03/31 08:41:29 | 000,455,592 | ---- | C] () -- C:\ProgramData\aueif3S8.exe
[2012/03/31 08:41:17 | 000,000,000 | ---- | C] () -- C:\ProgramData\9I2UgDED.exe
[2012/03/31 08:41:17 | 000,000,000 | ---- | C] () -- C:\ProgramData\13V8G8i4.exe
[2012/02/17 19:36:25 | 000,657,213 | ---- | C] () -- C:\Windows\Condition Zero Uninstaller.exe
[2012/02/12 00:08:47 | 000,000,044 | ---- | C] () -- C:\Users\Lelouch\.gtk-bookmarks
[2012/01/26 17:44:05 | 000,111,932 | ---- | C] () -- C:\Windows\SysWow64\EPPICPrinterDB.dat
[2012/01/26 17:44:05 | 000,031,053 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern131.dat
[2012/01/26 17:44:05 | 000,027,417 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern121.dat
[2012/01/26 17:44:05 | 000,026,154 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern1.dat
[2012/01/26 17:44:05 | 000,024,903 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern3.dat
[2012/01/26 17:44:05 | 000,021,390 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern5.dat
[2012/01/26 17:44:05 | 000,020,148 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern2.dat
[2012/01/26 17:44:05 | 000,011,811 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern4.dat
[2012/01/26 17:44:05 | 000,004,943 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern6.dat
[2012/01/26 17:44:05 | 000,001,146 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_DU.dat
[2012/01/26 17:44:05 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_PT.dat
[2012/01/26 17:44:05 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_BP.dat
[2012/01/26 17:44:05 | 000,001,136 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_ES.dat
[2012/01/26 17:44:05 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_FR.dat
[2012/01/26 17:44:05 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_CF.dat
[2012/01/26 17:44:05 | 000,001,120 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_IT.dat
[2012/01/26 17:44:05 | 000,001,107 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_GE.dat
[2012/01/26 17:44:05 | 000,001,104 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_EN.dat
[2012/01/26 17:44:05 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini
[2011/12/03 17:46:43 | 000,022,566 | ---- | C] () -- C:\Windows\UN091222.INI
[2011/12/03 17:46:39 | 000,014,252 | ---- | C] () -- C:\Windows\UN091114.INI
[2011/12/03 17:46:33 | 000,035,896 | ---- | C] () -- C:\Windows\UN091111.INI
[2011/12/03 17:46:30 | 000,013,773 | ---- | C] () -- C:\Windows\UN091201.INI
[2011/10/29 10:08:39 | 000,111,928 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011/10/29 10:08:38 | 002,337,865 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2011/10/29 10:08:38 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011/10/15 00:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011/10/08 00:01:47 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011/10/08 00:01:44 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2011/10/08 00:01:38 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll
[2011/10/08 00:01:37 | 000,074,752 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011/09/16 23:25:11 | 000,010,752 | ---- | C] () -- C:\Users\Lelouch\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/08/25 23:19:23 | 000,000,020 | ---- | C] () -- C:\Windows\mafosav.INI
[2011/08/25 12:23:06 | 000,072,621 | ---- | C] () -- C:\Windows\rodflashvideoss_uninst.exe
[2011/08/15 15:41:04 | 000,000,000 | ---- | C] () -- C:\Users\Lelouch\AppData\Local\rx_image32.Cache
[2011/08/13 18:08:50 | 000,315,392 | ---- | C] ( ) -- C:\Windows\SysWow64\sbcrreag.dll
[2011/07/14 23:14:38 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011/07/14 23:14:38 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011/06/26 04:53:06 | 000,735,230 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/03/30 19:21:27 | 000,960,940 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011/03/30 19:21:27 | 000,207,376 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011/03/30 19:21:26 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011/03/30 19:20:53 | 000,000,096 | ---- | C] () -- C:\Windows\LaunApp.ini
[2011/03/30 19:20:50 | 000,000,271 | ---- | C] () -- C:\Windows\WisPriority.ini
[2011/03/30 19:20:50 | 000,000,035 | ---- | C] () -- C:\Windows\DELL_LANGCODE.ini
[2011/03/30 19:20:50 | 000,000,033 | ---- | C] () -- C:\Windows\DELL_OSTYPE.ini
[2011/03/30 19:20:50 | 000,000,032 | ---- | C] () -- C:\Windows\WisHWDest.ini
[2011/03/30 19:20:50 | 000,000,028 | ---- | C] () -- C:\Windows\WisLangCode.ini
[2011/03/30 19:20:50 | 000,000,023 | ---- | C] () -- C:\Windows\WisSysInfo.ini
[2011/03/30 16:56:38 | 000,017,776 | ---- | C] () -- C:\Windows\EvtMessage.dll
[2011/03/30 16:50:22 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll
[2011/02/12 05:23:34 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2010/12/10 08:33:11 | 000,000,325 | ---- | C] () -- C:\Windows\Prelaunch.ini
[2010/11/02 11:40:34 | 000,087,176 | ---- | C] () -- C:\Windows\SysWow64\FAIEExtension.dll
[2010/11/02 11:40:30 | 000,057,480 | ---- | C] () -- C:\Windows\SysWow64\FAib.dll
[2010/11/02 11:40:24 | 000,248,968 | ---- | C] () -- C:\Windows\SysWow64\FACrashRpt.dll

========== LOP Check ==========

[2011/08/02 05:36:17 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\Azureus
[2011/10/12 17:54:08 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\Bitdreamers
[2011/12/03 17:47:30 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\BUFFALO
[2011/10/13 13:24:43 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\COWON
[2012/07/04 16:30:39 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\DAEMON Tools Lite
[2012/07/11 00:15:34 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\DMCache
[2012/03/08 12:35:17 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\Ethereal
[2011/06/29 10:15:48 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\Fingertapps
[2012/07/11 09:04:58 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\foobar2000
[2012/05/05 10:40:33 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\gtk-2.0
[2012/04/07 12:46:45 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\IDM
[2011/07/18 21:14:13 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\IDT
[2011/07/29 10:20:34 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\KaiunOmikuji
[2011/07/29 10:20:49 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\KaraageTimer
[2011/08/03 08:40:41 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\KtaiGadget
[2011/06/26 04:52:16 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\Leadertech
[2011/10/07 22:15:09 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\Mal Updater
[2011/09/02 22:12:53 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\Maxis Broadband
[2012/02/08 14:35:35 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\MFTG
[2012/06/29 22:32:01 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\Mp3tag
[2012/03/08 13:22:53 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\NetMeter
[2012/06/03 18:01:35 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\Nitroplus
[2011/08/02 18:56:01 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\NoKagakuSokuteiki
[2011/07/01 17:02:59 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\Opera
[2012/03/29 07:06:10 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\PACE Anti-Piracy
[2011/08/29 00:16:29 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\QuickStoresToolbar
[2012/07/11 09:19:04 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\Rainmeter
[2012/01/15 06:34:25 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\RenPy
[2011/07/28 11:05:45 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\savedata
[2012/07/08 00:51:01 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\SoftGrid Client
[2011/12/26 18:46:16 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\Sync App Settings
[2011/12/25 08:42:15 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\SystemRequirementsLab
[2011/06/29 12:39:45 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\Teeworlds
[2011/10/11 07:33:53 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\TimeComX
[2011/06/26 04:53:30 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\TP
[2012/01/25 23:53:30 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\TuneUp Software
[2012/03/29 07:06:53 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\Unity
[2012/07/11 09:18:56 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\uTorrent
[2012/06/01 19:03:00 | 000,032,596 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2012/01/20 15:00:10 | 000,000,000 | ---- | M] ()(C:\Users\Lelouch\AppData\Roaming\??????&) -- C:\Users\Lelouch\AppData\Roaming\ㇲ皥࿇ᘁ颰̺&
[2012/01/20 15:00:10 | 000,000,000 | ---- | C] ()(C:\Users\Lelouch\AppData\Roaming\??????&) -- C:\Users\Lelouch\AppData\Roaming\ㇲ皥࿇ᘁ颰̺&

< End of report >
  • 0

Advertisements


#2
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
Hi, finn the human! Posted ImageMy nick name is CompCav and I will be assisting you with your Malware/Security problems. Please make sure you read all of the instructions and fixes thoroughly before continuing with them. If you have any questions or you are unsure about anything, just ask and I will help you out. :)

If you have resolved the issues you were originally experiencing, or have received help elsewhere, please let me know so that this topic can be closed.


Please make sure you are saving and printing the instructions out prior to each fix, this way you will have them on hand just in case you are unable to access this site. One of the steps I will be asking you to do requires you to boot into Safe Mode and this process will be much easier for you to perform if the instructions are printed out for you to follow.

If you are ready to get started, please review and follow these guidelines so that we resolve your issues in a timely and effective manner:
  • Logs from malware removal programs (OTL is one of them) can take some time to analyze. I need you to be patient while I analyze any logs you post.
  • Please make sure to carefully read any instructions that I give you. Since I cannot see or directly interact with your computer I am dependent on you to "be my eyes" and provide as much information as you can regarding the current state of your computer.
  • If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask!
  • These instructions have been specifically tailored to your computer and the issues you are experiencing with your computer. These instructions are not suitable for any other computer, even if the issues are fairly similar.
  • Do not do things I do not ask for, such as running a spyware scan on your computer. However, the one thing that you should always do, is to make sure your anti-virus definitions are up-to-date!
  • Please do not use the Attachment feature for any log file. Just do a Copy/Paste of the entire contents of the log file inside your post and submit.
  • You must reply within four days failure to reply will result in the topic being closed!
  • Please do not PM me directly for help. If you have any questions, post them in this topic. PM me only if I have not responded to your last post in 2 days.
  • Lastly, I am no magician. I will try very hard to fix your issues, but no promises can be made. Also be aware that some infections are so severe that you might need to ultimately reformat your hard drive and reinstall the operating system.
    Don't worry, this only happens in severe cases, but it sadly does happen. Please have the software and storage media for backing up your data available.



Step 1.


If you have Malwarebytes 1.6 or better installed please disable it for the duration of this run
To disable MBAM
Open the scanner and select the protection tab
Remove the tick from "Start with Windows"
Reboot and then run OTL
Posted Image




  • Please reopen Posted Image on your desktop.
  • Copy and Paste the following code into the Posted Image textbox.

    :OTL
    SRV:64bit: - [2012/07/11 06:46:32 | 000,073,688 | ---- | M] () [Unknown (-1) | Unknown] -- C:\Windows\SysNative\drivers\f76e332751cf096b.sys -- (f76e332751cf096b)
    DRV:64bit: - [2012/07/11 06:46:32 | 000,073,688 | ---- | M] () [Unknown (-1) | Unknown (-1) | Unknown] -- C:\Windows\SysNative\drivers\f76e332751cf096b.sys -- (f76e332751cf096b)
    [2011/06/26 11:22:52 | 000,001,056 | ---- | M] () -- C:\Users\Lelouch\AppData\Roaming\Mozilla\Firefox\Profiles\hhq0uue9.default\searchplugins\yahoo-zugo.xml
    O4 - HKU\S-1-5-21-3405665497-2748038552-3055002692-1001..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
    O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
    O16:64bit: - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
    O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
    O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
    O27:64bit: - HKLM IFEO\creator12oem.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
    O27:64bit: - HKLM IFEO\discimageloader12oem.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
    O27:64bit: - HKLM IFEO\nobuclient.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
    O27:64bit: - HKLM IFEO\pcapui.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
    O27:64bit: - HKLM IFEO\prodreg.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
    O27:64bit: - HKLM IFEO\retrieve12oem.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
    O27:64bit: - HKLM IFEO\roxiocentralfx.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
    O27 - HKLM IFEO\creator12oem.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
    O27 - HKLM IFEO\discimageloader12oem.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
    O27 - HKLM IFEO\nobuclient.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
    O27 - HKLM IFEO\pcapui.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
    O27 - HKLM IFEO\prodreg.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
    O27 - HKLM IFEO\retrieve12oem.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
    O27 - HKLM IFEO\roxiocentralfx.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
    O33 - MountPoints2\{4c8fd299-aea5-11e1-8bfc-bc77372f502f}\Shell - "" = AutoRun
    O33 - MountPoints2\{4c8fd299-aea5-11e1-8bfc-bc77372f502f}\Shell\AutoRun\command - "" = G:\Install.exe
    O33 - MountPoints2\{6c6fcf0d-d619-11e0-b690-bc77372f502f}\Shell - "" = AutoRun
    O33 - MountPoints2\{6c6fcf0d-d619-11e0-b690-bc77372f502f}\Shell\AutoRun\command - "" = G:\AutoRun.exe
    O33 - MountPoints2\{6c6fcf20-d619-11e0-b690-bc77372f502f}\Shell - "" = AutoRun
    O33 - MountPoints2\{6c6fcf20-d619-11e0-b690-bc77372f502f}\Shell\AutoRun\command - "" = G:\AutoRun.exe
    O33 - MountPoints2\{a4421972-aee2-11e0-a186-bc77372f502f}\Shell - "" = AutoRun
    O33 - MountPoints2\{a4421972-aee2-11e0-a186-bc77372f502f}\Shell\AutoRun\command - "" = H:\Windows\CHECK\DriveNavigator.exe
    O33 - MountPoints2\{d4fd73f5-d565-11e0-817b-bc77372f502f}\Shell - "" = AutoRun
    O33 - MountPoints2\{d4fd73f5-d565-11e0-817b-bc77372f502f}\Shell\AutoRun\command - "" = G:\AutoRun.exe
    O33 - MountPoints2\{d4fd7404-d565-11e0-817b-bc77372f502f}\Shell - "" = AutoRun
    O33 - MountPoints2\{d4fd7404-d565-11e0-817b-bc77372f502f}\Shell\AutoRun\command - "" = G:\AutoRun.exe
    [2012/07/11 06:46:32 | 000,073,688 | ---- | C] () -- C:\Windows\SysNative\drivers\f76e332751cf096b.sys
    [2012/07/11 00:09:48 | 000,038,400 | ---- | C] () -- C:\Users\Lelouch\0i763f66bz.exe
    [2012/03/31 08:41:35 | 000,217,200 | ---- | C] () -- C:\ProgramData\Zl0Mt82b.exe
    [2012/03/31 08:41:29 | 000,455,592 | ---- | C] () -- C:\ProgramData\aueif3S8.exe
    [2012/03/31 08:41:17 | 000,000,000 | ---- | C] () -- C:\ProgramData\9I2UgDED.exe
    [2012/03/31 08:41:17 | 000,000,000 | ---- | C] () -- C:\ProgramData\13V8G8i4.exe
    
    
    :files
    ipconfig /flushdns /c
    
    
    
    :reg
    
    
    :Commands
    [purity]
    [resethosts]
    [emptyjava]
    [emptyflash]
    [createrestorepoint]
  • Push Posted Image
  • OTL may ask to reboot the machine. Please do so if asked.
  • Click the OK button.
  • A report will open. Copy and Paste that report in your next reply.
  • If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, where mmddyyyy_hhmmss is the date and the time of the tool run.


Step 2.

  • Download RogueKiller and save it on your desktop.
  • Quit all programs
  • Start RogueKiller.exe.
  • Wait until Prescan has finished ...
  • Click on Scan
  • Note: If RogueKiller will not run please try it several times, if it still does not run rename it winlogon.com and try it several times.
Posted Image
  • Wait for the end of the scan.
  • The report has been created on the desktop.
  • Click on the Delete button.
Posted Image
  • The report has been created on the desktop.

  • Next click on ShortcutsFix

    Posted Image
  • The report has been created on the desktop.

Please post:

All RKreport.txt text files located on your desktop.


Step 3.

Download aswMBR.exe ( 1.8mb ) to your desktop.
Double click the aswMBR.exe to run it Click the "Scan" button to start scan

Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply

Posted Image

If it does not run rename it iexplore.exe and try it again.


Step 4.

Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Select Scan All Users
  • Select Lop Check and Purity Check
  • Under Extra Registry select Use SafeList
  • Under the Custom Scan box paste this in
    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    services.*
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    /md5stop
    HKEY_CURRENT_USER\Software\Microsoft\Windows Media\WMSDK\Local\AutoProxyCache /s
    CREATERESTOREPOINT
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Post both logs


Step 5.

Please post:

OTL fix log
All RKreport.txt logs
aswMBR log
OTL.txt
Extras.txt


Give me an update on your computer's issues.

Also do you recognize these files:

[2012/01/20 15:00:10 | 000,000,000 | ---- | M] ()(C:\Users\Lelouch\AppData\Roaming\??????&) -- C:\Users\Lelouch\AppData\Roaming\ㇲ皥࿇ᘁ颰̺&
[2012/01/20 15:00:10 | 000,000,000 | ---- | C] ()(C:\Users\Lelouch\AppData\Roaming\??????&) -- C:\Users\Lelouch\AppData\Roaming\ㇲ皥࿇ᘁ颰̺&
  • 0

#3
finn the human

finn the human

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
Hi CompCav. Thanks for the reply. I think maybe the problem is fixed but I don't sure because I fixed myself. The only problem I facing right now is when try to restore to a saved point using system restore, an message saying 0x80070057 error will pop up. The program will restore to the saved point and I can't see any problem. So, should I carry out your instructions?

Also I think these
[2012/01/20 15:00:10 | 000,000,000 | ---- | M] ()(C:\Users\Lelouch\AppData\Roaming\??????&) -- C:\Users\Lelouch\AppData\Roaming\ㇲ皥࿇ᘁ颰̺&
[2012/01/20 15:00:10 | 000,000,000 | ---- | C] ()(C:\Users\Lelouch\AppData\Roaming\??????&) -- C:\Users\Lelouch\AppData\Roaming\ㇲ皥࿇ᘁ颰̺&
maybe be cause by some of my Japanese program that I had installed.

Maybe also this may help you, my current OTL log for quick run.

OTL logfile created on: 7/12/2012 10:10:39 AM - Run 1
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\Lelouch\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Malaysia | Language: ENM | Date Format: d/M/yyyy

3.91 Gb Total Physical Memory | 1.80 Gb Available Physical Memory | 46.08% Memory free
7.82 Gb Paging File | 5.50 Gb Available in Paging File | 70.34% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451.01 Gb Total Space | 45.74 Gb Free Space | 10.14% Space Free | Partition Type: NTFS

Computer Name: LELOUCH-PC | User Name: Lelouch | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/07/12 10:06:43 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Lelouch\Desktop\OTL.exe
PRC - [2012/07/04 00:21:30 | 004,273,976 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/07/04 00:21:29 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/06/19 10:17:38 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/01/03 05:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/10/29 10:08:38 | 000,066,872 | ---- | M] () -- C:\WINDOWS\SysWOW64\PnkBstrA.exe
PRC - [2011/10/15 16:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011/10/15 00:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011/10/01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011/10/01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2010/11/18 01:53:16 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2010/11/06 12:54:22 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/11/06 12:54:20 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/11/04 01:01:20 | 001,298,496 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
PRC - [2010/11/04 00:53:28 | 000,897,088 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2010/11/04 00:53:06 | 000,979,008 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
PRC - [2010/11/02 11:40:30 | 002,006,664 | ---- | M] (Sensible Vision ) -- C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe
PRC - [2010/11/02 11:40:30 | 000,093,832 | ---- | M] (Sensible Vision ) -- C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
PRC - [2010/11/02 11:40:28 | 002,428,552 | ---- | M] (Sensible Vision ) -- C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe
PRC - [2010/10/06 10:04:12 | 002,655,768 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/10/06 10:04:08 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010/08/21 07:53:08 | 000,689,472 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
PRC - [2010/08/20 10:55:14 | 000,320,888 | ---- | M] (BUFFALO INC.) -- C:\Program Files (x86)\BUFFALO\Backup_Utility\BUService.exe
PRC - [2010/08/20 07:06:56 | 000,487,562 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
PRC - [2010/08/12 07:19:16 | 000,781,536 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
PRC - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
PRC - [2010/03/12 15:43:38 | 000,241,808 | ---- | M] (Paltiosoft Inc.) -- C:\Program Files (x86)\SoftDenchi\UCManSvc.exe
PRC - [2010/01/12 02:20:48 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2003/02/18 13:19:14 | 000,294,400 | ---- | M] (Shatran Software) -- C:\Program Files (x86)\Quick ShutDown\qsd.exe


========== Modules (No Company Name) ==========

MOD - [2012/07/12 09:17:00 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a0b35ba07be52485fdb6f36c2b1f880a\System.Web.ni.dll
MOD - [2012/07/12 09:16:56 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\12dc22db56f7933e84654ecc590beba5\System.Runtime.Remoting.ni.dll
MOD - [2012/07/12 09:16:35 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\828e99a57411166ccc26d24be089ba44\System.Windows.Forms.ni.dll
MOD - [2012/07/12 09:16:29 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\502adc65e43b9d025cba1fd0bfa964a8\System.Drawing.ni.dll
MOD - [2012/07/12 09:16:18 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\5b10c18a074132f1ae4a86d860cf9615\WindowsBase.ni.dll
MOD - [2012/07/12 09:16:10 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\cfb0e4de1afd3f2efbbf39a5e39f646a\System.Xml.ni.dll
MOD - [2012/07/12 09:16:05 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2a5cbab122112cd4291b684e67460c16\System.Configuration.ni.dll
MOD - [2012/07/12 09:16:04 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9447bd5b21a91081d4275b4c4401b1f9\System.ni.dll
MOD - [2012/07/12 09:15:10 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\2ab531f4915cccb998c4e852fb7efd00\mscorlib.ni.dll
MOD - [2012/06/19 10:17:38 | 002,042,848 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011/10/15 00:54:26 | 000,265,536 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
MOD - [2010/11/30 10:04:00 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll
MOD - [2010/11/02 11:40:34 | 000,087,176 | ---- | M] () -- C:\WINDOWS\SysWOW64\FAIEExtension.dll
MOD - [2010/11/02 11:40:30 | 000,057,480 | ---- | M] () -- C:\WINDOWS\SysWOW64\FAib.dll
MOD - [2010/11/02 11:40:24 | 000,248,968 | ---- | M] () -- C:\WINDOWS\SysWOW64\FACrashRpt.dll
MOD - [2010/08/12 07:19:34 | 000,077,024 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\zlib1.dll
MOD - [2010/08/12 07:19:32 | 000,109,792 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STPE.dll
MOD - [2010/08/12 07:19:32 | 000,072,928 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STRegistry.dll
MOD - [2010/08/12 07:19:30 | 000,232,672 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STFiles.dll
MOD - [2010/08/12 07:19:30 | 000,126,176 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STLog.dll
MOD - [2010/08/12 07:19:30 | 000,119,008 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STNLS.dll
MOD - [2010/08/12 07:19:26 | 001,121,504 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\libxml2.dll
MOD - [2010/08/12 07:19:16 | 000,781,536 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
MOD - [2009/05/05 19:10:56 | 000,327,168 | ---- | M] () -- C:\Program Files (x86)\WideCap\widecapdrv.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012/07/04 00:21:29 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2012/04/19 08:22:48 | 000,502,032 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\mcafee\virusscan\mcods.exe -- (McODS)
SRV:64bit: - [2012/03/20 13:11:30 | 000,162,192 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\WINDOWS\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2012/03/20 12:56:24 | 000,210,584 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2012/03/20 12:55:54 | 000,199,272 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2011/12/14 12:46:50 | 000,035,648 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2011/08/13 18:09:32 | 001,844,224 | ---- | M] (Proxy Labs) [Disabled | Stopped] -- C:\Program Files\Proxy Labs\ProxyCap\pcapsvc.exe -- (pcapsvc)
SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McOobeSv)
SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2011/01/21 19:47:52 | 000,296,448 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2010/12/18 03:41:32 | 001,515,792 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel®
SRV:64bit: - [2010/12/18 03:28:46 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2010/12/18 03:26:50 | 000,836,880 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel®
SRV:64bit: - [2010/11/30 04:00:56 | 000,149,504 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost) Intel®
SRV:64bit: - [2010/09/23 07:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/08/31 03:42:00 | 000,220,528 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- c:\Program Files\mcafee\msc\McAWFwk.exe -- (McAWFwk)
SRV:64bit: - [2010/01/12 02:20:48 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV:64bit: - [2009/07/14 09:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/03/03 18:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV - [2012/06/19 10:17:38 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/01/03 05:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/12/14 12:47:00 | 002,123,584 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011/12/14 12:46:50 | 000,028,992 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2011/10/29 10:08:38 | 000,066,872 | ---- | M] () [Auto | Running] -- C:\WINDOWS\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011/10/15 16:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011/10/15 00:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011/10/01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010/11/25 18:34:18 | 000,219,632 | ---- | M] (Sonic Solutions) [Disabled | Stopped] -- c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe -- (RoxWatch12)
SRV - [2010/11/25 18:33:18 | 001,116,656 | ---- | M] (Sonic Solutions) [Disabled | Stopped] -- c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM)
SRV - [2010/11/06 12:54:22 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel®
SRV - [2010/11/04 01:01:20 | 001,298,496 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service)
SRV - [2010/11/04 00:53:28 | 000,897,088 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2010/11/02 11:40:28 | 002,428,552 | ---- | M] (Sensible Vision ) [Auto | Running] -- C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe -- (FAService)
SRV - [2010/10/06 10:04:12 | 002,655,768 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®
SRV - [2010/10/06 10:04:08 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®
SRV - [2010/08/26 09:28:54 | 002,823,000 | ---- | M] (Dell, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe -- (NOBU)
SRV - [2010/08/21 07:53:08 | 000,689,472 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService)
SRV - [2010/08/20 10:55:14 | 000,320,888 | ---- | M] (BUFFALO INC.) [Auto | Running] -- C:\Program Files (x86)\BUFFALO\Backup_Utility\BUService.exe -- (BFBackupUtilityService)
SRV - [2010/04/28 12:17:02 | 000,359,288 | ---- | M] (BUFFALO INC.) [Auto | Running] -- C:\Program Files (x86)\BUFFALO\Backup_Utility\BUVSSService64.exe -- (BFBackupUtilityVSSService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/12 15:43:38 | 000,241,808 | ---- | M] (Paltiosoft Inc.) [Auto | Running] -- C:\Program Files (x86)\SoftDenchi\UCManSvc.exe -- (UCManSvc)
SRV - [2009/07/13 01:08:04 | 000,024,168 | ---- | M] (The Within Network, LLC) [Auto | Running] -- C:\WINDOWS\UnsignedThemesSvc.exe -- (UnsignedThemes)
SRV - [2009/06/11 05:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/07/04 00:21:52 | 000,958,400 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012/07/04 00:21:52 | 000,355,856 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012/07/04 00:21:52 | 000,071,064 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012/07/04 00:21:52 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012/07/04 00:21:52 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012/07/04 00:21:51 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012/04/03 14:56:21 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012/04/03 14:47:11 | 000,564,792 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2012/03/01 14:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/22 13:29:46 | 000,647,208 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2012/02/22 13:29:46 | 000,487,296 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2012/02/22 13:29:46 | 000,289,664 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2012/02/22 13:29:46 | 000,229,528 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2012/02/22 13:29:46 | 000,160,792 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2012/02/22 13:29:46 | 000,100,912 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2012/02/22 13:29:46 | 000,075,936 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\mfenlfk.sys -- (mfenlfk)
DRV:64bit: - [2012/02/22 13:29:46 | 000,065,264 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2011/10/15 16:53:00 | 000,249,152 | ---- | M] (NVIDIA Corporation) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\nvkflt.sys -- (nvkflt)
DRV:64bit: - [2011/10/15 16:53:00 | 000,028,992 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2011/10/01 08:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011/10/01 08:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011/10/01 08:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011/10/01 08:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011/08/03 15:20:38 | 000,027,848 | ---- | M] (RSJ Software GmbH) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\vproiah.sys -- (vproiah)
DRV:64bit: - [2011/07/13 14:22:00 | 000,072,016 | ---- | M] (BUFFALO INC.) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\bftpdskc64.sys -- (bftpdskc64)
DRV:64bit: - [2011/07/08 07:21:28 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011/07/06 23:14:42 | 000,145,008 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\SysNative\drivers\idmwfp.sys -- (IDMWFP)
DRV:64bit: - [2011/07/01 17:46:40 | 000,031,232 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2011/01/21 19:47:52 | 000,520,192 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2011/01/16 00:21:04 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2011/01/08 09:42:34 | 012,262,688 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/12/21 22:08:48 | 008,505,856 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\NETwNs64.sys -- (NETwNs64) ___ Intel®
DRV:64bit: - [2010/12/11 05:50:36 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010/12/11 05:50:36 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010/12/04 06:32:24 | 000,316,024 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2010/12/01 18:02:22 | 000,042,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\WDKMD.sys -- (wdkmd)
DRV:64bit: - [2010/11/30 04:00:04 | 000,016,120 | ---- | M] (Intel® Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2010/11/23 00:41:08 | 000,167,920 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\C2SCSI64.SYS -- (c2scsi64)
DRV:64bit: - [2010/11/20 21:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 21:32:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 21:32:46 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010/11/20 19:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/06 12:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/11/04 18:07:06 | 000,058,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\btmaux.sys -- (btmaux)
DRV:64bit: - [2010/11/04 16:31:44 | 000,059,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\iBtFltCoex.sys -- (iBtFltCoex)
DRV:64bit: - [2010/10/30 08:11:42 | 000,250,984 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/10/27 03:08:08 | 000,406,632 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/10/21 15:47:12 | 000,020,608 | ---- | M] (BUFFALO INC.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\bftpusbx64.sys -- (bftpusbx64)
DRV:64bit: - [2010/10/20 07:12:58 | 000,274,432 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\btmhsf.sys -- (btmhsf)
DRV:64bit: - [2010/09/21 22:59:38 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel®
DRV:64bit: - [2010/08/12 23:51:30 | 000,175,168 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2010/07/31 07:36:38 | 000,025,072 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- c:\Program Files\Dell Support Center\pcdsrvc_x64.pkms -- (PCDSRVC{1E208CE0-FB7451FF-06020101}_0)
DRV:64bit: - [2010/07/02 01:11:24 | 000,012,352 | ---- | M] () [Kernel | "Start" not found. | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV:64bit: - [2010/03/19 16:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010/03/10 10:30:00 | 000,047,232 | ---- | M] (BUFFALO INC.) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\BFRD4G.sys -- (BFRD4G)
DRV:64bit: - [2009/07/14 09:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 09:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 09:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 01:09:20 | 000,030,568 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\SysNative\drivers\uxpatch.sys -- (uxpatch)
DRV:64bit: - [2009/06/11 04:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/06/11 04:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/11 04:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/11 04:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/11 04:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/02/24 18:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\mcdbus.sys -- (mcdbus)
DRV:64bit: - [2008/09/25 09:36:14 | 000,238,848 | ---- | M] (Sensible Vision ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\facap.sys -- (FACAP)
DRV:64bit: - [2006/11/02 01:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2012/04/15 06:57:30 | 000,002,368 | ---- | M] (AntiCracking) [Kernel | Auto | Stopped] -- C:\WINDOWS\SysWOW64\STEC3.sys -- (STEC3)
DRV - [2011/12/12 19:31:38 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2009/07/14 09:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}: "URL" = http://www.bing.com/...rc=IE-SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://inm.startya.c...=575&country=MY
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www1.ap.dell....c=my&l=en&s=gen
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{32F9BA74-B3CA-4441-9A16-E7E7C6EC4183}: "URL" = http://malaysia.sear...p={searchTerms}
IE - HKCU\..\SearchScopes\{A89CA510-D2CE-B184-4A81-8F61AD65D953}: "URL" = http://inm.startya.c...o&cfg=2-575-0-0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..keyword.URL: "http://www.google.co...-8&oe=utf-8&q="
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_235.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@iahgames.com/prodown: C:\Program Files (x86)\IAHgames\Playfast\npiahpd.dll (RSJ Software GmbH)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~2\mcafee\msc\npmcsn~1.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@rsj.de/prodown: File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Lelouch\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Lelouch\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Lelouch\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso\ [2011/03/30 17:08:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore [2012/07/12 02:32:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/07/11 14:37:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/19 10:17:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/07/11 14:33:21 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\Lelouch\AppData\Roaming\IDM\idmmzcc5 [2011/11/27 07:04:03 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/19 10:17:39 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/07/11 14:33:21 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\[email protected]: C:\Users\Lelouch\AppData\Roaming\IDM\idmmzcc5 [2011/11/27 07:04:03 | 000,000,000 | ---D | M]

[2011/06/26 09:48:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lelouch\AppData\Roaming\Mozilla\Extensions
[2012/07/04 18:44:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lelouch\AppData\Roaming\Mozilla\Firefox\Profiles\hhq0uue9.default\extensions
[2011/11/27 10:08:46 | 000,000,000 | ---D | M] (Cookies Manager+) -- C:\Users\Lelouch\AppData\Roaming\Mozilla\Firefox\Profiles\hhq0uue9.default\extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25d}
[2012/07/11 06:50:46 | 000,001,398 | ---- | M] () -- C:\Users\Lelouch\AppData\Roaming\Mozilla\Firefox\Profiles\hhq0uue9.default\searchplugins\sankaku-channel.xml
[2011/06/26 11:22:52 | 000,001,056 | ---- | M] () -- C:\Users\Lelouch\AppData\Roaming\Mozilla\Firefox\Profiles\hhq0uue9.default\searchplugins\yahoo-zugo.xml
[2012/07/11 14:33:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/07/11 14:33:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2011/08/29 00:16:31 | 000,000,000 | ---D | M] (QuickStores-Toolbar) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
[2011/07/17 22:47:13 | 000,097,169 | ---- | M] () (No name found) -- C:\USERS\LELOUCH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HHQ0UUE9.DEFAULT\EXTENSIONS\{3D7EB24F-2740-49DF-8937-200B1CC08F8A}.XPI
[2012/05/27 20:21:56 | 000,258,567 | ---- | M] () (No name found) -- C:\USERS\LELOUCH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HHQ0UUE9.DEFAULT\EXTENSIONS\{46551EC9-40F0-4E47-8E18-8E5CF550CFB8}.XPI
[2012/03/23 23:38:44 | 000,049,303 | ---- | M] () (No name found) -- C:\USERS\LELOUCH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HHQ0UUE9.DEFAULT\EXTENSIONS\{4C7097F7-08F2-4EF2-9B9F-F95FA4CBB064}.XPI
[2011/07/03 15:41:22 | 000,059,893 | ---- | M] () (No name found) -- C:\USERS\LELOUCH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HHQ0UUE9.DEFAULT\EXTENSIONS\{792BDDFE-2E7C-42ED-B18D-18154D2761BD}.XPI
[2012/02/14 18:13:26 | 000,105,380 | ---- | M] () (No name found) -- C:\USERS\LELOUCH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HHQ0UUE9.DEFAULT\EXTENSIONS\[email protected]
[2011/06/26 10:21:26 | 000,330,316 | ---- | M] () (No name found) -- C:\USERS\LELOUCH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HHQ0UUE9.DEFAULT\EXTENSIONS\[email protected]
[2012/06/19 10:17:38 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/04/14 14:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\mozilla firefox\components\Scriptff.dll
[2011/07/12 05:48:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2012/06/19 10:17:36 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/06/19 10:17:36 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Lelouch\AppData\Local\Google\Chrome\Application\20.0.1132.47\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Lelouch\AppData\Local\Google\Chrome\Application\20.0.1132.47\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Lelouch\AppData\Local\Google\Chrome\Application\20.0.1132.47\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Lelouch\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: IAHGames (Enabled) = C:\Program Files (x86)\IAHgames\Playfast\npiahpd.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Lelouch\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Lelouch\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: McAfee SecurityCenter (Enabled) = c:\progra~2\mcafee\msc\npmcsn~1.dll
CHR - Extension: Mr. Bounce = C:\Users\Lelouch\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajfdmocmkakkkbgcoifcenchgkokpecl\1.0.52_0\
CHR - Extension: Marvel Comics = C:\Users\Lelouch\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjhfaknohpjconjoefidanhihokmkice\1.0.0.0_0\
CHR - Extension: Troll Emoticons = C:\Users\Lelouch\AppData\Local\Google\Chrome\User Data\Default\Extensions\hndllphbhpadfpoikpaofkkkpkpnmjik\4.6.7_0\
CHR - Extension: avast! WebRep = C:\Users\Lelouch\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1456_0\
CHR - Extension: Curling = C:\Users\Lelouch\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhalnajmigjnpjpdbpkpgfhekbjmolhp\1.0.10_0\
CHR - Extension: Robot Theme, inspired by Android\u2122 = C:\Users\Lelouch\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeljdmeofcikjblcoehpmdnooimalbmj\0.2.2_0\

O1 HOSTS File: ([2009/06/11 05:00:26 | 000,000,824 | ---- | M]) - C:\WINDOWS\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL File not found
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\mcafee\systemcore\ScriptSn.20120619100602.dll (McAfee, Inc.)
O2:64bit: - BHO: (SSOIEAddonBHO Class) - {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files (x86)\Sensible Vision\Fast Access\x64\FAIESSO.dll (Sensible Vision )
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\mcafee\msk\mskapbho.dll ()
O2 - BHO: (AddTask Class) - {6A19C29D-ED45-4483-8999-9F939C8161F2} - C:\Program Files\eREAD6.0\eREAD6.0\WebHook.dll ()
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\mcafee\SystemCore\ScriptSn.20120619100602.dll (McAfee, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (SSOIEAddonBHO Class) - {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll (Sensible Vision )
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\WINDOWS\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)
O4:64bit: - HKLM..\Run: [NVHotkey] C:\Windows\SysNative\nvHotkey.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\WINDOWS\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe (Dell, Inc.)
O4 - HKLM..\Run: [Dell Registration] C:\Program Files (x86)\System Registration\prodreg.exe (Dell, Inc.)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [FAStartup] File not found
O4 - HKLM..\Run: [FATrayAlert] C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe (Sensible Vision )
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKCU..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKLM..\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe (Softthinks)
O4 - Startup: C:\Users\Lelouch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Quick ShutDown.lnk = C:\Program Files (x86)\Quick ShutDown\qsd.exe (Shatran Software)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8:64bit: - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Windows\SysNative\pcapwsp.dll (Proxy Labs)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - ppcapwsp.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - ppcapwsp.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - ppcapwsp.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - ppcapwsp.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000016 - ppcapwsp.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\WideCap\widecapdrv.dll ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Windows\SysWow64\pcapwsp.dll (Proxy Labs)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\WideCap\widecapdrv.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\WideCap\widecapdrv.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\WideCap\widecapdrv.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\WideCap\widecapdrv.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files (x86)\WideCap\widecapdrv.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files (x86)\WideCap\widecapdrv.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - %SystemRoot%\System32\winrnr.dll File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_33)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4671B274-FAEB-4888-BE49-59D743A69CD7}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\WINDOWS\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\WINDOWS\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\WINDOWS\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\FastAccess: DllName - (C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll) - C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll ()
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:64bit: - HKLM IFEO\creator12oem.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\discimageloader12oem.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\nobuclient.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\pcapui.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\prodreg.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\retrieve12oem.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\roxiocentralfx.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\taskmgr.exe: Debugger - C:\USERS\LELOUCH\DESKTOP\APPLICATION\PROCEXP.EXE (Sysinternals - www.sysinternals.com)
O27 - HKLM IFEO\creator12oem.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\discimageloader12oem.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\nobuclient.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\pcapui.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\prodreg.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\retrieve12oem.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\roxiocentralfx.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\taskmgr.exe: Debugger - C:\USERS\LELOUCH\DESKTOP\APPLICATION\PROCEXP.EXE (Sysinternals - www.sysinternals.com)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{4c8fd299-aea5-11e1-8bfc-bc77372f502f}\Shell - "" = AutoRun
O33 - MountPoints2\{4c8fd299-aea5-11e1-8bfc-bc77372f502f}\Shell\AutoRun\command - "" = G:\Install.exe
O33 - MountPoints2\{6c6fcf0d-d619-11e0-b690-bc77372f502f}\Shell - "" = AutoRun
O33 - MountPoints2\{6c6fcf0d-d619-11e0-b690-bc77372f502f}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{6c6fcf20-d619-11e0-b690-bc77372f502f}\Shell - "" = AutoRun
O33 - MountPoints2\{6c6fcf20-d619-11e0-b690-bc77372f502f}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{a4421972-aee2-11e0-a186-bc77372f502f}\Shell - "" = AutoRun
O33 - MountPoints2\{a4421972-aee2-11e0-a186-bc77372f502f}\Shell\AutoRun\command - "" = H:\Windows\CHECK\DriveNavigator.exe
O33 - MountPoints2\{d4fd73f5-d565-11e0-817b-bc77372f502f}\Shell - "" = AutoRun
O33 - MountPoints2\{d4fd73f5-d565-11e0-817b-bc77372f502f}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{d4fd7404-d565-11e0-817b-bc77372f502f}\Shell - "" = AutoRun
O33 - MountPoints2\{d4fd7404-d565-11e0-817b-bc77372f502f}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/07/12 10:06:31 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Lelouch\Desktop\OTL.exe
[2012/07/12 09:59:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2012/07/12 09:44:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ノ「サェタヨ(Sankarea) WINDOWS 7 THEME
[2012/07/12 09:42:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FateZero Windows 7 THEME
[2012/07/12 09:40:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\シワマヌソユヨョヌナ(hoshikaka) Windows 7 THEME
[2012/07/12 09:37:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fortune Arterial by weidao WINDOWS 7 THEME
[2012/07/12 09:36:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ボマ゙ヒケフリタュヘミヒケ(Infinite Stratos) WINDOWS 7 THEME
[2012/07/12 09:34:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\トァキィノルナョヤイマ・MADOKA MAGICA) WINDOWS 7 THEME
[2012/07/12 09:32:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MMメサラ・by weidao WINDOWS 7 THEME
[2012/07/12 09:29:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ールサィ釀ツメ SAMURAI GIRLS WINDOWS 7 THEME
[2012/07/12 09:23:28 | 000,000,000 | ---D | C] -- C:\Windows\ACGDIYBAK
[2012/07/11 22:53:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\邉オッオトムヌタヌ(Aria The Scarlet Ammo) Windows 7 THEME
[2012/07/11 22:52:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ツカオルオトヘ貔゚ BY エソメ﨔カオタ WINDOWS 7 THEME
[2012/07/11 22:34:35 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2012/07/11 22:33:39 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2012/07/11 14:37:21 | 000,025,232 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012/07/11 14:37:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012/07/11 14:37:20 | 000,355,856 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2012/07/11 14:37:17 | 000,059,728 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2012/07/11 14:37:17 | 000,054,072 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2012/07/11 14:37:16 | 000,958,400 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2012/07/11 14:37:13 | 000,285,328 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2012/07/11 14:37:13 | 000,071,064 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012/07/11 14:36:56 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012/07/11 14:36:55 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012/07/11 14:36:47 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012/07/11 14:36:47 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012/07/11 14:33:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2012/07/11 14:27:10 | 000,607,260 | ---- | C] (Swearware) -- C:\Users\Lelouch\Desktop\dds.scr
[2012/07/11 12:41:49 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012/07/11 09:24:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2012/06/24 19:49:04 | 000,000,000 | ---D | C] -- C:\TEATIME
[2012/06/24 08:39:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
[2012/06/24 08:39:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CrystalDiskInfo
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/07/12 10:06:43 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Lelouch\Desktop\OTL.exe
[2012/07/12 10:00:48 | 000,013,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/07/12 10:00:48 | 000,013,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/07/12 09:58:32 | 000,005,658 | ---- | M] () -- C:\Users\Lelouch\AppData\Local\recently-used.xbel
[2012/07/12 09:52:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/07/12 09:52:37 | 3148,218,368 | -HS- | M] () -- C:\hiberfil.sys
[2012/07/12 09:50:00 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3405665497-2748038552-3055002692-1001UA.job
[2012/07/12 09:30:39 | 000,727,182 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/07/12 09:30:39 | 000,616,452 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/07/12 09:30:39 | 000,106,574 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/07/12 06:44:08 | 000,475,024 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/07/12 05:50:14 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3405665497-2748038552-3055002692-1001Core.job
[2012/07/11 15:32:00 | 000,000,110 | ---- | M] () -- C:\Users\Lelouch\.gtk-bookmarks
[2012/07/11 14:37:13 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012/07/11 14:27:26 | 000,302,592 | ---- | M] () -- C:\Users\Lelouch\Desktop\x322lkx5.exe
[2012/07/11 14:27:14 | 000,607,260 | ---- | M] (Swearware) -- C:\Users\Lelouch\Desktop\dds.scr
[2012/07/11 14:24:51 | 089,340,632 | ---- | M] () -- C:\Users\Lelouch\Desktop\avast_free_antivirus_setup.exe
[2012/07/10 00:25:58 | 000,053,380 | ---- | M] () -- C:\Users\Lelouch\Desktop\619s3vspzp.jpg
[2012/07/07 17:48:54 | 013,199,462 | ---- | M] () -- C:\Users\Lelouch\Documents\Katawa_Shoujo_Midwinter_EN.pdf
[2012/07/04 00:21:52 | 000,958,400 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2012/07/04 00:21:52 | 000,355,856 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2012/07/04 00:21:52 | 000,071,064 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012/07/04 00:21:52 | 000,059,728 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2012/07/04 00:21:52 | 000,054,072 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2012/07/04 00:21:51 | 000,025,232 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012/07/04 00:21:32 | 000,041,224 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2012/07/04 00:21:28 | 000,227,648 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012/07/04 00:21:18 | 000,285,328 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/07/12 09:58:32 | 000,005,658 | ---- | C] () -- C:\Users\Lelouch\AppData\Local\recently-used.xbel
[2012/07/11 15:32:00 | 000,000,110 | ---- | C] () -- C:\Users\Lelouch\.gtk-bookmarks
[2012/07/11 14:37:13 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2012/07/11 14:27:20 | 000,302,592 | ---- | C] () -- C:\Users\Lelouch\Desktop\x322lkx5.exe
[2012/07/11 13:51:05 | 089,340,632 | ---- | C] () -- C:\Users\Lelouch\Desktop\avast_free_antivirus_setup.exe
[2012/07/10 00:38:35 | 000,053,380 | ---- | C] () -- C:\Users\Lelouch\Desktop\619s3vspzp.jpg
[2012/07/07 17:48:54 | 013,199,462 | ---- | C] () -- C:\Users\Lelouch\Documents\Katawa_Shoujo_Midwinter_EN.pdf
[2012/03/31 08:41:35 | 000,217,200 | ---- | C] () -- C:\ProgramData\Zl0Mt82b.exe
[2012/03/31 08:41:29 | 000,455,592 | ---- | C] () -- C:\ProgramData\aueif3S8.exe
[2012/03/31 08:41:17 | 000,000,000 | ---- | C] () -- C:\ProgramData\9I2UgDED.exe
[2012/03/31 08:41:17 | 000,000,000 | ---- | C] () -- C:\ProgramData\13V8G8i4.exe
[2012/02/17 19:36:25 | 000,657,213 | ---- | C] () -- C:\Windows\Condition Zero Uninstaller.exe
[2012/01/26 17:44:05 | 000,111,932 | ---- | C] () -- C:\Windows\SysWow64\EPPICPrinterDB.dat
[2012/01/26 17:44:05 | 000,031,053 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern131.dat
[2012/01/26 17:44:05 | 000,027,417 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern121.dat
[2012/01/26 17:44:05 | 000,026,154 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern1.dat
[2012/01/26 17:44:05 | 000,024,903 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern3.dat
[2012/01/26 17:44:05 | 000,021,390 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern5.dat
[2012/01/26 17:44:05 | 000,020,148 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern2.dat
[2012/01/26 17:44:05 | 000,011,811 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern4.dat
[2012/01/26 17:44:05 | 000,004,943 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern6.dat
[2012/01/26 17:44:05 | 000,001,146 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_DU.dat
[2012/01/26 17:44:05 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_PT.dat
[2012/01/26 17:44:05 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_BP.dat
[2012/01/26 17:44:05 | 000,001,136 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_ES.dat
[2012/01/26 17:44:05 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_FR.dat
[2012/01/26 17:44:05 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_CF.dat
[2012/01/26 17:44:05 | 000,001,120 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_IT.dat
[2012/01/26 17:44:05 | 000,001,107 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_GE.dat
[2012/01/26 17:44:05 | 000,001,104 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_EN.dat
[2012/01/26 17:44:05 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini
[2011/12/03 17:46:43 | 000,022,566 | ---- | C] () -- C:\Windows\UN091222.INI
[2011/12/03 17:46:39 | 000,014,252 | ---- | C] () -- C:\Windows\UN091114.INI
[2011/12/03 17:46:33 | 000,035,896 | ---- | C] () -- C:\Windows\UN091111.INI
[2011/12/03 17:46:30 | 000,013,773 | ---- | C] () -- C:\Windows\UN091201.INI
[2011/10/29 10:08:39 | 000,111,928 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011/10/29 10:08:38 | 002,337,865 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2011/10/29 10:08:38 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011/10/15 00:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011/10/08 00:01:47 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011/10/08 00:01:44 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2011/10/08 00:01:38 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll
[2011/10/08 00:01:37 | 000,074,752 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011/09/16 23:25:11 | 000,010,752 | ---- | C] () -- C:\Users\Lelouch\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/08/25 23:19:23 | 000,000,020 | ---- | C] () -- C:\Windows\mafosav.INI
[2011/08/25 12:23:06 | 000,072,621 | ---- | C] () -- C:\Windows\rodflashvideoss_uninst.exe
[2011/08/15 15:41:04 | 000,000,000 | ---- | C] () -- C:\Users\Lelouch\AppData\Local\rx_image32.Cache
[2011/08/13 18:08:50 | 000,315,392 | ---- | C] ( ) -- C:\Windows\SysWow64\sbcrreag.dll
[2011/07/14 23:14:38 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011/07/14 23:14:38 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011/06/26 04:53:06 | 000,735,230 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/03/30 19:21:27 | 000,960,940 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011/03/30 19:21:27 | 000,207,376 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011/03/30 19:21:26 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011/03/30 19:20:53 | 000,000,096 | ---- | C] () -- C:\Windows\LaunApp.ini
[2011/03/30 19:20:50 | 000,000,271 | ---- | C] () -- C:\Windows\WisPriority.ini
[2011/03/30 19:20:50 | 000,000,035 | ---- | C] () -- C:\Windows\DELL_LANGCODE.ini
[2011/03/30 19:20:50 | 000,000,033 | ---- | C] () -- C:\Windows\DELL_OSTYPE.ini
[2011/03/30 19:20:50 | 000,000,032 | ---- | C] () -- C:\Windows\WisHWDest.ini
[2011/03/30 19:20:50 | 000,000,028 | ---- | C] () -- C:\Windows\WisLangCode.ini
[2011/03/30 19:20:50 | 000,000,023 | ---- | C] () -- C:\Windows\WisSysInfo.ini
[2011/03/30 16:56:38 | 000,017,776 | ---- | C] () -- C:\Windows\EvtMessage.dll
[2011/03/30 16:50:22 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll
[2011/02/12 05:23:34 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2010/12/10 08:33:11 | 000,000,325 | ---- | C] () -- C:\Windows\Prelaunch.ini
[2010/11/02 11:40:34 | 000,087,176 | ---- | C] () -- C:\Windows\SysWow64\FAIEExtension.dll
[2010/11/02 11:40:30 | 000,057,480 | ---- | C] () -- C:\Windows\SysWow64\FAib.dll
[2010/11/02 11:40:24 | 000,248,968 | ---- | C] () -- C:\Windows\SysWow64\FACrashRpt.dll

========== LOP Check ==========

[2011/08/02 05:36:17 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\Azureus
[2011/10/12 17:54:08 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\Bitdreamers
[2011/12/03 17:47:30 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\BUFFALO
[2011/10/13 13:24:43 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\COWON
[2012/07/04 16:30:39 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\DAEMON Tools Lite
[2012/07/11 18:41:58 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\DMCache
[2012/03/08 12:35:17 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\Ethereal
[2011/06/29 10:15:48 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\Fingertapps
[2012/07/11 18:41:28 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\foobar2000
[2012/05/05 10:40:33 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\gtk-2.0
[2012/04/07 12:46:45 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\IDM
[2011/07/18 21:14:13 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\IDT
[2011/07/29 10:20:34 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\KaiunOmikuji
[2011/07/29 10:20:49 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\KaraageTimer
[2011/08/03 08:40:41 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\KtaiGadget
[2011/06/26 04:52:16 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\Leadertech
[2011/10/07 22:15:09 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\Mal Updater
[2011/09/02 22:12:53 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\Maxis Broadband
[2012/02/08 14:35:35 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\MFTG
[2012/06/29 22:32:01 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\Mp3tag
[2012/03/08 13:22:53 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\NetMeter
[2012/06/03 18:01:35 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\Nitroplus
[2011/08/02 18:56:01 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\NoKagakuSokuteiki
[2011/07/01 17:02:59 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\Opera
[2012/03/29 07:06:10 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\PACE Anti-Piracy
[2011/08/29 00:16:29 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\QuickStoresToolbar
[2012/07/12 20:32:00 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\Rainmeter
[2012/01/15 06:34:25 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\RenPy
[2011/07/28 11:05:45 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\savedata
[2012/07/08 00:51:01 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\SoftGrid Client
[2011/12/26 18:46:16 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\Sync App Settings
[2011/12/25 08:42:15 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\SystemRequirementsLab
[2011/06/29 12:39:45 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\Teeworlds
[2011/10/11 07:33:53 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\TimeComX
[2011/06/26 04:53:30 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\TP
[2012/01/25 23:53:30 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\TuneUp Software
[2012/03/29 07:06:53 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\Unity
[2012/07/12 07:01:33 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\uTorrent
[2012/06/01 19:03:00 | 000,032,596 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2012/01/20 15:00:10 | 000,000,000 | ---- | M] ()(C:\Users\Lelouch\AppData\Roaming\??????&) -- C:\Users\Lelouch\AppData\Roaming\ㇲ皥࿇ᘁ颰̺&
[2012/01/20 15:00:10 | 000,000,000 | ---- | C] ()(C:\Users\Lelouch\AppData\Roaming\??????&) -- C:\Users\Lelouch\AppData\Roaming\ㇲ皥࿇ᘁ颰̺&

< End of report >
  • 0

#4
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
If you are not having any symptoms than the decision to continue is up to you but I see some malware that has not been removed.

Regards,

CompCav
  • 0

#5
finn the human

finn the human

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
I decided to continue because the same symptom appeared again after I reboot. The real-time scan can't be on and my antivirus can't be update. Here are all the logs your asked me to post.

OTL fix log

========== OTL ==========
Error: No service named f76e332751cf096b was found to stop!
Service\Driver key f76e332751cf096b not found.
File C:\Windows\SysNative\drivers\f76e332751cf096b.sys not found.
Error: No service named f76e332751cf096b was found to stop!
Service\Driver key f76e332751cf096b not found.
File C:\Windows\SysNative\drivers\f76e332751cf096b.sys not found.
C:\Users\Lelouch\AppData\Roaming\Mozilla\Firefox\Profiles\hhq0uue9.default\searchplugins\yahoo-zugo.xml moved successfully.
Registry value HKEY_USERS\S-1-5-21-3405665497-2748038552-3055002692-1001\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent deleted successfully.
C:\Program Files (x86)\uTorrent\uTorrent.exe moved successfully.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-3405665497-2748038552-3055002692-1000\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-3405665497-2748038552-3055002692-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-3405665497-2748038552-3055002692-1000\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\creator12oem.exe\ deleted successfully.
C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe moved successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\discimageloader12oem.exe\ deleted successfully.
File C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nobuclient.exe\ deleted successfully.
File C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pcapui.exe\ deleted successfully.
File C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\prodreg.exe\ deleted successfully.
File C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\retrieve12oem.exe\ deleted successfully.
File C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\roxiocentralfx.exe\ deleted successfully.
File C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\creator12oem.exe\ not found.
File C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\discimageloader12oem.exe\ not found.
File C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nobuclient.exe\ not found.
File C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pcapui.exe\ not found.
File C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\prodreg.exe\ not found.
File C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\retrieve12oem.exe\ not found.
File C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\roxiocentralfx.exe\ not found.
File C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4c8fd299-aea5-11e1-8bfc-bc77372f502f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4c8fd299-aea5-11e1-8bfc-bc77372f502f}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4c8fd299-aea5-11e1-8bfc-bc77372f502f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4c8fd299-aea5-11e1-8bfc-bc77372f502f}\ not found.
File G:\Install.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6c6fcf0d-d619-11e0-b690-bc77372f502f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6c6fcf0d-d619-11e0-b690-bc77372f502f}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6c6fcf0d-d619-11e0-b690-bc77372f502f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6c6fcf0d-d619-11e0-b690-bc77372f502f}\ not found.
File G:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6c6fcf20-d619-11e0-b690-bc77372f502f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6c6fcf20-d619-11e0-b690-bc77372f502f}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6c6fcf20-d619-11e0-b690-bc77372f502f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6c6fcf20-d619-11e0-b690-bc77372f502f}\ not found.
File G:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a4421972-aee2-11e0-a186-bc77372f502f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a4421972-aee2-11e0-a186-bc77372f502f}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a4421972-aee2-11e0-a186-bc77372f502f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a4421972-aee2-11e0-a186-bc77372f502f}\ not found.
File H:\Windows\CHECK\DriveNavigator.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d4fd73f5-d565-11e0-817b-bc77372f502f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d4fd73f5-d565-11e0-817b-bc77372f502f}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d4fd73f5-d565-11e0-817b-bc77372f502f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d4fd73f5-d565-11e0-817b-bc77372f502f}\ not found.
File G:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d4fd7404-d565-11e0-817b-bc77372f502f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d4fd7404-d565-11e0-817b-bc77372f502f}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d4fd7404-d565-11e0-817b-bc77372f502f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d4fd7404-d565-11e0-817b-bc77372f502f}\ not found.
File G:\AutoRun.exe not found.
File C:\Windows\SysNative\drivers\f76e332751cf096b.sys not found.
File C:\Users\Lelouch\0i763f66bz.exe not found.
C:\ProgramData\Zl0Mt82b.exe moved successfully.
C:\ProgramData\aueif3S8.exe moved successfully.
C:\ProgramData\9I2UgDED.exe moved successfully.
C:\ProgramData\13V8G8i4.exe moved successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Lelouch\Desktop\cmd.bat deleted successfully.
C:\Users\Lelouch\Desktop\cmd.txt deleted successfully.
========== REGISTRY ==========
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Lelouch
->Java cache emptied: 5302017 bytes

User: Public

User: UpdatusUser

Total Java Files Cleaned = 5.00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Lelouch
->Flash cache emptied: 1341 bytes

User: Public

User: UpdatusUser

Total Flash Files Cleaned = 0.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.54.0 log created on 07132012_084629




All RKreport.txt logs


RogueKiller V7.6.3 [07/08/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo...13-roguekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User: Lelouch [Admin rights]
Mode: Scan -- Date: 07/13/2012 08:51:43

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Registry Entries: 7 ¤¤¤
[IFEO] HKLM\[...]\Image File Execution Options : taskmgr.exe ("C:\USERS\LELOUCH\DESKTOP\APPLICATION\PROCEXP.EXE") -> FOUND
[SCRSV] HKCU\[...]\Desktop : SCRNSAVE.EXE (C:\Windows\ダイバ~1.SCR) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND
[HJ] HKCU\[...]\NewStartPanel : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
˙ž1

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: SAMSUNG HM500JJ (TurboPC) +++++
--- User ---
[MBR] 99d2f71d2603bf654109f7d8e1e72266
[BSP] 0367d923a854510eca8b99d89a80cb83 : Windows 7 MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 15000 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 30926848 | Size: 461838 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[1].txt >>
RKreport[1].txt


RogueKiller V7.6.3 [07/08/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo...13-roguekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User: Lelouch [Admin rights]
Mode: Remove -- Date: 07/13/2012 08:52:07

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Registry Entries: 7 ¤¤¤
[IFEO] HKLM\[...]\Image File Execution Options : taskmgr.exe ("C:\USERS\LELOUCH\DESKTOP\APPLICATION\PROCEXP.EXE") -> DELETED
[SCRSV] HKCU\[...]\Desktop : SCRNSAVE.EXE (C:\Windows\ダイバ~1.SCR) -> REPLACED (c:\windows\system32\logon.scr)
[HJ] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> REPLACED (1)
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[HJ] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> REPLACED (0)
[HJ] HKCU\[...]\NewStartPanel : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
˙ž1

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: SAMSUNG HM500JJ (TurboPC) +++++
--- User ---
[MBR] 99d2f71d2603bf654109f7d8e1e72266
[BSP] 0367d923a854510eca8b99d89a80cb83 : Windows 7 MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 15000 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 30926848 | Size: 461838 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt


RogueKiller V7.6.3 [07/08/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo...13-roguekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User: Lelouch [Admin rights]
Mode: Shortcuts HJfix -- Date: 07/13/2012 08:57:28

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ File attributes restored: ¤¤¤
Desktop: Success 7 / Fail 0
Quick launch: Success 1 / Fail 0
Programs: Success 29 / Fail 0
Start menu: Success 1 / Fail 0
User folder: Success 956 / Fail 0
My documents: Success 1 / Fail 0
My favorites: Success 0 / Fail 0
My pictures: Success 0 / Fail 0
My music: Success 322 / Fail 0
My videos: Success 0 / Fail 0
Local drives: Success 747 / Fail 0
Backup: [NOT FOUND]

Drives:
[C:] \Device\HarddiskVolume3 -- 0x3 --> Restored
[D:] \Device\CdRom0 -- 0x5 --> Skipped
[E:] \Device\CdRom1 -- 0x5 --> Skipped
[F:] \Device\CdRom2 -- 0x5 --> Skipped
[Q:] \Device\SftVol -- 0x3 --> Restored

¤¤¤ Infection : ¤¤¤

Finished : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt




aswMBR log


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-13 08:58:37
-----------------------------
08:58:37.654 OS Version: Windows x64 6.1.7601 Service Pack 1
08:58:37.654 Number of processors: 8 586 0x2A07
08:58:37.654 ComputerName: LELOUCH-PC UserName: Lelouch
08:58:38.730 Initialize success
08:58:38.793 AVAST engine defs: 12071201
08:58:42.131 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
08:58:42.131 Disk 0 Vendor: SAMSUNG_ 2AK1 Size: 476940MB BusType: 3
08:58:42.147 Disk 0 MBR read successfully
08:58:42.162 Disk 0 MBR scan
08:58:42.162 Disk 0 Windows 7 default MBR code
08:58:42.178 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 100 MB offset 2048
08:58:42.194 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 15000 MB offset 206848
08:58:42.194 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 461838 MB offset 30926848
08:58:42.209 Disk 0 scanning C:\Windows\system32\drivers
08:58:53.020 Service scanning
08:59:13.753 Modules scanning
08:59:14.330 Disk 0 trace - called modules:
08:59:14.361 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys sptd.sys hal.dll
08:59:14.377 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004b45060]
08:59:14.377 3 CLASSPNP.SYS[fffff88001d9743f] -> nt!IofCallDriver -> [0xfffffa800483ae40]
08:59:14.392 5 ACPI.sys[fffff8800100b7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004867050]
08:59:15.359 AVAST engine scan C:\Windows
08:59:18.526 AVAST engine scan C:\Windows\system32
09:01:14.512 AVAST engine scan C:\Windows\system32\drivers
09:01:25.838 AVAST engine scan C:\Users\Lelouch
09:29:20.316 AVAST engine scan C:\ProgramData
09:31:02.480 Scan finished successfully
09:40:14.113 Disk 0 MBR has been saved successfully to "C:\Users\Lelouch\Desktop\MBR.dat"
09:40:14.128 The log file has been saved successfully to "C:\Users\Lelouch\Desktop\aswMBR.txt"



OTL.txt

OTL logfile created on: 7/13/2012 9:42:43 AM - Run 2
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\Lelouch\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Malaysia | Language: ENM | Date Format: d/M/yyyy

3.91 Gb Total Physical Memory | 1.25 Gb Available Physical Memory | 32.00% Memory free
7.82 Gb Paging File | 4.81 Gb Available in Paging File | 61.54% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451.01 Gb Total Space | 41.38 Gb Free Space | 9.18% Space Free | Partition Type: NTFS

Computer Name: LELOUCH-PC | User Name: Lelouch | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/07/12 10:06:43 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Lelouch\Desktop\OTL.exe
PRC - [2012/07/04 00:21:30 | 004,273,976 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/07/04 00:21:29 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/06/19 10:17:38 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/01/03 05:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/10/29 10:08:38 | 000,066,872 | ---- | M] () -- C:\WINDOWS\SysWOW64\PnkBstrA.exe
PRC - [2011/10/15 16:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011/10/15 00:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011/10/01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011/10/01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2010/11/18 01:53:16 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2010/11/06 12:54:22 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/11/06 12:54:20 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/11/04 01:01:20 | 001,298,496 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
PRC - [2010/11/04 00:53:28 | 000,897,088 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2010/11/04 00:53:06 | 000,979,008 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
PRC - [2010/11/02 11:40:30 | 002,006,664 | ---- | M] (Sensible Vision ) -- C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe
PRC - [2010/11/02 11:40:30 | 000,093,832 | ---- | M] (Sensible Vision ) -- C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
PRC - [2010/11/02 11:40:28 | 002,428,552 | ---- | M] (Sensible Vision ) -- C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe
PRC - [2010/10/06 10:04:12 | 002,655,768 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/10/06 10:04:08 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010/08/21 07:53:08 | 000,689,472 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
PRC - [2010/08/20 10:55:14 | 000,320,888 | ---- | M] (BUFFALO INC.) -- C:\Program Files (x86)\BUFFALO\Backup_Utility\BUService.exe
PRC - [2010/08/20 07:06:56 | 000,487,562 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
PRC - [2010/08/12 07:19:16 | 000,781,536 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
PRC - [2010/03/12 15:43:38 | 000,241,808 | ---- | M] (Paltiosoft Inc.) -- C:\Program Files (x86)\SoftDenchi\UCManSvc.exe
PRC - [2010/01/12 02:20:48 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2003/02/18 13:19:14 | 000,294,400 | ---- | M] (Shatran Software) -- C:\Program Files (x86)\Quick ShutDown\qsd.exe


========== Modules (No Company Name) ==========

MOD - [2012/07/12 11:27:08 | 000,475,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\3ac345f23c9bf10342c5c12f2d2c5728\IAStorUtil.ni.dll
MOD - [2012/07/12 11:27:08 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\23917a73056cd44ac791a08442c9848a\IAStorCommon.ni.dll
MOD - [2012/07/12 09:16:56 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\12dc22db56f7933e84654ecc590beba5\System.Runtime.Remoting.ni.dll
MOD - [2012/07/12 09:16:35 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\828e99a57411166ccc26d24be089ba44\System.Windows.Forms.ni.dll
MOD - [2012/07/12 09:16:29 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\502adc65e43b9d025cba1fd0bfa964a8\System.Drawing.ni.dll
MOD - [2012/07/12 09:16:18 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\5b10c18a074132f1ae4a86d860cf9615\WindowsBase.ni.dll
MOD - [2012/07/12 09:16:10 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\cfb0e4de1afd3f2efbbf39a5e39f646a\System.Xml.ni.dll
MOD - [2012/07/12 09:16:05 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2a5cbab122112cd4291b684e67460c16\System.Configuration.ni.dll
MOD - [2012/07/12 09:16:04 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9447bd5b21a91081d4275b4c4401b1f9\System.ni.dll
MOD - [2012/07/12 09:15:10 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\2ab531f4915cccb998c4e852fb7efd00\mscorlib.ni.dll
MOD - [2012/06/19 10:17:38 | 002,042,848 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011/10/15 00:54:26 | 000,265,536 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
MOD - [2010/11/30 10:04:00 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll
MOD - [2010/11/02 11:40:34 | 000,087,176 | ---- | M] () -- C:\WINDOWS\SysWOW64\FAIEExtension.dll
MOD - [2010/11/02 11:40:30 | 000,057,480 | ---- | M] () -- C:\WINDOWS\SysWOW64\FAib.dll
MOD - [2010/11/02 11:40:24 | 000,248,968 | ---- | M] () -- C:\WINDOWS\SysWOW64\FACrashRpt.dll
MOD - [2010/08/12 07:19:34 | 000,077,024 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\zlib1.dll
MOD - [2010/08/12 07:19:32 | 000,109,792 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STPE.dll
MOD - [2010/08/12 07:19:32 | 000,072,928 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STRegistry.dll
MOD - [2010/08/12 07:19:30 | 000,232,672 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STFiles.dll
MOD - [2010/08/12 07:19:30 | 000,126,176 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STLog.dll
MOD - [2010/08/12 07:19:30 | 000,119,008 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STNLS.dll
MOD - [2010/08/12 07:19:26 | 001,121,504 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\libxml2.dll
MOD - [2010/08/12 07:19:16 | 000,781,536 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
MOD - [2009/05/05 19:10:56 | 000,327,168 | ---- | M] () -- C:\Program Files (x86)\WideCap\widecapdrv.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012/07/04 00:21:29 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2012/04/19 08:22:48 | 000,502,032 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\mcafee\virusscan\mcods.exe -- (McODS)
SRV:64bit: - [2012/03/20 13:11:30 | 000,162,192 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\WINDOWS\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2012/03/20 12:56:24 | 000,210,584 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2012/03/20 12:55:54 | 000,199,272 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2011/12/14 12:46:50 | 000,035,648 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2011/08/13 18:09:32 | 001,844,224 | ---- | M] (Proxy Labs) [Disabled | Stopped] -- C:\Program Files\Proxy Labs\ProxyCap\pcapsvc.exe -- (pcapsvc)
SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McOobeSv)
SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2011/01/21 19:47:52 | 000,296,448 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2010/12/18 03:41:32 | 001,515,792 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel®
SRV:64bit: - [2010/12/18 03:28:46 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2010/12/18 03:26:50 | 000,836,880 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel®
SRV:64bit: - [2010/11/30 04:00:56 | 000,149,504 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost) Intel®
SRV:64bit: - [2010/09/23 07:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/08/31 03:42:00 | 000,220,528 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- c:\Program Files\mcafee\msc\McAWFwk.exe -- (McAWFwk)
SRV:64bit: - [2010/01/12 02:20:48 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV:64bit: - [2009/07/14 09:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/03/03 18:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/06/19 10:17:38 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/01/03 05:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/12/14 12:47:00 | 002,123,584 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011/12/14 12:46:50 | 000,028,992 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2011/10/29 10:08:38 | 000,066,872 | ---- | M] () [Auto | Running] -- C:\WINDOWS\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011/10/15 16:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011/10/15 00:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011/10/01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010/11/25 18:34:18 | 000,219,632 | ---- | M] (Sonic Solutions) [Disabled | Stopped] -- c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe -- (RoxWatch12)
SRV - [2010/11/25 18:33:18 | 001,116,656 | ---- | M] (Sonic Solutions) [Disabled | Stopped] -- c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM)
SRV - [2010/11/06 12:54:22 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel®
SRV - [2010/11/04 01:01:20 | 001,298,496 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service)
SRV - [2010/11/04 00:53:28 | 000,897,088 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2010/11/02 11:40:28 | 002,428,552 | ---- | M] (Sensible Vision ) [Auto | Running] -- C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe -- (FAService)
SRV - [2010/10/06 10:04:12 | 002,655,768 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®
SRV - [2010/10/06 10:04:08 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®
SRV - [2010/08/26 09:28:54 | 002,823,000 | ---- | M] (Dell, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe -- (NOBU)
SRV - [2010/08/21 07:53:08 | 000,689,472 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService)
SRV - [2010/08/20 10:55:14 | 000,320,888 | ---- | M] (BUFFALO INC.) [Auto | Running] -- C:\Program Files (x86)\BUFFALO\Backup_Utility\BUService.exe -- (BFBackupUtilityService)
SRV - [2010/04/28 12:17:02 | 000,359,288 | ---- | M] (BUFFALO INC.) [Auto | Running] -- C:\Program Files (x86)\BUFFALO\Backup_Utility\BUVSSService64.exe -- (BFBackupUtilityVSSService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/12 15:43:38 | 000,241,808 | ---- | M] (Paltiosoft Inc.) [Auto | Running] -- C:\Program Files (x86)\SoftDenchi\UCManSvc.exe -- (UCManSvc)
SRV - [2009/07/13 01:08:04 | 000,024,168 | ---- | M] (The Within Network, LLC) [Auto | Running] -- C:\WINDOWS\UnsignedThemesSvc.exe -- (UnsignedThemes)
SRV - [2009/06/11 05:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/07/04 00:21:52 | 000,958,400 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012/07/04 00:21:52 | 000,355,856 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012/07/04 00:21:52 | 000,071,064 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012/07/04 00:21:52 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012/07/04 00:21:52 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012/07/04 00:21:51 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012/07/03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/04/03 14:56:21 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012/04/03 14:47:11 | 000,564,792 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2012/03/01 14:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/22 13:29:46 | 000,647,208 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2012/02/22 13:29:46 | 000,487,296 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2012/02/22 13:29:46 | 000,289,664 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2012/02/22 13:29:46 | 000,229,528 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2012/02/22 13:29:46 | 000,160,792 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2012/02/22 13:29:46 | 000,100,912 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2012/02/22 13:29:46 | 000,075,936 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\mfenlfk.sys -- (mfenlfk)
DRV:64bit: - [2012/02/22 13:29:46 | 000,065,264 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2011/10/15 16:53:00 | 000,249,152 | ---- | M] (NVIDIA Corporation) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\nvkflt.sys -- (nvkflt)
DRV:64bit: - [2011/10/15 16:53:00 | 000,028,992 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2011/10/01 08:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011/10/01 08:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011/10/01 08:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011/10/01 08:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011/08/03 15:20:38 | 000,027,848 | ---- | M] (RSJ Software GmbH) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\vproiah.sys -- (vproiah)
DRV:64bit: - [2011/07/13 14:22:00 | 000,072,016 | ---- | M] (BUFFALO INC.) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\bftpdskc64.sys -- (bftpdskc64)
DRV:64bit: - [2011/07/08 07:21:28 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011/07/06 23:14:42 | 000,145,008 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\SysNative\drivers\idmwfp.sys -- (IDMWFP)
DRV:64bit: - [2011/07/01 17:46:40 | 000,031,232 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2011/01/21 19:47:52 | 000,520,192 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2011/01/16 00:21:04 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2011/01/08 09:42:34 | 012,262,688 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/12/21 22:08:48 | 008,505,856 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\NETwNs64.sys -- (NETwNs64) ___ Intel®
DRV:64bit: - [2010/12/11 05:50:36 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010/12/11 05:50:36 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010/12/04 06:32:24 | 000,316,024 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2010/12/01 18:02:22 | 000,042,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\WDKMD.sys -- (wdkmd)
DRV:64bit: - [2010/11/30 04:00:04 | 000,016,120 | ---- | M] (Intel® Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2010/11/23 00:41:08 | 000,167,920 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\C2SCSI64.SYS -- (c2scsi64)
DRV:64bit: - [2010/11/20 21:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 21:32:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 21:32:46 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010/11/20 19:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/06 12:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/11/04 18:07:06 | 000,058,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\btmaux.sys -- (btmaux)
DRV:64bit: - [2010/11/04 16:31:44 | 000,059,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\iBtFltCoex.sys -- (iBtFltCoex)
DRV:64bit: - [2010/10/30 08:11:42 | 000,250,984 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/10/27 03:08:08 | 000,406,632 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/10/21 15:47:12 | 000,020,608 | ---- | M] (BUFFALO INC.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\bftpusbx64.sys -- (bftpusbx64)
DRV:64bit: - [2010/10/20 07:12:58 | 000,274,432 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\btmhsf.sys -- (btmhsf)
DRV:64bit: - [2010/09/21 22:59:38 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel®
DRV:64bit: - [2010/08/12 23:51:30 | 000,175,168 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2010/07/31 07:36:38 | 000,025,072 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- c:\Program Files\Dell Support Center\pcdsrvc_x64.pkms -- (PCDSRVC{1E208CE0-FB7451FF-06020101}_0)
DRV:64bit: - [2010/07/02 01:11:24 | 000,012,352 | ---- | M] () [Kernel | "Start" not found. | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV:64bit: - [2010/03/19 16:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010/03/10 10:30:00 | 000,047,232 | ---- | M] (BUFFALO INC.) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\BFRD4G.sys -- (BFRD4G)
DRV:64bit: - [2009/07/14 09:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 09:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 09:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 01:09:20 | 000,030,568 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\SysNative\drivers\uxpatch.sys -- (uxpatch)
DRV:64bit: - [2009/06/11 04:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/06/11 04:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/11 04:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/11 04:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/11 04:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/02/24 18:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\mcdbus.sys -- (mcdbus)
DRV:64bit: - [2008/09/25 09:36:14 | 000,238,848 | ---- | M] (Sensible Vision ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\facap.sys -- (FACAP)
DRV:64bit: - [2006/11/02 01:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2012/04/15 06:57:30 | 000,002,368 | ---- | M] (AntiCracking) [Kernel | Auto | Stopped] -- C:\WINDOWS\SysWOW64\STEC3.sys -- (STEC3)
DRV - [2011/12/12 19:31:38 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2009/07/14 09:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}: "URL" = http://www.bing.com/...rc=IE-SearchBox


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3405665497-2748038552-3055002692-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3405665497-2748038552-3055002692-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-3405665497-2748038552-3055002692-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3405665497-2748038552-3055002692-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://inm.startya.c...=575&country=MY
IE - HKU\S-1-5-21-3405665497-2748038552-3055002692-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www1.ap.dell....c=my&l=en&s=gen
IE - HKU\S-1-5-21-3405665497-2748038552-3055002692-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3405665497-2748038552-3055002692-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-3405665497-2748038552-3055002692-1001\..\SearchScopes\{32F9BA74-B3CA-4441-9A16-E7E7C6EC4183}: "URL" = http://malaysia.sear...p={searchTerms}
IE - HKU\S-1-5-21-3405665497-2748038552-3055002692-1001\..\SearchScopes\{A89CA510-D2CE-B184-4A81-8F61AD65D953}: "URL" = http://inm.startya.c...o&cfg=2-575-0-0
IE - HKU\S-1-5-21-3405665497-2748038552-3055002692-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..keyword.URL: "http://www.google.co...-8&oe=utf-8&q="
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_235.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@iahgames.com/prodown: C:\Program Files (x86)\IAHgames\Playfast\npiahpd.dll (RSJ Software GmbH)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~2\mcafee\msc\npmcsn~1.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@rsj.de/prodown: File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Lelouch\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Lelouch\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Lelouch\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso\ [2011/03/30 17:08:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore [2012/07/12 02:32:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/07/11 14:37:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/19 10:17:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/07/11 14:33:21 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\Lelouch\AppData\Roaming\IDM\idmmzcc5 [2011/11/27 07:04:03 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/19 10:17:39 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/07/11 14:33:21 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\[email protected]: C:\Users\Lelouch\AppData\Roaming\IDM\idmmzcc5 [2011/11/27 07:04:03 | 000,000,000 | ---D | M]

[2011/06/26 09:48:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lelouch\AppData\Roaming\Mozilla\Extensions
[2012/07/04 18:44:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lelouch\AppData\Roaming\Mozilla\Firefox\Profiles\hhq0uue9.default\extensions
[2011/11/27 10:08:46 | 000,000,000 | ---D | M] (Cookies Manager+) -- C:\Users\Lelouch\AppData\Roaming\Mozilla\Firefox\Profiles\hhq0uue9.default\extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25d}
[2012/07/11 06:50:46 | 000,001,398 | ---- | M] () -- C:\Users\Lelouch\AppData\Roaming\Mozilla\Firefox\Profiles\hhq0uue9.default\searchplugins\sankaku-channel.xml
[2012/07/11 14:33:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/07/11 14:33:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2011/08/29 00:16:31 | 000,000,000 | ---D | M] (QuickStores-Toolbar) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
[2011/07/17 22:47:13 | 000,097,169 | ---- | M] () (No name found) -- C:\USERS\LELOUCH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HHQ0UUE9.DEFAULT\EXTENSIONS\{3D7EB24F-2740-49DF-8937-200B1CC08F8A}.XPI
[2012/05/27 20:21:56 | 000,258,567 | ---- | M] () (No name found) -- C:\USERS\LELOUCH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HHQ0UUE9.DEFAULT\EXTENSIONS\{46551EC9-40F0-4E47-8E18-8E5CF550CFB8}.XPI
[2012/03/23 23:38:44 | 000,049,303 | ---- | M] () (No name found) -- C:\USERS\LELOUCH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HHQ0UUE9.DEFAULT\EXTENSIONS\{4C7097F7-08F2-4EF2-9B9F-F95FA4CBB064}.XPI
[2011/07/03 15:41:22 | 000,059,893 | ---- | M] () (No name found) -- C:\USERS\LELOUCH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HHQ0UUE9.DEFAULT\EXTENSIONS\{792BDDFE-2E7C-42ED-B18D-18154D2761BD}.XPI
[2012/02/14 18:13:26 | 000,105,380 | ---- | M] () (No name found) -- C:\USERS\LELOUCH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HHQ0UUE9.DEFAULT\EXTENSIONS\[email protected]
[2011/06/26 10:21:26 | 000,330,316 | ---- | M] () (No name found) -- C:\USERS\LELOUCH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HHQ0UUE9.DEFAULT\EXTENSIONS\[email protected]
[2012/06/19 10:17:38 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/04/14 14:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\mozilla firefox\components\Scriptff.dll
[2011/07/12 05:48:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2012/06/19 10:17:36 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/06/19 10:17:36 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Lelouch\AppData\Local\Google\Chrome\Application\20.0.1132.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Lelouch\AppData\Local\Google\Chrome\Application\20.0.1132.57\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Lelouch\AppData\Local\Google\Chrome\Application\20.0.1132.57\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Lelouch\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: IAHGames (Enabled) = C:\Program Files (x86)\IAHgames\Playfast\npiahpd.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Lelouch\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Lelouch\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: McAfee SecurityCenter (Enabled) = c:\progra~2\mcafee\msc\npmcsn~1.dll
CHR - Extension: Mr. Bounce = C:\Users\Lelouch\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajfdmocmkakkkbgcoifcenchgkokpecl\1.0.52_0\
CHR - Extension: Marvel Comics = C:\Users\Lelouch\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjhfaknohpjconjoefidanhihokmkice\1.0.0.0_0\
CHR - Extension: Troll Emoticons = C:\Users\Lelouch\AppData\Local\Google\Chrome\User Data\Default\Extensions\hndllphbhpadfpoikpaofkkkpkpnmjik\4.6.7_0\
CHR - Extension: avast! WebRep = C:\Users\Lelouch\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1456_0\
CHR - Extension: Curling = C:\Users\Lelouch\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhalnajmigjnpjpdbpkpgfhekbjmolhp\1.0.10_0\
CHR - Extension: Robot Theme, inspired by Android\u2122 = C:\Users\Lelouch\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeljdmeofcikjblcoehpmdnooimalbmj\0.2.2_0\

O1 HOSTS File: ([2012/07/13 08:46:35 | 000,000,098 | ---- | M]) - C:\WINDOWS\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL File not found
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\mcafee\systemcore\ScriptSn.20120619100602.dll (McAfee, Inc.)
O2:64bit: - BHO: (SSOIEAddonBHO Class) - {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files (x86)\Sensible Vision\Fast Access\x64\FAIESSO.dll (Sensible Vision )
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\mcafee\msk\mskapbho.dll ()
O2 - BHO: (AddTask Class) - {6A19C29D-ED45-4483-8999-9F939C8161F2} - C:\Program Files\eREAD6.0\eREAD6.0\WebHook.dll ()
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\mcafee\SystemCore\ScriptSn.20120619100602.dll (McAfee, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (SSOIEAddonBHO Class) - {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll (Sensible Vision )
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\WINDOWS\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)
O4:64bit: - HKLM..\Run: [NVHotkey] C:\Windows\SysNative\nvHotkey.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\WINDOWS\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe (Dell, Inc.)
O4 - HKLM..\Run: [Dell Registration] C:\Program Files (x86)\System Registration\prodreg.exe (Dell, Inc.)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [FAStartup] File not found
O4 - HKLM..\Run: [FATrayAlert] C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe (Sensible Vision )
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3405665497-2748038552-3055002692-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe (Softthinks)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-3405665497-2748038552-3055002692-1000..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Lelouch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Quick ShutDown.lnk = C:\Program Files (x86)\Quick ShutDown\qsd.exe (Shatran Software)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8:64bit: - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Windows\SysNative\pcapwsp.dll (Proxy Labs)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - ppcapwsp.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - ppcapwsp.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - ppcapwsp.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - ppcapwsp.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000016 - ppcapwsp.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\WideCap\widecapdrv.dll ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Windows\SysWow64\pcapwsp.dll (Proxy Labs)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\WideCap\widecapdrv.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\WideCap\widecapdrv.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\WideCap\widecapdrv.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\WideCap\widecapdrv.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files (x86)\WideCap\widecapdrv.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files (x86)\WideCap\widecapdrv.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - %SystemRoot%\System32\winrnr.dll File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_33)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4671B274-FAEB-4888-BE49-59D743A69CD7}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\WINDOWS\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\WINDOWS\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\WINDOWS\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\FastAccess: DllName - (C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll) - C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll ()
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs:64bit: UxTuneUp - C:\WINDOWS\SysNative\uxtuneup.dll (TuneUp Software)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/07/13 08:50:19 | 000,000,000 | ---D | C] -- C:\Users\Lelouch\Desktop\RK_Quarantine
[2012/07/13 08:48:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2012/07/13 08:46:29 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/07/13 07:01:50 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\Lelouch\Desktop\aswMBR.exe
[2012/07/13 06:58:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Internet Security
[2012/07/12 10:06:31 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Lelouch\Desktop\OTL.exe
[2012/07/12 09:44:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ノ「サェタヨ(Sankarea) WINDOWS 7 THEME
[2012/07/12 09:42:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FateZero Windows 7 THEME
[2012/07/12 09:40:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\シワマヌソユヨョヌナ(hoshikaka) Windows 7 THEME
[2012/07/12 09:37:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fortune Arterial by weidao WINDOWS 7 THEME
[2012/07/12 09:36:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ボマ゙ヒケフリタュヘミヒケ(Infinite Stratos) WINDOWS 7 THEME
[2012/07/12 09:34:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\トァキィノルナョヤイマ・MADOKA MAGICA) WINDOWS 7 THEME
[2012/07/12 09:32:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MMメサラ・by weidao WINDOWS 7 THEME
[2012/07/12 09:29:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ールサィ釀ツメ SAMURAI GIRLS WINDOWS 7 THEME
[2012/07/12 09:23:28 | 000,000,000 | ---D | C] -- C:\Windows\ACGDIYBAK
[2012/07/12 05:43:00 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012/07/12 05:43:00 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2012/07/12 05:42:59 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012/07/12 05:42:34 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/07/12 05:42:34 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/07/12 05:42:33 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/07/12 05:42:33 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/07/12 05:42:32 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/07/12 05:42:32 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/07/12 05:42:31 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/07/12 05:42:31 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/07/12 05:42:30 | 002,311,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/07/12 05:42:30 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/07/12 05:42:30 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/07/12 05:42:29 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/07/12 05:42:29 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/07/12 05:38:37 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/07/12 05:38:34 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/07/12 05:38:34 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/07/12 05:38:32 | 001,544,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012/07/12 05:38:26 | 001,462,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012/07/12 05:38:24 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012/07/12 05:37:47 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2012/07/12 05:37:38 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2012/07/12 05:37:26 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2012/07/12 05:37:23 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012/07/11 22:53:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\邉オッオトムヌタヌ(Aria The Scarlet Ammo) Windows 7 THEME
[2012/07/11 22:52:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ツカオルオトヘ貔゚ BY エソメ﨔カオタ WINDOWS 7 THEME
[2012/07/11 22:34:35 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2012/07/11 22:33:39 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2012/07/11 14:37:21 | 000,025,232 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012/07/11 14:37:20 | 000,355,856 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2012/07/11 14:37:17 | 000,059,728 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2012/07/11 14:37:17 | 000,054,072 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2012/07/11 14:37:16 | 000,958,400 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2012/07/11 14:37:13 | 000,285,328 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2012/07/11 14:37:13 | 000,071,064 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012/07/11 14:36:56 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012/07/11 14:36:55 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012/07/11 14:36:47 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012/07/11 14:36:47 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012/07/11 14:34:08 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2012/07/11 14:33:21 | 000,476,936 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\npdeployJava1.dll
[2012/07/11 14:33:21 | 000,157,448 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2012/07/11 14:33:21 | 000,149,256 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2012/07/11 14:33:21 | 000,149,256 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2012/07/11 14:33:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2012/07/11 14:27:10 | 000,607,260 | ---- | C] (Swearware) -- C:\Users\Lelouch\Desktop\dds.scr
[2012/07/11 12:41:49 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012/07/11 09:24:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2012/06/24 19:49:04 | 000,000,000 | ---D | C] -- C:\TEATIME
[2012/06/24 08:39:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
[2012/06/24 08:39:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CrystalDiskInfo
[2012/06/19 06:53:37 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012/06/19 06:53:37 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012/06/19 06:53:37 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012/06/19 06:53:16 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012/06/19 06:53:16 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012/06/19 06:53:16 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012/06/19 06:53:00 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012/06/19 06:53:00 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/07/13 09:40:14 | 000,000,512 | ---- | M] () -- C:\Users\Lelouch\Desktop\MBR.dat
[2012/07/13 08:58:00 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3405665497-2748038552-3055002692-1001UA.job
[2012/07/13 08:49:29 | 000,013,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/07/13 08:49:29 | 000,013,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/07/13 08:47:41 | 000,727,182 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/07/13 08:47:41 | 000,616,452 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/07/13 08:47:41 | 000,106,574 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/07/13 08:46:35 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2012/07/13 08:41:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/07/13 08:41:42 | 3148,218,368 | -HS- | M] () -- C:\hiberfil.sys
[2012/07/13 07:57:00 | 000,063,435 | ---- | M] () -- C:\Users\Lelouch\Desktop\bookmarks-2012-07-13.json
[2012/07/13 07:05:51 | 001,558,016 | ---- | M] () -- C:\Users\Lelouch\Desktop\RogueKiller.exe
[2012/07/13 07:02:33 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\Lelouch\Desktop\aswMBR.exe
[2012/07/13 06:58:53 | 000,001,924 | ---- | M] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2012/07/13 06:52:42 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012/07/12 21:24:11 | 000,001,075 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/07/12 15:14:35 | 000,016,156 | ---- | M] () -- C:\Users\Lelouch\AppData\Local\recently-used.xbel
[2012/07/12 10:58:03 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3405665497-2748038552-3055002692-1001Core.job
[2012/07/12 10:06:43 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Lelouch\Desktop\OTL.exe
[2012/07/12 06:44:08 | 000,475,024 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/07/11 22:45:58 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msclmd.dll
[2012/07/11 22:45:58 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msclmd.dll
[2012/07/11 15:32:00 | 000,000,110 | ---- | M] () -- C:\Users\Lelouch\.gtk-bookmarks
[2012/07/11 14:33:10 | 000,476,936 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\npdeployJava1.dll
[2012/07/11 14:33:10 | 000,472,840 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2012/07/11 14:33:10 | 000,157,448 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2012/07/11 14:33:10 | 000,149,256 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2012/07/11 14:33:10 | 000,149,256 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2012/07/11 14:27:26 | 000,302,592 | ---- | M] () -- C:\Users\Lelouch\Desktop\x322lkx5.exe
[2012/07/11 14:27:14 | 000,607,260 | ---- | M] (Swearware) -- C:\Users\Lelouch\Desktop\dds.scr
[2012/07/11 14:24:51 | 089,340,632 | ---- | M] () -- C:\Users\Lelouch\Desktop\avast_free_antivirus_setup.exe
[2012/07/10 00:25:58 | 000,053,380 | ---- | M] () -- C:\Users\Lelouch\Desktop\619s3vspzp.jpg
[2012/07/07 17:48:54 | 013,199,462 | ---- | M] () -- C:\Users\Lelouch\Documents\Katawa_Shoujo_Midwinter_EN.pdf
[2012/07/04 00:21:52 | 000,958,400 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2012/07/04 00:21:52 | 000,355,856 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2012/07/04 00:21:52 | 000,071,064 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012/07/04 00:21:52 | 000,059,728 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2012/07/04 00:21:52 | 000,054,072 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2012/07/04 00:21:51 | 000,025,232 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012/07/04 00:21:32 | 000,041,224 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2012/07/04 00:21:28 | 000,227,648 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012/07/04 00:21:18 | 000,285,328 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2012/07/03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/07/13 09:40:14 | 000,000,512 | ---- | C] () -- C:\Users\Lelouch\Desktop\MBR.dat
[2012/07/13 07:56:59 | 000,063,435 | ---- | C] () -- C:\Users\Lelouch\Desktop\bookmarks-2012-07-13.json
[2012/07/13 07:05:31 | 001,558,016 | ---- | C] () -- C:\Users\Lelouch\Desktop\RogueKiller.exe
[2012/07/13 06:58:53 | 000,001,924 | ---- | C] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2012/07/12 21:24:11 | 000,001,075 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/07/12 15:14:35 | 000,016,156 | ---- | C] () -- C:\Users\Lelouch\AppData\Local\recently-used.xbel
[2012/07/11 15:32:00 | 000,000,110 | ---- | C] () -- C:\Users\Lelouch\.gtk-bookmarks
[2012/07/11 14:37:13 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2012/07/11 14:27:20 | 000,302,592 | ---- | C] () -- C:\Users\Lelouch\Desktop\x322lkx5.exe
[2012/07/11 13:51:05 | 089,340,632 | ---- | C] () -- C:\Users\Lelouch\Desktop\avast_free_antivirus_setup.exe
[2012/07/10 00:38:35 | 000,053,380 | ---- | C] () -- C:\Users\Lelouch\Desktop\619s3vspzp.jpg
[2012/07/07 17:48:54 | 013,199,462 | ---- | C] () -- C:\Users\Lelouch\Documents\Katawa_Shoujo_Midwinter_EN.pdf
[2012/02/17 19:36:25 | 000,657,213 | ---- | C] () -- C:\Windows\Condition Zero Uninstaller.exe
[2012/01/26 17:44:05 | 000,111,932 | ---- | C] () -- C:\Windows\SysWow64\EPPICPrinterDB.dat
[2012/01/26 17:44:05 | 000,031,053 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern131.dat
[2012/01/26 17:44:05 | 000,027,417 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern121.dat
[2012/01/26 17:44:05 | 000,026,154 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern1.dat
[2012/01/26 17:44:05 | 000,024,903 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern3.dat
[2012/01/26 17:44:05 | 000,021,390 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern5.dat
[2012/01/26 17:44:05 | 000,020,148 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern2.dat
[2012/01/26 17:44:05 | 000,011,811 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern4.dat
[2012/01/26 17:44:05 | 000,004,943 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern6.dat
[2012/01/26 17:44:05 | 000,001,146 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_DU.dat
[2012/01/26 17:44:05 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_PT.dat
[2012/01/26 17:44:05 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_BP.dat
[2012/01/26 17:44:05 | 000,001,136 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_ES.dat
[2012/01/26 17:44:05 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_FR.dat
[2012/01/26 17:44:05 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_CF.dat
[2012/01/26 17:44:05 | 000,001,120 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_IT.dat
[2012/01/26 17:44:05 | 000,001,107 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_GE.dat
[2012/01/26 17:44:05 | 000,001,104 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_EN.dat
[2012/01/26 17:44:05 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini
[2011/12/03 17:46:43 | 000,022,566 | ---- | C] () -- C:\Windows\UN091222.INI
[2011/12/03 17:46:39 | 000,014,252 | ---- | C] () -- C:\Windows\UN091114.INI
[2011/12/03 17:46:33 | 000,035,896 | ---- | C] () -- C:\Windows\UN091111.INI
[2011/12/03 17:46:30 | 000,013,773 | ---- | C] () -- C:\Windows\UN091201.INI
[2011/10/29 10:08:39 | 000,111,928 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011/10/29 10:08:38 | 002,337,865 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2011/10/29 10:08:38 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011/10/15 00:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011/10/08 00:01:47 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011/10/08 00:01:44 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2011/10/08 00:01:38 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll
[2011/10/08 00:01:37 | 000,074,752 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011/09/16 23:25:11 | 000,010,752 | ---- | C] () -- C:\Users\Lelouch\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/08/25 23:19:23 | 000,000,020 | ---- | C] () -- C:\Windows\mafosav.INI
[2011/08/25 12:23:06 | 000,072,621 | ---- | C] () -- C:\Windows\rodflashvideoss_uninst.exe
[2011/08/15 15:41:04 | 000,000,000 | ---- | C] () -- C:\Users\Lelouch\AppData\Local\rx_image32.Cache
[2011/08/13 18:08:50 | 000,315,392 | ---- | C] ( ) -- C:\Windows\SysWow64\sbcrreag.dll
[2011/07/14 23:14:38 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011/07/14 23:14:38 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011/06/26 04:53:06 | 000,735,230 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/03/30 19:21:27 | 000,960,940 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011/03/30 19:21:27 | 000,207,376 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011/03/30 19:21:26 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011/03/30 19:20:53 | 000,000,096 | ---- | C] () -- C:\Windows\LaunApp.ini
[2011/03/30 19:20:50 | 000,000,271 | ---- | C] () -- C:\Windows\WisPriority.ini
[2011/03/30 19:20:50 | 000,000,035 | ---- | C] () -- C:\Windows\DELL_LANGCODE.ini
[2011/03/30 19:20:50 | 000,000,033 | ---- | C] () -- C:\Windows\DELL_OSTYPE.ini
[2011/03/30 19:20:50 | 000,000,032 | ---- | C] () -- C:\Windows\WisHWDest.ini
[2011/03/30 19:20:50 | 000,000,028 | ---- | C] () -- C:\Windows\WisLangCode.ini
[2011/03/30 19:20:50 | 000,000,023 | ---- | C] () -- C:\Windows\WisSysInfo.ini
[2011/03/30 16:56:38 | 000,017,776 | ---- | C] () -- C:\Windows\EvtMessage.dll
[2011/03/30 16:50:22 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll
[2011/02/12 05:23:34 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2010/12/10 08:33:11 | 000,000,325 | ---- | C] () -- C:\Windows\Prelaunch.ini
[2010/11/02 11:40:34 | 000,087,176 | ---- | C] () -- C:\Windows\SysWow64\FAIEExtension.dll
[2010/11/02 11:40:30 | 000,057,480 | ---- | C] () -- C:\Windows\SysWow64\FAib.dll
[2010/11/02 11:40:24 | 000,248,968 | ---- | C] () -- C:\Windows\SysWow64\FACrashRpt.dll

========== LOP Check ==========

[2011/08/02 05:36:17 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\Azureus
[2011/10/12 17:54:08 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\Bitdreamers
[2011/12/03 17:47:30 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\BUFFALO
[2011/10/13 13:24:43 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\COWON
[2012/07/04 16:30:39 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\DAEMON Tools Lite
[2012/07/13 08:40:40 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\DMCache
[2012/03/08 12:35:17 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\Ethereal
[2011/06/29 10:15:48 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\Fingertapps
[2012/07/13 08:35:40 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\foobar2000
[2012/05/05 10:40:33 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\gtk-2.0
[2012/04/07 12:46:45 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\IDM
[2011/07/18 21:14:13 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\IDT
[2011/07/29 10:20:34 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\KaiunOmikuji
[2011/07/29 10:20:49 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\KaraageTimer
[2011/08/03 08:40:41 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\KtaiGadget
[2011/06/26 04:52:16 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\Leadertech
[2011/10/07 22:15:09 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\Mal Updater
[2011/09/02 22:12:53 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\Maxis Broadband
[2012/02/08 14:35:35 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\MFTG
[2012/06/29 22:32:01 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\Mp3tag
[2012/03/08 13:22:53 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\NetMeter
[2012/06/03 18:01:35 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\Nitroplus
[2011/08/02 18:56:01 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\NoKagakuSokuteiki
[2011/07/01 17:02:59 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\Opera
[2012/03/29 07:06:10 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\PACE Anti-Piracy
[2011/08/29 00:16:29 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\QuickStoresToolbar
[2012/07/12 20:32:00 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\Rainmeter
[2012/01/15 06:34:25 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\RenPy
[2011/07/28 11:05:45 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\savedata
[2012/07/08 00:51:01 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\SoftGrid Client
[2011/12/26 18:46:16 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\Sync App Settings
[2011/12/25 08:42:15 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\SystemRequirementsLab
[2011/06/29 12:39:45 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\Teeworlds
[2011/10/11 07:33:53 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\TimeComX
[2011/06/26 04:53:30 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\TP
[2012/01/25 23:53:30 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\TuneUp Software
[2012/03/29 07:06:53 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\Unity
[2012/07/13 08:40:40 | 000,000,000 | ---D | M] -- C:\Users\Lelouch\AppData\Roaming\uTorrent
[2012/06/01 19:03:00 | 000,032,596 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< MD5 for: EXPLORER.EXE >
[2010/12/10 08:58:09 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=00B0358734CAA32C39D181FE6916B178 -- C:\WINDOWS\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_b8b0208ee0ce1889\explorer.exe
[2009/07/14 09:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\WINDOWS\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2010/12/10 09:16:35 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\WINDOWS\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2010/11/20 20:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\WINDOWS\SysWOW64\explorer.exe
[2010/11/20 20:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\WINDOWS\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2010/12/10 08:58:09 | 002,868,736 | ---- | M] (Microsoft Corporation) MD5=6D4F9E4B640B413C6F73414327484C80 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_addea9f19345cd81\explorer.exe
[2010/12/10 08:47:46 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2010/12/10 09:16:35 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\WINDOWS\ACGDIYBAK\201271292328\explorer.exe
[2010/12/10 09:16:35 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\WINDOWS\ACGDIYBAK\explorer.exe
[2010/12/10 09:16:35 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\WINDOWS\Resources\Themes\Aria The Scarlet Ammo-by Natsukyo\ShellChange\explorer.exe
[2010/12/10 09:16:35 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\WINDOWS\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2010/12/10 08:47:46 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\WINDOWS\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/11/20 21:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2010/12/10 09:16:34 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\WINDOWS\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2010/12/10 08:47:46 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\WINDOWS\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/14 09:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2010/12/10 09:16:34 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\WINDOWS\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2010/12/10 09:16:35 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=C8983CE02F9009C5AC831F53C06E287C -- C:\WINDOWS\explorer.exe
[2010/12/10 08:58:09 | 002,868,736 | ---- | M] (Microsoft Corporation) MD5=CA17F8620815267DC838E30B68CB5052 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_ae5b763cac6d568e\explorer.exe
[2010/12/10 08:47:46 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
[2010/12/10 08:58:09 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=FC89FACA0473641CB625EDA9277D0885 -- C:\WINDOWS\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_b8335443c7a68f7c\explorer.exe

< MD5 for: SERVICES >
[2009/06/11 05:00:26 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6079f415110c0210\services

< MD5 for: SERVICES.ASFX >
[2012/04/04 13:54:08 | 000,002,637 | ---- | M] () MD5=016DFC4F3F133AE19338EECD1924886A -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ro_RO\Services\Services.asfx
[2012/04/04 13:54:08 | 000,002,970 | ---- | M] () MD5=05A68D76420994EF8DF33184BFA98E04 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\uk_UA\Services\Services.asfx
[2012/04/04 13:54:04 | 000,002,555 | ---- | M] () MD5=272301585AC133486E70228DA27659AC -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\zh_TW\Services\Services.asfx
[2012/04/04 13:54:02 | 000,002,562 | ---- | M] () MD5=27CE9BD3209B549BB776B8C877455A91 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\nb_NO\Services\Services.asfx
[2012/04/04 13:54:02 | 000,002,632 | ---- | M] () MD5=2998A4AE8D0EF5122CCB985CF7E9D9D3 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ko_KR\Services\Services.asfx
[2012/04/04 13:54:02 | 000,002,545 | ---- | M] () MD5=2EEC9DDBD0B4EE5F65532322C383938A -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\zh_CN\Services\Services.asfx
[2012/04/04 13:54:04 | 000,002,629 | ---- | M] () MD5=3A0082D76426A87FB4937D426C491C10 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\cs_CZ\Services\Services.asfx
[2012/04/04 13:54:04 | 000,002,590 | ---- | M] () MD5=448953BD0CF26CE03D9E7CC1A7B278BC -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\tr_TR\Services\Services.asfx
[2012/04/04 13:53:58 | 000,002,605 | ---- | M] () MD5=5A2C5D0DA3EAAB2AA77F16947D0E14FF -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\it_IT\Services\Services.asfx
[2012/04/04 13:54:04 | 000,002,679 | ---- | M] () MD5=5DD2704563A6A79C466E44CD966B2655 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\hu_HU\Services\Services.asfx
[2012/04/04 13:53:56 | 000,002,711 | ---- | M] () MD5=6B0E7B068BD530B8FCEBC04CC8844AA9 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ja_JP\Services\Services.asfx
[2012/04/04 13:54:08 | 000,002,582 | ---- | M] () MD5=797FC263D59784AD1498560C34FA7DA1 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\sl_SI\Services\Services.asfx
[2012/04/04 13:53:56 | 000,002,626 | ---- | M] () MD5=8073B18DC740B965256CE0957E363AC5 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fr_FR\Services\Services.asfx
[2012/04/04 13:54:02 | 000,002,634 | ---- | M] () MD5=912DD5C0C7C8D7572AD598414D56E24A -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\pt_BR\Services\Services.asfx
[2012/04/04 13:53:56 | 000,002,655 | ---- | M] () MD5=ABFBB9D0398492D849690C344C1316BB -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\de_DE\Services\Services.asfx
[2012/04/04 13:54:08 | 000,002,638 | ---- | M] () MD5=C2C37202B0E55877A64ADDBDE738284E -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\sk_SK\Services\Services.asfx
[2012/04/04 13:54:04 | 000,002,589 | ---- | M] () MD5=C313AD3602D4965A1918E86B9F3E84CF -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\pl_PL\Services\Services.asfx
[2012/04/04 13:54:10 | 000,002,609 | ---- | M] () MD5=C7FA88C21103C70826F274A0E865AEDF -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ca_ES\Services\Services.asfx
[2012/04/04 13:54:10 | 000,002,576 | ---- | M] () MD5=D27D52045EB6A2EE031F7D2EA0349BC3 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\eu_ES\Services\Services.asfx
[2012/04/04 13:54:02 | 000,002,560 | ---- | M] () MD5=D5642B1BFE0A70231D14C11D3D3FD60D -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\da_DK\Services\Services.asfx
[2012/04/04 13:54:08 | 000,002,588 | ---- | M] () MD5=DB216743CDE75637621E2FD39431BBD4 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\hr_HR\Services\Services.asfx
[2012/04/04 13:53:58 | 000,002,620 | ---- | M] () MD5=DCF7A8843832327386B81ABD189AC236 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\es_ES\Services\Services.asfx
[2012/04/04 13:54:04 | 000,002,997 | ---- | M] () MD5=DD3F4DAF426555D8D85FF4D7C5A04F37 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ru_RU\Services\Services.asfx
[2010/11/16 10:02:32 | 000,000,228 | R--- | M] () MD5=E09422BE0C7636A7B63A1527C4C1372D -- C:\WINDOWS\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx
[2012/04/04 13:54:02 | 000,002,599 | ---- | M] () MD5=F09D769A94767C3C7E7015A5C6C99A39 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fi_FI\Services\Services.asfx
[2012/04/04 13:53:58 | 000,002,628 | ---- | M] () MD5=F844D742DB53C7D671BF7ED6517414D1 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\nl_NL\Services\Services.asfx
[2012/04/04 13:53:58 | 000,002,582 | ---- | M] () MD5=FED4BDA3B6A9EB9DB59C254D8C987495 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\sv_SE\Services\Services.asfx

< MD5 for: SERVICES.ASFX1 >
[2010/11/16 10:02:32 | 000,000,228 | R--- | M] () MD5=A7B7A4CC1A717292474115CD3A4AC121 -- C:\WINDOWS\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx1

< MD5 for: SERVICES.ASFX10 >
[2010/11/16 10:02:34 | 000,000,233 | R--- | M] () MD5=3382FAB54FC906B0E40269D903A8D690 -- C:\WINDOWS\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx10

< MD5 for: SERVICES.ASFX11 >
[2010/11/16 10:02:26 | 000,000,227 | R--- | M] () MD5=F36865AB3B9813962B7EDBE66FA1C28A -- C:\WINDOWS\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx11

< MD5 for: SERVICES.ASFX12 >
[2010/11/16 10:02:30 | 000,000,225 | R--- | M] () MD5=9287C7268CC0F37F1DDE18CEBB128685 -- C:\WINDOWS\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx12

< MD5 for: SERVICES.ASFX13 >
[2010/11/16 10:02:30 | 000,000,228 | R--- | M] () MD5=95326C46AC2654AFF5C8543DFE22CCB3 -- C:\WINDOWS\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx13

< MD5 for: SERVICES.ASFX14 >
[2010/11/16 10:02:26 | 000,000,228 | R--- | M] () MD5=14DA84ECAF57B5ADA36B9093FF04CF32 -- C:\WINDOWS\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx14

< MD5 for: SERVICES.ASFX15 >
[2010/11/16 10:02:26 | 000,000,231 | R--- | M] () MD5=CF94F061685A38BABE0BBD463191EDE7 -- C:\WINDOWS\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx15

< MD5 for: SERVICES.ASFX16 >
[2010/11/16 10:02:34 | 000,000,232 | R--- | M] () MD5=B6E63D87C73CED2D6B433C542C5C3965 -- C:\WINDOWS\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx16

< MD5 for: SERVICES.ASFX17 >
[2010/11/16 10:02:34 | 000,000,230 | R--- | M] () MD5=545E97C4F4CEA743A8D86B685EE2EDBB -- C:\WINDOWS\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx17

< MD5 for: SERVICES.ASFX18 >
[2010/11/16 10:02:24 | 000,000,230 | R--- | M] () MD5=2577B66F38E0DEA25F328DA4A0FED322 -- C:\WINDOWS\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx18

< MD5 for: SERVICES.ASFX19 >
[2010/11/16 10:02:26 | 000,000,225 | R--- | M] () MD5=0A27F1D6595A69800A43CDE155B1E4A0 -- C:\WINDOWS\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx19

< MD5 for: SERVICES.ASFX2 >
[2010/11/16 10:02:36 | 000,000,264 | R--- | M] () MD5=0652D24D4E2799851A6DF1705E2BFFDA -- C:\WINDOWS\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx2

< MD5 for: SERVICES.ASFX20 >
[2010/11/16 10:02:38 | 000,000,231 | R--- | M] () MD5=C85F2519DC6AECF93F67AA613A320136 -- C:\WINDOWS\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx20

< MD5 for: SERVICES.ASFX21 >
[2010/11/16 10:02:26 | 000,000,231 | R--- | M] () MD5=8C95C0528EA7049A1DFC7A7342461D75 -- C:\WINDOWS\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx21

< MD5 for: SERVICES.ASFX22 >
[2010/11/16 10:02:24 | 000,000,231 | R--- | M] () MD5=9F2731666F5771CC5C1E4EEDC8FB8607 -- C:\WINDOWS\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx22

< MD5 for: SERVICES.ASFX23 >
[2010/11/16 10:02:26 | 000,000,225 | R--- | M] () MD5=0E89BE53F56B22390CF61584B649CE01 -- C:\WINDOWS\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx23

< MD5 for: SERVICES.ASFX24 >
[2010/11/16 10:02:32 | 000,000,229 | R--- | M] () MD5=E57594DB9B9D78AB4B53D34CAFEB8497 -- C:\WINDOWS\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx24

< MD5 for: SERVICES.ASFX25 >
[2010/11/16 10:02:36 | 000,000,232 | R--- | M] () MD5=611CB9CC21D2DDAD711690671F70EF39 -- C:\WINDOWS\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx25

< MD5 for: SERVICES.ASFX3 >
[2010/11/16 10:02:34 | 000,000,229 | R--- | M] () MD5=F9824728970AC8199BABDC9CBA5E038C -- C:\WINDOWS\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx3

< MD5 for: SERVICES.ASFX4 >
[2010/11/16 10:02:26 | 000,000,226 | R--- | M] () MD5=55EA57D90AE22BDF0132597EF0D7C9C7 -- C:\WINDOWS\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx4

< MD5 for: SERVICES.ASFX5 >
[2010/11/16 10:02:34 | 000,000,233 | R--- | M] () MD5=846C265B751189E88B74F0155DB6B828 -- C:\WINDOWS\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx5

< MD5 for: SERVICES.ASFX6 >
[2010/11/16 10:02:36 | 000,000,231 | R--- | M] () MD5=89BD37C4118540FD5AA8CDD0C24D6C0A -- C:\WINDOWS\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx6

< MD5 for: SERVICES.ASFX7 >
[2010/11/16 10:02:34 | 000,000,245 | R--- | M] () MD5=0B82FAB8FF5F988C5311DF1144A7D740 -- C:\WINDOWS\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx7

< MD5 for: SERVICES.ASFX8 >
[2010/11/16 10:02:34 | 000,000,231 | R--- | M] () MD5=5226417D3C8206000A8983BDC1243075 -- C:\WINDOWS\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx8

< MD5 for: SERVICES.ASFX9 >
[2010/11/16 10:02:30 | 000,000,234 | R--- | M] () MD5=EBD8D036504F2935675F5F432F076DBA -- C:\WINDOWS\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx9

< MD5 for: SERVICES.CFG >
[2012/04/04 13:53:54 | 000,585,987 | ---- | M] () MD5=7BAB089A4F862C6BC86E0201D5BF1779 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Services\Services.cfg
[2010/11/16 10:02:22 | 000,032,633 | R--- | M] () MD5=EA1C35DD541D60819D55482130BD585D -- C:\WINDOWS\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.cfg

< MD5 for: SERVICES.EXE >
[2009/07/14 09:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009/07/14 09:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\WINDOWS\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SERVICES.EXE.MUI >
[2009/07/14 10:25:40 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\Windows\SysNative\en-US\services.exe.mui
[2009/07/14 10:25:40 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_en-us_c5f238be3fa63468\services.exe.mui

< MD5 for: SERVICES.LNK >
[2009/07/14 12:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 12:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk

< MD5 for: SERVICES.MOF >
[2009/06/11 04:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\SysNative\wbem\services.mof
[2009/06/11 04:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.mof

< MD5 for: SERVICES.MSC >
[2009/07/14 10:23:30 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\en-US\services.msc
[2009/06/11 04:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\services.msc
[2009/07/14 10:08:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\WINDOWS\SysWOW64\en-US\services.msc
[2009/06/11 05:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\WINDOWS\SysWOW64\services.msc
[2009/07/14 10:23:30 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_003408aa160fce5b\services.msc
[2009/06/11 04:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_2b58d44b5f6beb8a\services.msc
[2009/07/14 10:08:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\WINDOWS\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_a4156d265db25d25\services.msc
[2009/06/11 05:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\WINDOWS\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_cf3a38c7a70e7a54\services.msc

< MD5 for: SERVICES.PNG >
[2010/07/31 07:36:38 | 000,001,509 | ---- | M] () MD5=F4EC3ABEAE15FA9BB42D721E9D543F44 -- C:\Program Files\Dell Support Center\Images\icons\png\24_24\services.png

< MD5 for: SERVICES.PTXML >
[2009/07/14 04:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\SysNative\wdi\perftrack\Services.ptxml
[2009/07/14 04:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\Services.ptxml

< MD5 for: SERVICES.TICO >
[2009/09/25 14:00:00 | 000,002,038 | ---- | M] () MD5=D669B1B2EBE288A61680C3C863828D28 -- C:\Program Files (x86)\TuneUp Utilities 2012\data\services.tico

< MD5 for: SVCHOST.EXE >
[2009/07/14 09:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\WINDOWS\SysWOW64\svchost.exe
[2009/07/14 09:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\WINDOWS\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2012/07/03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009/07/14 09:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/14 09:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\WINDOWS\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: USERINIT.EXE >
[2010/11/20 20:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\WINDOWS\SysWOW64\userinit.exe
[2010/11/20 20:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\WINDOWS\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/14 09:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\WINDOWS\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/14 09:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\WINDOWS\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 21:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 21:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/20 21:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/20 21:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/14 09:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\WINDOWS\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2012/07/03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2010/12/10 09:16:35 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\WINDOWS\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2010/12/10 09:16:35 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\WINDOWS\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< HKEY_CURRENT_USER\Software\Microsoft\Windows Media\WMSDK\Local\AutoProxyCache /s >

========== Files - Unicode (All) ==========
[2012/01/20 15:00:10 | 000,000,000 | ---- | M] ()(C:\Users\Lelouch\AppData\Roaming\??????&) -- C:\Users\Lelouch\AppData\Roaming\ㇲ皥࿇ᘁ颰̺&
[2012/01/20 15:00:10 | 000,000,000 | ---- | C] ()(C:\Users\Lelouch\AppData\Roaming\??????&) -- C:\Users\Lelouch\AppData\Roaming\ㇲ皥࿇ᘁ颰̺&

< End of report >


Extras.txt



OTL Extras logfile created on: 7/13/2012 9:42:43 AM - Run 2
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\Lelouch\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Malaysia | Language: ENM | Date Format: d/M/yyyy

3.91 Gb Total Physical Memory | 1.25 Gb Available Physical Memory | 32.00% Memory free
7.82 Gb Paging File | 4.81 Gb Available in Paging File | 61.54% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451.01 Gb Total Space | 41.38 Gb Free Space | 9.18% Space Free | Partition Type: NTFS

Computer Name: LELOUCH-PC | User Name: Lelouch | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)

[HKEY_USERS\S-1-5-21-3405665497-2748038552-3055002692-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{3718333D-61F5-498A-9632-BAD3E5BCE333}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{9ABE76C7-327F-4062-9548-2CFE53D37C0C}" = rport=42488 | protocol=6 | dir=out | app=%programfiles% (x86)\utorrent\utorrent.exe |
"{A9A5437C-0CA5-4C81-A27E-02D056622F63}" = lport=42488 | protocol=17 | dir=in | app=%programfiles% (x86)\utorrent\utorrent.exe |
"{B09E41C7-C027-4FD5-A99C-C637A327E506}" = rport=42488 | protocol=17 | dir=out | app=%programfiles% (x86)\utorrent\utorrent.exe |
"{D0013005-2B26-456C-BDD3-61712B86ED4E}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{EE11C411-1F88-46D7-A809-4A055EA3726D}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{F916F6EB-ACBF-4D03-A570-B06DE5618319}" = lport=42488 | protocol=6 | dir=in | app=%programfiles% (x86)\utorrent\utorrent.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1F5BF992-4E59-4D7F-80AD-3D1D74ED9755}" = protocol=6 | dir=in | app=c:\program files (x86)\iahgames\counter-strike online\bin\nmservice.exe |
"{26C24920-3F40-4432-9D75-9FF4B693E8B9}" = protocol=17 | dir=in | app=%programfiles% (x86)\utorrent\utorrent.exe |
"{29F1E75C-4435-4CF6-A24E-D7EF112F9BD2}" = protocol=17 | dir=in | app=c:\program files (x86)\capcom\resident evil 5\re5dx9.exe |
"{30728211-F5B7-47B7-818E-41589C32BF7D}" = protocol=17 | dir=in | app=c:\program files (x86)\iahgames\counter-strike online\bin\cstrike-online.exe |
"{39C4315F-3845-4326-817C-8B273B10BBB4}" = dir=out | app=%programfiles% (x86)\utorrent\utorrent.exe |
"{3D2E2315-2BA3-461A-8A4C-57ECB2E2005C}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{44D658AB-F10F-4EE1-9E8F-D5D2F180D75B}" = protocol=6 | dir=in | app=%programfiles% (x86)\utorrent\utorrent.exe |
"{4864B158-6EFA-4AE5-BD16-FB76E1CD5734}" = dir=in | app=c:\program files (x86)\dell\videostage\videostage.exe |
"{514F501B-EB16-4437-B1D8-A5DC37F8ACEC}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{5393AA95-AE3C-40D8-9360-DFE0CA41208E}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{53A27C85-F8E7-4478-AA9C-2C182B9C4AA2}" = protocol=17 | dir=in | app=c:\program files (x86)\capcom\resident evil 5\re5dx10.exe |
"{6A12741C-3659-41E7-BAD9-7429A1F81A29}" = protocol=17 | dir=in | app=c:\program files (x86)\iahgames\counter-strike online\bin\nmservice.exe |
"{700824C0-3CD4-4776-BCBF-2BCCCBDE0F23}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{719234F2-3E96-4028-A4BE-E9E238DCF6C4}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{719FFB1D-4410-4D90-9B23-7EEFA096CBAB}" = protocol=6 | dir=in | app=c:\program files (x86)\iahgames\counter-strike online\bin\nmservice.exe |
"{76EA14E7-50EE-471E-9ADB-454C0C08F711}" = protocol=6 | dir=in | app=c:\program files (x86)\iahgames\counter-strike online\bin\cstrike-online.exe |
"{78AB21E0-8526-43EB-B1E1-8D0B41513C74}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{86501303-1E26-47B9-911F-B4C54C33FC5D}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{8BDB1238-EC4F-4F82-93EE-AD4BB40A4E3A}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{8E822567-E717-4818-B115-BB29EE69443D}" = protocol=17 | dir=in | app=c:\program files (x86)\iahgames\counter-strike online\bin\cstrike-online.exe |
"{93D77063-F96B-4E7E-A4C5-0E681D72D7EC}" = protocol=6 | dir=in | app=c:\program files (x86)\iahgames\counter-strike online\bin\cstrike-online.exe |
"{95469F14-72DB-4C64-8E7C-CA62E6C90331}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{991A55B1-7488-48F6-9406-A9469B50D320}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{A7C445D4-4EBA-402C-AF9B-5EBC03779206}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{BE9DDF19-AD6A-4B90-9D01-2E4FDA17D580}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{C4C82B05-1088-4BC2-97E4-4E1EFBA6152E}" = protocol=6 | dir=in | app=c:\program files (x86)\capcom\resident evil 5\re5dx9.exe |
"{C5166AEC-6C84-449D-A2AD-61054742387B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{CB9E8E6E-AFB3-481E-A353-9C7C370843B1}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{CB9F2D4F-A286-41E6-8B24-D64FB8DD2216}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{CC3D9C57-21EE-4E81-AB86-3EAD90075F5E}" = dir=in | app=c:\program files (x86)\intel corporation\intel wireless display\widiapp.exe |
"{D749FBDC-53DD-43E5-A3EE-219B279F5591}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{E1F2D68C-1779-45E1-84F2-734868BE01D0}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{EBAD05EC-C40D-49C8-82DA-8662CD8015BC}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{EF6226AC-A85E-4525-A045-764D5C27B662}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{F2505684-439B-40A9-B135-28C832D6FD7C}" = protocol=6 | dir=in | app=c:\program files (x86)\capcom\resident evil 5\re5dx10.exe |
"{F4E5FEB5-582B-460D-9D33-8A468BBA845B}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{F601BF6C-3DF8-4120-A2E4-0429C2539C15}" = protocol=17 | dir=in | app=c:\program files (x86)\iahgames\counter-strike online\bin\nmservice.exe |
"{F82C0610-1602-466E-BB43-96A163AE971E}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{FD2D2AD1-D89B-4B85-A311-C6247917DF4F}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = Dell Support Center
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0922-000001000000}" = 7-Zip 9.22 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86416030FF}" = Java™ 6 Update 30 (64-bit)
"{290D4DB2-F1B4-4B8E-918D-D71EF29A001B}" = Intel® PROSet/Wireless WiFi Software
"{2C5BEF49-4219-4751-9106-39604462939D}" = Face Recognition
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{7CE8BE79-ABC3-4B2C-9543-28ED2B0A9EA8}" = Intel® PROSet/Wireless Software for Bluetooth® Technology
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
"{8E363055-15E5-4D8A-9C69-A0A9DE9A3337}" = UxStyle Core Beta
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}" = RBVirtualFolder64Inst
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 285.62
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.5.20
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.11.0621
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.5.20
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.2.24.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}" = Intel® Turbo Boost Technology Monitor 2.0
"{B904D0AE-C4D8-4808-AEB9-FAFCC9F6EB1B}_is1" = IAHGames Player 2.03.2331
"{C24247AC-948C-4DA4-8533-213A0E284346}" = ProxyCap
"{C73A3942-84C8-4597-9F9B-EE227DCBA758}" = Dell Dock
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"Allway Sync_is1" = Allway Sync version 11.7.0
"BUFFALO BFRD4G" = BUFFALO RAMDISK ユーティリティ
"CCleaner" = CCleaner
"Dell Support Center" = Dell Support Center
"GIMP-2_is1" = GIMP 2.8.0
"KLiteCodecPack64_is1" = K-Lite Codec Pack (64-bit) v4.7.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"ProInst" = Intel PROSet Wireless
"Unlocker" = Unlocker 1.9.1-x64

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05B49229-22A2-4F88-842A-BBC2EBE1CCF6}" = Microsoft Games for Windows - LIVE Redistributable
"{07E900C8-D1E3-4C24-AC9F-7FE3C1AE19A2}_is1" = Mal Updater 2.80
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{140347A0-4A0C-44FC-9CA1-C8A3471899B7}" = SdRt4200
"{148D9D03-5D23-4D4F-B5D0-BA6030C45DCF}" = Adobe Flash Player 10 ActiveX
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19B5CAAF-3E36-40F4-83F2-45E0D258000C}" = 神採りアルケミーマイスター Append02
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{23BE4DF2-293D-4077-82F4-1FD8C269277C}" = TuneUp Utilities Language Pack (en-US)
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java™ 6 Update 33
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A0F2CC5-3065-492C-8380-B03AA7106B1A}" = Dell Product Registration
"{32364CEA-7855-4A3C-B674-53D8E9B97936}" = TuneUp Utilities 2012
"{3250260C-7A95-4632-893B-89657EB5545B}" = PhotoShowExpress
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{39D06E77-8921-4056-8901-36D0035BAECA}" = Dell Stage
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{41810510-3CE0-425B-BE07-B9793731737F}" = 神採りアルケミーマイスター
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D243BA7-9AC4-46D1-90E5-EEB88974F501}" = Microsoft Games for Windows - LIVE
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6845255F-15CC-4DD1-94D5-D38F370118B3}_is1" = Auslogics Duplicate File Finder
"{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}" = Roxio Creator Starter
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7746BFAA-2B5D-4FFD-A0E8-4558F4668105}" = Roxio Burn
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{7EC66A95-AC2D-4127-940B-0445A526AB2F}" = Dell DataSafe Online
"{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}" = NVIDIA PhysX
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89263C19-557E-4D23-AAD7-113F6175DFC1}" = Dell MusicStage
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{96D06FDD-6AF4-4309-BC1B-1C9588B0575E}" = Dead Space™ 2
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A00EC4E-27E1-42C4-98DD-662F32AC8870}" = Sonic CinePlayer Decoder Pack
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A121EEDE-C68F-461D-91AA-D48BA226AF1C}" = Roxio Activation Module
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A95A76C9-6F65-477E-83A0-9F884B6DC21B}" = TuneUp Utilities Language Pack (en-US)
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC08BBA0-96B9-431A-A7D0-D8598E493775}" = RESIDENT EVIL 5
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.3) MUI
"{AD9E5D61-0EBB-4472-8DA9-359560FB6988}}_is1" = グリーフシンドローム
"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime
"{B96D2269-568B-4CBF-9332-12FAE8B158F7}" = Medieval CUE Splitter
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C7B5C8A0-CE3F-4645-A0B6-B5515794076D}" = 神採りアルケミーマイスター Ver2.00 Update
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFADE4AF-C0CF-4A04-A776-741318F1658F}" = Content Transfer
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}" = jetAudio Basic VX
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E4335E82-17B3-460F-9E70-39D9BC269DB3}" = Dell PhotoStage
"{EF56258E-0326-48C5-A86C-3BAC26FC15DF}" = Roxio Creator Starter
"{F06B5C4C-8D2E-4B24-9D43-7A45EEC6C878}" = Roxio Creator Starter
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F73498A2-499B-4423-986E-90F99348609F}" = STEINS;GATE
"{F84906ED-BB54-4889-B131-FED9C9056FC8}" = Intel® Wireless Display
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"7-Zip" = 7-Zip 9.20
"AC3Filter_is1" = AC3Filter 1.63b
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Age of Empires III - The Asian Dynasties_is1" = Age of Empires III - The Asian Dynasties
"Astroburn Lite" = Astroburn Lite
"avast" = avast! Free Antivirus
"Bass Audio Decoder" = Bass Audio Decoder (remove only)
"CD Audio Reader Filter" = CD Audio Reader Filter (remove only)
"Condition Zero" = Condition Zero
"Counter-Strike Online" = Counter-Strike Online Game Client
"CrystalDiskInfo_is1" = CrystalDiskInfo 5.0.0 Shizuku Edition
"DAEMON Tools Lite" = DAEMON Tools Lite
"DCoder Image Source" = DCoder Image Source (remove only)
"Dell Dock" = Dell Dock
"Dell Webcam Central" = Dell Webcam Central
"DScaler 5 Mpeg Decoders_is1" = DScaler 5 Mpeg Decoders
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Fallout New Vegas_is1" = Fallout New Vegas
"FateZero Windows 7 THEME_is1" = FateZero Windows 7 THEME 1.00
"FFMPEG Core Files" = FFMPEG Core Files (remove only)
"FLAC" = FLAC 1.2.1b (remove only)
"foobar2000" = foobar2000 v1.1.10
"Fortune Arterial by weidao WINDOWS 7 THEME_is1" = Fortune Arterial by weidao 7 THEME 1.00
"Gabest MPEG Splitter" = Gabest MPEG Splitter (remove only)
"GIF Viewer" = GIF Viewer 3.3
"Granado Espada_is1" = Granado Espada
"G-Senjou_no_Maou_Aegis" = G-Senjou no Maou English
"haruhi_folder" = haruhi.themepack
"InstallShield_{19B5CAAF-3E36-40F4-83F2-45E0D258000C}" = 神採りアルケミーマイスター Append02
"InstallShield_{41810510-3CE0-425B-BE07-B9793731737F}" = 神採りアルケミーマイスター
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{C7B5C8A0-CE3F-4645-A0B6-B5515794076D}" = 神採りアルケミーマイスター Ver2.00 Update
"InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage
"InstallShield_{EFE563B0-DDDB-45AF-B49A-C109C93E5F35}" = 神採りアルケミーマイスター Append01
"Internet Download Manager" = Internet Download Manager
"iWisoft Free Video Converter_is1" = iWisoft Free Video Converter 1.2
"Katawa Shoujo" = Katawa Shoujo
"Katawa Shoujo Act 1" = Katawa Shoujo Act 1
"KLiteCodecPack_is1" = K-Lite Codec Pack 7.8.0 (Full)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.62.0.1300
"MMメサラ・by weidao WINDOWS 7 THEME_is1" = MM by weidao 7 THEME 1.00
"MONOGRAM AMR Splitter/Decoder" = MONOGRAM AMR Splitter/Decoder (remove only)
"Mozilla Firefox 13.0.1 (x86 en-US)" = Mozilla Firefox 13.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mp3tag" = Mp3tag v2.50
"MSC" = McAfee SecurityCenter
"Muv-Luv DVD Ver." = Muv-Luv DVD Ver. 1.0
"NSIS_oald8" = Oxford Advanced Learner's Dictionary - 8th Edition
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"OpenSource AVI Splitter" = OpenSource AVI Splitter (remove only)
"OpenSource DTS/AC3/DD+ Source Filter" = OpenSource DTS/AC3/DD+ Source Filter (remove only)
"Opera 11.61.1250" = Opera 11.61
"pcsx2-r4600" = PCSX2 - Playstation 2 Emulator
"PFConfig" = PFConfig 1.0.296
"PunkBusterSvc" = PunkBuster Services
"Quick ShutDown" = Quick ShutDown
"Rainmeter" = Rainmeter
"RealMedia" = RealMedia (remove only)
"SERNハッキング・スクリーンセーバ" = SERNハッキング・スクリーンセーバ
"SystemRequirementsLab" = System Requirements Lab
"the-world-god-only-knows_folder" = the-world-god-only-knows.themepack
"TimeComX" = TimeComX Basic (64 Bit)
"TuneUp Utilities 2012" = TuneUp Utilities 2012
"UN091111" = BUFFALO TurboPC for FLASH/HDD
"UN091114" = BUFFALO TurboCopy
"UN091201" = BUFFALO BuffaloTools ランチャー
"UN091222" = BUFFALO Backup Utility
"Unity" = Unity
"uTorrent" = µTorrent
"Video Screensaver" = Video Screensaver 1.0
"VLC media player" = VLC media player 1.1.10
"WideCap_is1" = WideCap 1.5
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials
"Xuse 永遠のアセリア - この大地の果てで -" = Xuse 永遠のアセリア - この大地の果てで - (Remove Only)
"ZoomPlayer" = Zoom Player (remove only)
"シワマヌソユヨョヌナ(hoshikaka) Windows 7 THEME_is1" = シワマヌソユヨョヌナ(hoshikaka) Windows 7 THEME 1.00
"ダイバージェンス・メーター スクリーンセーバー" = ダイバージェンス・メーター スクリーンセーバー
"ツカオルオトヘ貔゚ BY エソメ﨔カオタ WINDOWS 7 THEME_is1" = ツカオルオトヘ貔゚ BY エソメ﨔カオタ WINDOWS 7 THEME 1.00
"トァキィノルナョヤイマ・MADOKA MAGICA) WINDOWS 7 THEME_is1" = トァキィノルナョヤイマ・MADOKA MAGICA) WINDOWS 7 THEME 1.00
"ノ「サェタヨ(Sankarea) WINDOWS 7 THEME_is1" = ノ「サェタヨ(Sankarea) WINDOWS 7 THEME 1.00
"ヒロインカーニバル" = ヒロインカーニバル
"ボマ゙ヒケフリタュヘミヒケ(Infinite Stratos) WINDOWS 7 THEME_is1" = ボマ゙ヒケフリタュヘミヒケ(Infinite Stratos) WINDOWS 7 THEME 1.00
"美少女万華鏡-1-" = 美少女万華鏡-1-
"邉オッオトムヌタヌ(Aria The Scarlet Ammo) Windows 7 THEME_is1" = 邉オッオトムヌタヌ(Aria The Scarlet Ammo) Windows 7 THEME 1.00
"ールサィ釀ツメ SAMURAI GIRLS WINDOWS 7 THEME_is1" = ールサィ釀ツメ SAMURAI GIRLS WINDOWS 7 THEME 1.00

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3405665497-2748038552-3055002692-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3405665497-2748038552-3055002692-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"CodeBlocks" = CodeBlocks
"Google Chrome" = Google Chrome
"UnityWebPlayer" = Unity Web Player
"Winamp Detect" = Winamp Detector Plug-in

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 5/18/2012 3:07:21 AM | Computer Name = Lelouch-PC | Source = ESENT | ID = 455
Description = Windows (5476) Windows: Error -1811 occurred while opening logfile
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00270.log.

Error - 5/18/2012 3:07:21 AM | Computer Name = Lelouch-PC | Source = Windows Search Service | ID = 9000
Description =

Error - 5/18/2012 3:07:21 AM | Computer Name = Lelouch-PC | Source = Windows Search Service | ID = 7040
Description =

Error - 5/18/2012 3:07:21 AM | Computer Name = Lelouch-PC | Source = Windows Search Service | ID = 7042
Description =

Error - 5/18/2012 3:07:21 AM | Computer Name = Lelouch-PC | Source = Windows Search Service | ID = 9002
Description =

Error - 5/18/2012 3:07:21 AM | Computer Name = Lelouch-PC | Source = Windows Search Service | ID = 3029
Description =

Error - 5/18/2012 3:07:22 AM | Computer Name = Lelouch-PC | Source = Windows Search Service | ID = 3029
Description =

Error - 5/18/2012 3:07:22 AM | Computer Name = Lelouch-PC | Source = Windows Search Service | ID = 3028
Description =

Error - 5/18/2012 3:07:22 AM | Computer Name = Lelouch-PC | Source = Windows Search Service | ID = 3058
Description =

Error - 5/18/2012 3:07:22 AM | Computer Name = Lelouch-PC | Source = Windows Search Service | ID = 7010
Description =

Error - 5/18/2012 9:48:15 AM | Computer Name = Lelouch-PC | Source = Application Error | ID = 1000
Description = Faulting application name: cstrike-online.exe, version: 1.1.1.1, time
stamp: 0x4f9655c5 Faulting module name: nmconew.dll_unloaded, version: 0.0.0.0,
time stamp: 0x4cb31dbc Exception code: 0xc0000005 Fault offset: 0x0be6f139 Faulting
process id: 0x1728 Faulting application start time: 0x01cd34f16dd76e9d Faulting application
path: C:\Program Files (x86)\IAHGames\Counter-Strike Online\Bin\cstrike-online.exe
Faulting
module path: nmconew.dll Report Id: 1d3d6cb9-a0f0-11e1-8b0d-bc77372f502f

[ Dell Events ]
Error - 4/20/2012 8:28:36 PM | Computer Name = Lelouch-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 4/20/2012 8:28:36 PM | Computer Name = Lelouch-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 4/22/2012 10:47:00 PM | Computer Name = Lelouch-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 4/22/2012 10:47:00 PM | Computer Name = Lelouch-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 4/22/2012 10:47:31 PM | Computer Name = Lelouch-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 4/22/2012 10:47:31 PM | Computer Name = Lelouch-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 4/22/2012 10:47:53 PM | Computer Name = Lelouch-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 4/22/2012 10:47:53 PM | Computer Name = Lelouch-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 4/23/2012 6:48:36 AM | Computer Name = Lelouch-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 4/23/2012 6:48:36 AM | Computer Name = Lelouch-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

[ Media Center Events ]
Error - 9/28/2011 5:23:36 AM | Computer Name = Lelouch-PC | Source = MCUpdate | ID = 0
Description = 5:23:31 PM - Error connecting to the internet. 5:23:31 PM - Unable
to contact server..

Error - 9/28/2011 6:37:06 AM | Computer Name = Lelouch-PC | Source = MCUpdate | ID = 0
Description = 6:37:06 PM - Error connecting to the internet. 6:37:06 PM - Unable
to contact server..

Error - 9/28/2011 6:37:15 AM | Computer Name = Lelouch-PC | Source = MCUpdate | ID = 0
Description = 6:37:11 PM - Error connecting to the internet. 6:37:11 PM - Unable
to contact server..

Error - 9/28/2011 7:37:26 AM | Computer Name = Lelouch-PC | Source = MCUpdate | ID = 0
Description = 7:37:26 PM - Error connecting to the internet. 7:37:26 PM - Unable
to contact server..

Error - 9/28/2011 7:37:35 AM | Computer Name = Lelouch-PC | Source = MCUpdate | ID = 0
Description = 7:37:31 PM - Error connecting to the internet. 7:37:31 PM - Unable
to contact server..

Error - 9/28/2011 8:41:23 AM | Computer Name = Lelouch-PC | Source = MCUpdate | ID = 0
Description = 8:41:22 PM - Error connecting to the internet. 8:41:23 PM - Unable
to contact server..

Error - 9/28/2011 8:41:32 AM | Computer Name = Lelouch-PC | Source = MCUpdate | ID = 0
Description = 8:41:28 PM - Error connecting to the internet. 8:41:28 PM - Unable
to contact server..

Error - 9/29/2011 12:25:24 AM | Computer Name = Lelouch-PC | Source = MCUpdate | ID = 0
Description = 12:25:24 PM - Error connecting to the internet. 12:25:24 PM - Unable
to contact server..

Error - 9/29/2011 12:25:33 AM | Computer Name = Lelouch-PC | Source = MCUpdate | ID = 0
Description = 12:25:29 PM - Error connecting to the internet. 12:25:29 PM - Unable
to contact server..

Error - 9/30/2011 10:29:19 PM | Computer Name = Lelouch-PC | Source = MCUpdate | ID = 0
Description = 10:29:14 AM - Error connecting to the internet. 10:29:14 AM - Unable
to contact server..

[ System Events ]
Error - 7/12/2012 6:51:10 PM | Computer Name = Lelouch-PC | Source = DCOM | ID = 10010
Description =

Error - 7/12/2012 6:54:36 PM | Computer Name = Lelouch-PC | Source = Service Control Manager | ID = 7000
Description = The STEC3 service failed to start due to the following error: %%2

Error - 7/12/2012 6:54:58 PM | Computer Name = Lelouch-PC | Source = VDS Basic Provider | ID = 33554433
Description =

Error - 7/12/2012 6:55:54 PM | Computer Name = Lelouch-PC | Source = VDS Basic Provider | ID = 33554433
Description =

Error - 7/12/2012 7:01:38 PM | Computer Name = Lelouch-PC | Source = DCOM | ID = 10010
Description =

Error - 7/12/2012 7:15:15 PM | Computer Name = Lelouch-PC | Source = VDS Basic Provider | ID = 33554433
Description =

Error - 7/12/2012 8:42:04 PM | Computer Name = Lelouch-PC | Source = Service Control Manager | ID = 7000
Description = The STEC3 service failed to start due to the following error: %%2

Error - 7/12/2012 8:42:17 PM | Computer Name = Lelouch-PC | Source = VDS Basic Provider | ID = 33554433
Description =

Error - 7/12/2012 8:42:54 PM | Computer Name = Lelouch-PC | Source = VDS Basic Provider | ID = 33554433
Description =

Error - 7/12/2012 8:49:09 PM | Computer Name = Lelouch-PC | Source = DCOM | ID = 10010
Description =

[ TuneUp Events ]
Error - 7/11/2012 8:36:35 PM | Computer Name = Lelouch-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description =

Error - 7/11/2012 9:19:54 PM | Computer Name = Lelouch-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description =

Error - 7/11/2012 9:23:48 PM | Computer Name = Lelouch-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description =

Error - 7/11/2012 9:51:33 PM | Computer Name = Lelouch-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description =

Error - 7/11/2012 10:53:08 PM | Computer Name = Lelouch-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description =

Error - 7/11/2012 10:53:08 PM | Computer Name = Lelouch-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description =

Error - 7/12/2012 6:53:36 PM | Computer Name = Lelouch-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description =

Error - 7/12/2012 7:54:44 PM | Computer Name = Lelouch-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description =

Error - 7/12/2012 7:54:44 PM | Computer Name = Lelouch-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description =

Error - 7/12/2012 9:42:08 PM | Computer Name = Lelouch-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description =


< End of report >
  • 0

#6
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
Step 1.

I noticed that you have two anti-virus programs running ( McAfee & Avast Anti-Virus). I strongly recommend that you have only one antivirus product installed and running on your computer at a time. I would recommend you uninstall McAfee and keep Avast.

Multiple installed antivirus products can lead to a clash as products fight for access to files which are being opened since they need to be checked for viruses. In general terms, the programs may conflict and cause:
False Alarms: When the anti virus software tells you that your PC has a virus when it actually doesn't.
System Performance Problems: Your system may lock up due to multiple products attempting to access the same file at the same time.

After uninstalling McAfee download this tool to your desktop. Run it by right clicking on it and select run as administrator and follow the prompts including rebooting when it asks you to do so.


Step 2.

P2P Warning!:

IMPORTANT I have noticed that there are signs of uTorrent P2P (Peer to Peer) File Sharing Programs on your computer.

As long as you are using any form of Peer-to-Peer networking and downloading files from non-documented sources, you can expect infestations of malware to occur.

Once upon a time, P2P file sharing was fairly safe. This is no longer true. P2P programs form a direct conduit inside your computer, their security measures are easily circumvented, and malware writers are increasingly exploiting them to spread their wares on to your computer. If your P2P program is not configured correctly, your computer may also be sharing more files than you realize. There have been cases where people's passwords, address books and other personal, private, and financial details have been exposed to a file sharing network by a badly configured program.

If you need convincing, please read these short reports on the dangers of peer-2-peer programs and file sharing.

FBI Cyber Education Letter
File sharing infects 500,000 computers
infoworld

It is pretty much certain that if you continue to use P2P programs, you will get infected again.
I would recommend that you uninstall uTorrent , however that choice is up to you. If you choose to remove these programs, you can do so via Start > Control Panel > Add/Remove Programs.

If you wish to keep them, please do not use either of them until your computer is cleaned.


Step 3.

Download and Install Combofix

Download ComboFix from one of the following locations:

Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop * IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

Double click on ComboFix.exe & follow the prompts.
Accept the disclaimer and allow to update if it asks

Posted Image

Posted Image

When finished, it produces a log for you.
Please include the C:\ComboFix.txt in your next reply.



Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions


Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now

After the run you may have internet problems or access to something problems. Simply reboot the computer.


Step 4.

Download the latest version of TDSSKiller from here and save it to your Desktop.


  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

    Posted Image
  • Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

    Posted Image
  • Click the Start Scan button.

    Posted Image
  • If a suspicious object is detected, the default action will be Skip, click on Continue.

    Posted Image
  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

    Posted Image
  • Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • Get the report by selecting Reports

    Posted Image

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.


Step 5.

Please post:
ComboFix.txt
TDSSKiller log


Please give me an update on how your computer is running now
  • 0

#7
finn the human

finn the human

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
I'm aware that installing two antivirus will result false positive. I don't that McAfee Removal Tools in needed to uninstall it. After the Combofix scan, it reboot my computer. After Combofix produced the log, I can't open any files or program and I reboot my computer. When I ran TDSSkiller, no malicious objects were found and I don't reboot my computer.


ComboFix.txt


ComboFix 12-07-13.01 - Lelouch 7/2012 Fri 14:53:29.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.932.81.1033.18.4003.2050 [GMT 8:00]
Running from: c:\users\Lelouch\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\pthreadVC.dll
c:\windows\SysWow64\STEC3.sys
c:\windows\SysWow64\wpcap.dll
c:\windows\ダイバージェンス・メーター スクリーンセーバー.scr
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_STEC3
.
.
((((((((((((((((((((((((( Files Created from 2012-06-13 to 2012-07-13 )))))))))))))))))))))))))))))))
.
.
2012-07-13 00:46 . 2012-07-13 00:46 -------- d-----w- C:\_OTL
2012-07-12 01:23 . 2012-07-12 01:23 -------- d-----w- c:\windows\ACGDIYBAK
2012-07-11 22:01 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-07-11 21:43 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-07-11 21:43 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll
2012-07-11 21:43 . 2012-03-01 05:37 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-07-11 21:43 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2012-07-11 21:38 . 2012-03-31 05:42 1732096 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2012-07-11 14:34 . 2012-07-11 14:34 -------- d-----w- c:\windows\system32\SPReview
2012-07-11 14:33 . 2012-07-11 14:33 -------- d-----w- c:\windows\system32\EventProviders
2012-07-11 06:37 . 2012-07-03 16:21 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-07-11 06:37 . 2012-07-03 16:21 355856 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-07-11 06:37 . 2012-07-03 16:21 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-07-11 06:37 . 2012-07-03 16:21 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-07-11 06:37 . 2012-07-03 16:21 958400 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-07-11 06:37 . 2012-07-03 16:21 71064 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-07-11 06:37 . 2012-07-03 16:21 285328 ----a-w- c:\windows\system32\aswBoot.exe
2012-07-11 06:36 . 2012-07-03 16:21 41224 ----a-w- c:\windows\avastSS.scr
2012-07-11 06:36 . 2012-07-03 16:21 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-07-11 06:36 . 2012-07-11 06:36 -------- d-----w- c:\programdata\AVAST Software
2012-07-11 06:36 . 2012-07-11 06:36 -------- d-----w- c:\program files\AVAST Software
2012-07-11 06:34 . 2012-06-06 06:06 2004480 ----a-w- c:\windows\system32\msxml6.dll
2012-07-11 06:34 . 2012-06-06 06:06 1881600 ----a-w- c:\windows\system32\msxml3.dll
2012-07-11 06:34 . 2012-06-06 05:05 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2012-07-11 06:34 . 2010-06-26 03:24 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
2012-07-11 06:33 . 2012-06-02 05:45 340992 ----a-w- c:\windows\system32\schannel.dll
2012-07-11 06:33 . 2012-06-02 05:48 95600 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-07-11 06:33 . 2012-06-02 04:40 225280 ----a-w- c:\windows\SysWow64\schannel.dll
2012-07-11 06:33 . 2012-07-11 06:33 476936 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2012-07-11 06:33 . 2012-07-11 06:33 -------- d-----w- c:\program files (x86)\Java
2012-07-11 04:41 . 2012-07-11 18:32 -------- d-----w- c:\program files\Microsoft Security Client
2012-07-11 01:24 . 2012-07-11 01:24 -------- d-----w- c:\programdata\Kaspersky Lab
2012-06-24 11:49 . 2012-06-24 11:49 -------- d-----w- C:\TEATIME
2012-06-24 00:39 . 2012-06-24 00:39 -------- d-----w- c:\program files (x86)\CrystalDiskInfo
2012-06-19 02:17 . 2012-06-19 02:17 770384 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcr100.dll
2012-06-19 02:17 . 2012-06-19 02:17 421200 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcp100.dll
2012-06-19 02:06 . 2012-05-25 09:09 29312 ----a-w- c:\program files (x86)\Mozilla Firefox\ScriptFF.dll
2012-06-18 22:53 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-18 22:53 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-18 22:53 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-18 22:53 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-18 22:53 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-18 22:53 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-18 22:53 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-18 22:53 . 2012-06-02 07:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-18 22:53 . 2012-06-02 07:15 36864 ----a-w- c:\windows\system32\wuapp.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-11 14:45 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2012-07-11 14:45 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2012-07-11 06:33 . 2011-07-14 12:12 472840 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-07-03 05:46 . 2011-08-25 04:11 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-05-20 06:26 . 2011-10-29 02:08 111928 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-05-19 23:19 . 2012-05-19 23:19 0 ----a-w- c:\windows\SysWow64\shoA08E.tmp
2012-05-18 02:10 . 2012-05-02 22:33 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-05-18 02:10 . 2011-08-17 03:03 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2010-12-10 . C8983CE02F9009C5AC831F53C06E287C . 2870272 . . [6.1.7600.16385] .. c:\windows\explorer.exe
[7] 2010-12-10 . 9AAAEC8DAC27AA17B053E6352AD233AE . 2870272 . . [6.1.7600.16385] .. c:\windows\ACGDIYBAK\explorer.exe
[7] 2010-12-10 . 9AAAEC8DAC27AA17B053E6352AD233AE . 2870272 . . [6.1.7600.16385] .. c:\windows\ACGDIYBAK\201271292328\explorer.exe
[7] 2010-12-10 . 9AAAEC8DAC27AA17B053E6352AD233AE . 2870272 . . [6.1.7600.16385] .. c:\windows\Resources\Themes\Aria The Scarlet Ammo-by Natsukyo\ShellChange\explorer.exe
[7] 2010-12-10 . 9AAAEC8DAC27AA17B053E6352AD233AE . 2870272 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[7] 2010-12-10 . B8EC4BD49CE8F6FC457721BFC210B67F . 2870272 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[7] 2010-12-10 . 6D4F9E4B640B413C6F73414327484C80 . 2868736 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_addea9f19345cd81\explorer.exe
[7] 2010-12-10 . CA17F8620815267DC838E30B68CB5052 . 2868736 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_ae5b763cac6d568e\explorer.exe
[7] 2010-12-10 . F170B4A061C9E026437B193B4D571799 . 2868224 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
[7] 2010-12-10 . 700073016DAC1C3D2E7E2CE4223334B6 . 2868224 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[7] 2010-11-20 . AC4C51EB24AA95B77F705AB159189E24 . 2872320 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[7] 2009-07-14 . C235A51CB740E45FFA0EBFB9BAFCDA64 . 2868224 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2010-08-19 487562]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-11-06 283160]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]
"Dell Registration"="c:\program files (x86)\System Registration\prodreg.exe" [2010-08-23 3926528]
"Dell DataSafe Online"="c:\program files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe" [2010-08-26 1117528]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-07-03 4273976]
"FATrayAlert"="c:\program files (x86)\Sensible Vision\Fast Access\FATrayMon.exe" [2010-11-02 93832]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="c:\program files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe" [2010-08-11 163040]
.
c:\users\Lelouch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Quick ShutDown.lnk - c:\program files (x86)\Quick ShutDown\qsd.exe [2003-2-18 294400]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Rainmeter.lnk - c:\program files\Rainmeter\Rainmeter.exe [2011-8-21 102912]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\FastAccess]
2010-11-02 03:40 147080 ----a-w- c:\program files (x86)\Sensible Vision\Fast Access\FALogNot.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli FAPassSync
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"AccuWeatherWidget"="c:\program files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "c:\program files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
"Desktop Disc Tool"="c:\program files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
"RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"ContentTransferWMDetector.exe"=c:\program files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe
"WinampAgent"="c:\program files (x86)\Winamp\winampa.exe"
"ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
"BuffaloTools"=c:\program files (x86)\BUFFALO\BuffaloTools\BuffaloTools.exe
"FATrayAlert"=c:\program files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" /runkey
"FAStartup"=
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 bftpusbx64;BUFFALO TurboPC USB Filter;c:\windows\system32\drivers\bftpusbx64.sys [2010-10-21 20608]
R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2010-11-03 1298496]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 ewusbmbb;HUAWEI USB-WWAN miniport;c:\windows\system32\DRIVERS\ewusbwwan.sys [x]
R3 FACAP;facap, FastAccess Video Capture;c:\windows\system32\DRIVERS\facap.sys [2008-09-25 238848]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [x]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [x]
R3 McAWFwk;McAfee Activation Service;c:\progra~1\mcafee\msc\mcawfwk.exe [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-19 113120]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2010-12-17 340240]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2011-07-07 174184]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc_x64.pkms [2010-07-30 25072]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-10-30 250984]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
R3 vproiah;vproiah;c:\windows\system32\DRIVERS\vproiah.sys [2011-08-03 27848]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-07-02 1255736]
R3 X6va008;X6va008;c:\windows\SysWOW64\Drivers\X6va008 [x]
R3 X6va009;X6va009;c:\windows\SysWOW64\Drivers\X6va009 [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-06-10 389120]
R4 NOBU;Dell DataSafe Online;c:\program files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe SERVICE [x]
R4 pcapsvc;ProxyCap Service;c:\program files\Proxy Labs\ProxyCap\pcapsvc.exe [2011-08-13 1844224]
R4 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
R4 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 BFRD4G;BUFFALO RAM Disk Driver;c:\windows\system32\DRIVERS\BFRD4G.sys [2010-03-10 47232]
S0 bftpdskc64;BUFFALO TurboPC Cache Filter;c:\windows\system32\drivers\bftpdskc64.sys [2011-07-13 72016]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2011-10-15 28992]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 c2scsi64;c2scsi64;c:\windows\system32\DRIVERS\c2scsi64.sys [2010-11-22 167920]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-04-03 283200]
S1 nvkflt;nvkflt;c:\windows\system32\DRIVERS\nvkflt.sys [2011-10-15 249152]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-02 63928]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-07-03 71064]
S2 BFBackupUtilityService;Backup Utility Service;c:\program files (x86)\BUFFALO\Backup_Utility\BUService.exe [2010-08-20 320888]
S2 BFBackupUtilityVSSService;Backup Utility VSS Service;c:\program files (x86)\BUFFALO\Backup_Utility\BUVSSService64.exe [2010-04-28 359288]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2010-11-03 897088]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2010-01-11 155648]
S2 FAService;FAService;c:\program files (x86)\Sensible Vision\Fast Access\FAService.exe [2010-11-02 2428552]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336]
S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [2011-07-06 145008]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-10-15 2253120]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2010-08-20 689472]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-10-14 381248]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2011-12-14 2123584]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-11-29 16120]
S2 UCManSvc;UCManSvc;c:\program files (x86)\SoftDenchi\UCManSvc.exe [2010-03-12 241808]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-10-06 2655768]
S2 UnsignedThemes;Unsigned Themes;c:\windows\UnsignedThemesSvc.exe [2009-07-12 24168]
S2 uxpatch;uxpatch;c:\windows\system32\drivers\uxpatch.sys [2009-07-12 30568]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [2010-11-04 58128]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [2010-10-19 274432]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [2010-08-12 175168]
S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [2010-11-04 59904]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904]
S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-09-21 56344]
S3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [2010-12-21 8505856]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-12-10 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-12-10 181248]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-10-26 406632]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2011-12-12 11856]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 wdkmd;Intel WiDi KMD;c:\windows\system32\DRIVERS\WDKMD.sys [2010-12-01 42392]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-07-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3405665497-2748038552-3055002692-1001Core.job
- c:\users\Lelouch\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-14 13:04]
.
2012-07-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3405665497-2748038552-3055002692-1001UA.job
- c:\users\Lelouch\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-14 13:04]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-07-03 16:21 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2011-05-30 16:50 22408 ----a-w- c:\program files (x86)\Internet Download Manager\IDMShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-01-20 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-01-20 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-01-20 418328]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-01-21 525312]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2010-12-08 592240]
"QuickSet"="c:\program files\Dell\QuickSet\QuickSet.exe" [2011-01-21 3666800]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2010-12-17 1933584]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2010-11-03 10228224]
"NVHotkey"="c:\windows\system32\nvHotkey.dll" [2011-10-15 539456]
"combofix"="c:\combofix\CF20670.3XE" [2010-11-20 345088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://inm.startya.com/?cfg=2-575-0-0&engine_id=3&provider_id=3&product_id=575&country=MY
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Download all links with IDM - c:\program files (x86)\Internet Download Manager\IEGetAll.htm
IE: Download with IDM - c:\program files (x86)\Internet Download Manager\IEExt.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
LSP: pcapwsp.dll
LSP: c:\program files (x86)\WideCap\widecapdrv.dll
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Lelouch\AppData\Roaming\Mozilla\Firefox\Profiles\hhq0uue9.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-Run-FAStartup - (no file)
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-uTorrent - c:\program files (x86)\uTorrent\uTorrent.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\PCDSRVC{1E208CE0-FB7451FF-06020101}_0]
"ImagePath"="\??\c:\program files\dell support center\pcdsrvc_x64.pkms"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va008]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va008"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va009]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va009"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3405665497-2748038552-3055002692-1000\Software\relic UGP Applications\age\゙0ヨ0・・1*1*\Installation]
"bInstalled"=dword:00000001
"strObjectOcean"="c:\\age\\マブラヴ11\\マブラヴ11.rio"
"strAbsolutePath"="c:\\age\\マブラヴ11\\"
"strInstallSourcePath"="e:\\"
"strInstallTypeSelect"="1"
"strInstallSystemType"=""
"strTTFileName"="マブラヴ11.rbt"
"strIciPath"="c:\\age\\マブラヴ11\\マブラヴ11.rio.ici"
.
[HKEY_USERS\S-1-5-21-3405665497-2748038552-3055002692-1000\Software\relic UGP Applications\age\゙0ヨ0・・1*1*\InstallFont]
"MS Pゴシック%#24%$-B%$-A"="マブラヴ11.rio\\MS Pゴシック24BA.5RF"
"MS Pゴシック%#16%$-B"="マブラヴ11.rio\\MS Pゴシック16B.5RF"
.
[HKEY_USERS\S-1-5-21-3405665497-2748038552-3055002692-1000\Software\relic UGP Applications\age\゙0ヨ0・・1*1*\PeculiarToTheApp]
"strTheAppName"="マブラヴ1.1"
.
[HKEY_USERS\S-1-5-21-3405665497-2748038552-3055002692-1000\Software\relic UGP Applications\age\゙0ヨ0・・1*1*\rUGPBasic]
"strRugpPluginFolder"="c:\\age\\マブラヴ11\\Plugins"
"nRugpVersion"=dword:0000157c
"bIsIllegalTerminateCheck"=dword:00000001
.
[HKEY_USERS\S-1-5-21-3405665497-2748038552-3055002692-1000\Software\relic UGP Applications\age\゙0ヨ0・・1*1*\rvmmBoxSettings]
"nWndBaseColor1"=dword:002020a0
"nWndBaseColor2"=dword:00c0c0ff
"nWndBaseGradation"=dword:00000001
"nWndBaseRatioSrc"=dword:000000c0
"nWndBaseRatioDst"=dword:00000006
"nWndFrameLevel"=dword:00000003
"nFontBlank"=dword:00000002
"nMainFontColor"=dword:ffffffff
"nSelectedFontColor"=dword:ff8090c0
.
[HKEY_USERS\S-1-5-21-3405665497-2748038552-3055002692-1000\Software\relic UGP Applications\age\゙0ヨ0・・1*1*\rvmmInstallation]
"strVirtuaRegistryAbsolutePath"="c:\\age\\マブラヴ11\\Vmreg\\"
"strFontCachePath"="c:\\age\\マブラヴ11\\"
.
[HKEY_USERS\S-1-5-21-3405665497-2748038552-3055002692-1000\Software\relic UGP Applications\age\゙0ヨ0・・1*1*\rvmmPeculiarToTheApp]
"strStandardFont"="MS Pゴシック%#24%$-B%$-A"
"strLowSpecFont"="MS Pゴシック%#16%$-B"
"bCanSettingWindow"=dword:00000001
"bCanSettingFont"=dword:00000001
"bCanSettingSound"=dword:00000001
"bPageOverNext"=dword:00000000
"bUucAccessMasterKey"=dword:00000001
"bFullScreenMenuOff"=dword:00000000
"bWindowMenuAccessMasterKey"=dword:00000001
.
[HKEY_USERS\S-1-5-21-3405665497-2748038552-3055002692-1000\Software\relic UGP Applications\age\゙0ヨ0・・1*1*\rvmmUISettings]
"bFullScreen"=dword:00000001
"strCurrentMonitorDevice"=""
"dwCurrentMonitorFlag"=dword:00000000
"nWindowSize"=dword:00000003
"nFaceWindowSize"=dword:00000003
"isBgm"=dword:00000001
"isEffect"=dword:00000001
"nVoiceLevel"=dword:00000001
"nLayeredEffect"=dword:00000001
"nSeenMsgSkip"=dword:00000001
"nAutoMsgSkip"=dword:00000000
"bMouseTrace"=dword:00000001
"nTextSpeed"=dword:0000003c
"dwMainFontStyle"=dword:00000005
.
[HKEY_USERS\S-1-5-21-3405665497-2748038552-3055002692-1001\Software\relic UGP Applications\age\゙0ヨ0・・1*1*]
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-3405665497-2748038552-3055002692-1001\Software\relic UGP Applications\age\゙0ヨ0・・1*1*\Installation]
"bInstalled"=dword:00000001
"strAbsolutePath"="c:\\age\\マブラヴ11\\"
"strIciPath"="c:\\age\\マブラヴ11\\マブラヴ11.rio.ici"
"strInstallSourcePath"="e:\\"
"strInstallSystemType"=""
"strInstallTypeSelect"="1"
"strObjectOcean"="c:\\age\\マブラヴ11\\マブラヴ11.rio"
"strTTFileName"="マブラヴ11.rbt"
.
[HKEY_USERS\S-1-5-21-3405665497-2748038552-3055002692-1001\Software\relic UGP Applications\age\゙0ヨ0・・1*1*\InstallFont]
"MS Pゴシック%#16%$-B"="マブラヴ11.rio\\MS Pゴシック16B.5RF"
"MS Pゴシック%#24%$-B%$-A"="マブラヴ11.rio\\MS Pゴシック24BA.5RF"
.
[HKEY_USERS\S-1-5-21-3405665497-2748038552-3055002692-1001\Software\relic UGP Applications\age\゙0ヨ0・・1*1*\PeculiarToTheApp]
"strTheAppName"="マブラヴ1.1"
.
[HKEY_USERS\S-1-5-21-3405665497-2748038552-3055002692-1001\Software\relic UGP Applications\age\゙0ヨ0・・1*1*\rUGPBasic]
"nRugpVersion"=dword:0000157c
"strRugpPluginFolder"="c:\\age\\マブラヴ11\\Plugins"
"bIsIllegalTerminateCheck"=dword:00000000
.
[HKEY_USERS\S-1-5-21-3405665497-2748038552-3055002692-1001\Software\relic UGP Applications\age\゙0ヨ0・・1*1*\rvmmBoxSettings]
"nFontBlank"=dword:00000002
"nMainFontColor"=dword:ffffffff
"nSelectedFontColor"=dword:ff8090c0
"nWndBaseColor1"=dword:002020a0
"nWndBaseColor2"=dword:00c0c0ff
"nWndBaseGradation"=dword:00000001
"nWndBaseRatioDst"=dword:00000006
"nWndBaseRatioSrc"=dword:000000c0
"nWndFrameLevel"=dword:00000003
.
[HKEY_USERS\S-1-5-21-3405665497-2748038552-3055002692-1001\Software\relic UGP Applications\age\゙0ヨ0・・1*1*\rvmmInstallation]
"strFontCachePath"="c:\\age\\マブラヴ11\\"
"strVirtuaRegistryAbsolutePath"="c:\\age\\マブラヴ11\\Vmreg\\"
.
[HKEY_USERS\S-1-5-21-3405665497-2748038552-3055002692-1001\Software\relic UGP Applications\age\゙0ヨ0・・1*1*\rvmmPeculiarToTheApp]
"bCanSettingFont"=dword:00000001
"bCanSettingSound"=dword:00000001
"bCanSettingWindow"=dword:00000001
"bFullScreenMenuOff"=dword:00000000
"bPageOverNext"=dword:00000000
"bUucAccessMasterKey"=dword:00000001
"bWindowMenuAccessMasterKey"=dword:00000001
"strLowSpecFont"="MS Pゴシック%#16%$-B"
"strStandardFont"="MS Pゴシック%#24%$-B%$-A"
.
[HKEY_USERS\S-1-5-21-3405665497-2748038552-3055002692-1001\Software\relic UGP Applications\age\゙0ヨ0・・1*1*\rvmmUISettings]
"dwMainFontStyle"=dword:0000000c
"nTextSpeed"=dword:00000030
"bFullScreen"=dword:00000000
"strCurrentMonitorDevice"="\\\\.\\DISPLAY1"
"dwCurrentMonitorFlag"=dword:00000001
"nWindowSize"=dword:00000003
"nFaceWindowSize"=dword:00000003
"isBgm"=dword:00000001
"isEffect"=dword:00000001
"nVoiceLevel"=dword:00000001
"nLayeredEffect"=dword:00000001
"nSeenMsgSkip"=dword:00000001
"nAutoMsgSkip"=dword:00000000
"bMouseTrace"=dword:00000001
.
[HKEY_USERS\S-1-5-21-3405665497-2748038552-3055002692-1001\Software\SecuROM\License information*]
"datasecu"=hex:a3,a2,28,cb,b7,56,0c,91,df,f7,62,f6,7c,55,20,60,62,ec,f4,f4,af,
05,2d,02,a7,47,c6,73,7a,6b,d6,c0,43,c9,c4,dc,29,48,60,d9,a7,61,39,d3,8f,c9,\
"rkeysecu"=hex:13,f6,1b,73,83,ba,cb,ab,48,69,0d,36,ec,ec,75,6e
.
[HKEY_USERS\S-1-5-21-3405665497-2748038552-3055002692-1001\Software\「0ラ0・ア0・キ0・・ *ヲ0」0カ0・ノ0g0ubU0・_0・・ォ0・ *「0ラ0・ア0・キ0・・]
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-3405665497-2748038552-3055002692-1001_Classes\Wow6432Node\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):0a,46,d0,8f,7c,bb,92,50,40,0e,9e,d7,89,42,5d,b8,0f,ce,73,1f,e5,
65,a5,9f,09,e4,34,0d,e6,50,d6,5e,88,26,a3,7d,1a,3b,d1,4d,00,00,00,00,00,00,\
.
[HKEY_USERS\S-1-5-21-3405665497-2748038552-3055002692-1001_Classes\Wow6432Node\CLSID\{cc682e3c-597d-4b49-b240-e637373ec41c}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:00000022
"Therad"=dword:0000000f
"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a,
1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\タ0、0ミ0・ク0ァ0・ケ0・・・ソ0・ *ケ0ッ0・・・サ0・ミ0・]
"UninstallString"="c:\\WINDOWS\\Resources\\Screensaver\\ダイバージェンス・メーター スクリーンセーバーUninst.exe"
"DisplayName"="ダイバージェンス・メーター スクリーンセーバー"
"DisplayIcon"="c:\\WINDOWS\\Resources\\Screensaver\\ダイバージェンス・メーター スクリーンセーバーUninst.exe,0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Completion time: 2012-07-13 15:10:48 - machine was rebooted
ComboFix-quarantined-files.txt 2012-07-13 07:10
.
Pre-Run: 42,817,695,744 bytes free
Post-Run: 42,677,227,520 bytes free
.
- - End Of File - - 45C0BDE39EAD794AC6E49B13A24BBD7D




TDSSKiller log



15:18:27.0592 1296 TDSS rootkit removing tool 2.7.45.0 Jul 9 2012 12:46:35
15:18:28.0700 1296 ============================================================
15:18:28.0700 1296 Current date / time: 2012/07/13 15:18:28.0700
15:18:28.0700 1296 SystemInfo:
15:18:28.0700 1296
15:18:28.0700 1296 OS Version: 6.1.7601 ServicePack: 1.0
15:18:28.0700 1296 Product type: Workstation
15:18:28.0700 1296 ComputerName: LELOUCH-PC
15:18:28.0700 1296 UserName: Lelouch
15:18:28.0700 1296 Windows directory: C:\Windows
15:18:28.0700 1296 System windows directory: C:\Windows
15:18:28.0700 1296 Running under WOW64
15:18:28.0700 1296 Processor architecture: Intel x64
15:18:28.0700 1296 Number of processors: 8
15:18:28.0700 1296 Page size: 0x1000
15:18:28.0700 1296 Boot type: Normal boot
15:18:28.0700 1296 ============================================================
15:18:29.0199 1296 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:18:29.0308 1296 ============================================================
15:18:29.0308 1296 \Device\Harddisk0\DR0:
15:18:29.0308 1296 MBR partitions:
15:18:29.0308 1296 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D4C000
15:18:29.0308 1296 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D7E800, BlocksNum 0x38607030
15:18:29.0308 1296 ============================================================
15:18:29.0355 1296 C: <-> \Device\Harddisk0\DR0\Partition1
15:18:29.0355 1296 ============================================================
15:18:29.0355 1296 Initialize success
15:18:29.0355 1296 ============================================================
15:18:57.0232 2720 ============================================================
15:18:57.0232 2720 Scan started
15:18:57.0232 2720 Mode: Manual; SigCheck; TDLFS;
15:18:57.0232 2720 ============================================================
15:18:57.0669 2720 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
15:18:57.0950 2720 1394ohci - ok
15:18:58.0059 2720 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
15:18:58.0090 2720 ACPI - ok
15:18:58.0168 2720 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
15:18:58.0262 2720 AcpiPmi - ok
15:18:58.0402 2720 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:18:58.0418 2720 AdobeARMservice - ok
15:18:58.0527 2720 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
15:18:58.0574 2720 adp94xx - ok
15:18:58.0652 2720 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
15:18:58.0683 2720 adpahci - ok
15:18:58.0761 2720 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
15:18:58.0792 2720 adpu320 - ok
15:18:58.0839 2720 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
15:18:58.0917 2720 AeLookupSvc - ok
15:18:59.0026 2720 AESTFilters (a6fb9db8f1a86861d955fd6975977ae0) C:\Program Files\IDT\WDM\AESTSr64.exe
15:18:59.0089 2720 AESTFilters - ok
15:18:59.0151 2720 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
15:18:59.0229 2720 AFD - ok
15:18:59.0291 2720 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
15:18:59.0323 2720 agp440 - ok
15:18:59.0416 2720 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
15:18:59.0463 2720 ALG - ok
15:18:59.0557 2720 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
15:18:59.0572 2720 aliide - ok
15:18:59.0588 2720 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
15:18:59.0603 2720 amdide - ok
15:18:59.0650 2720 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
15:18:59.0713 2720 AmdK8 - ok
15:18:59.0728 2720 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
15:18:59.0806 2720 AmdPPM - ok
15:18:59.0915 2720 amdsata (6ec6d772eae38dc17c14aed9b178d24b) C:\Windows\system32\drivers\amdsata.sys
15:18:59.0947 2720 amdsata - ok
15:18:59.0978 2720 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
15:18:59.0978 2720 amdsbs - ok
15:18:59.0993 2720 amdxata (1142a21db581a84ea5597b03a26ebaa0) C:\Windows\system32\drivers\amdxata.sys
15:19:00.0025 2720 amdxata - ok
15:19:00.0118 2720 ApfiltrService (7380b9072ebc65a54da3074e14bf34b9) C:\Windows\system32\DRIVERS\Apfiltr.sys
15:19:00.0165 2720 ApfiltrService - ok
15:19:00.0243 2720 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
15:19:00.0321 2720 AppID - ok
15:19:00.0368 2720 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
15:19:00.0477 2720 AppIDSvc - ok
15:19:00.0524 2720 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
15:19:00.0649 2720 Appinfo - ok
15:19:00.0742 2720 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
15:19:00.0773 2720 arc - ok
15:19:00.0805 2720 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
15:19:00.0820 2720 arcsas - ok
15:19:00.0929 2720 aswFsBlk (df59b8e8df0bd2e0e303778a3806a17d) C:\Windows\system32\drivers\aswFsBlk.sys
15:19:00.0961 2720 aswFsBlk - ok
15:19:01.0023 2720 aswMonFlt (f8e6ab4f876feff69250f2e0c29ef004) C:\Windows\system32\drivers\aswMonFlt.sys
15:19:01.0054 2720 aswMonFlt - ok
15:19:01.0132 2720 aswRdr (aa92bc4bcba40ca3aa3ffd1be24f0c09) C:\Windows\System32\Drivers\aswrdr2.sys
15:19:01.0163 2720 aswRdr - ok
15:19:01.0273 2720 aswSnx (f06e230e1e8ca9437a6474b7b551cd37) C:\Windows\system32\drivers\aswSnx.sys
15:19:01.0304 2720 aswSnx - ok
15:19:01.0351 2720 aswSP (3610ca74a69e380424f0452dec5c1317) C:\Windows\system32\drivers\aswSP.sys
15:19:01.0366 2720 aswSP - ok
15:19:01.0429 2720 aswTdi (87de3e31cb0091d22351349869324065) C:\Windows\system32\drivers\aswTdi.sys
15:19:01.0444 2720 aswTdi - ok
15:19:01.0491 2720 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
15:19:01.0585 2720 AsyncMac - ok
15:19:01.0647 2720 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
15:19:01.0663 2720 atapi - ok
15:19:01.0772 2720 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
15:19:01.0850 2720 AudioEndpointBuilder - ok
15:19:01.0865 2720 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
15:19:01.0897 2720 AudioSrv - ok
15:19:02.0006 2720 avast! Antivirus (2f7c0f3e39c45e0127fb78b2f18a41f3) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
15:19:02.0021 2720 avast! Antivirus - ok
15:19:02.0115 2720 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
15:19:02.0193 2720 AxInstSV - ok
15:19:02.0255 2720 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
15:19:02.0333 2720 b06bdrv - ok
15:19:02.0365 2720 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
15:19:02.0427 2720 b57nd60a - ok
15:19:02.0505 2720 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
15:19:02.0567 2720 BDESVC - ok
15:19:02.0583 2720 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
15:19:02.0661 2720 Beep - ok
15:19:02.0770 2720 BFBackupUtilityService - ok
15:19:02.0770 2720 BFBackupUtilityVSSService - ok
15:19:02.0895 2720 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
15:19:02.0942 2720 BFE - ok
15:19:03.0067 2720 BFRD4G (3cc634f7bb138bf67bbca49ec8513f35) C:\Windows\system32\DRIVERS\BFRD4G.sys
15:19:03.0082 2720 BFRD4G - ok
15:19:03.0191 2720 bftpdskc64 (97f0bcc26f5364326f6410e88bf20142) C:\Windows\system32\drivers\bftpdskc64.sys
15:19:03.0223 2720 bftpdskc64 - ok
15:19:03.0285 2720 bftpusbx64 (2ee89b72a054d30363bc79a8b9401750) C:\Windows\system32\drivers\bftpusbx64.sys
15:19:03.0316 2720 bftpusbx64 - ok
15:19:03.0363 2720 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
15:19:03.0472 2720 BITS - ok
15:19:03.0519 2720 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
15:19:03.0581 2720 blbdrive - ok
15:19:03.0706 2720 Bluetooth Device Monitor (093b1b419ef25b15d3a1ca6953f41afb) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
15:19:03.0769 2720 Bluetooth Device Monitor ( UnsignedFile.Multi.Generic ) - warning
15:19:03.0769 2720 Bluetooth Device Monitor - detected UnsignedFile.Multi.Generic (1)
15:19:03.0847 2720 Bluetooth Media Service (03a7341e94acd92e0831336d4f3ace92) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
15:19:03.0893 2720 Bluetooth Media Service ( UnsignedFile.Multi.Generic ) - warning
15:19:03.0893 2720 Bluetooth Media Service - detected UnsignedFile.Multi.Generic (1)
15:19:04.0065 2720 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
15:19:04.0096 2720 bowser - ok
15:19:04.0190 2720 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:19:04.0268 2720 BrFiltLo - ok
15:19:04.0299 2720 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:19:04.0330 2720 BrFiltUp - ok
15:19:04.0330 2720 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
15:19:04.0377 2720 BridgeMP - ok
15:19:04.0471 2720 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
15:19:04.0549 2720 Browser - ok
15:19:04.0611 2720 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
15:19:04.0736 2720 Brserid - ok
15:19:04.0767 2720 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
15:19:04.0829 2720 BrSerWdm - ok
15:19:04.0845 2720 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
15:19:04.0892 2720 BrUsbMdm - ok
15:19:04.0907 2720 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
15:19:04.0923 2720 BrUsbSer - ok
15:19:04.0954 2720 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
15:19:05.0048 2720 BthEnum - ok
15:19:05.0095 2720 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
15:19:05.0141 2720 BTHMODEM - ok
15:19:05.0219 2720 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
15:19:05.0282 2720 BthPan - ok
15:19:05.0329 2720 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
15:19:05.0360 2720 BTHPORT - ok
15:19:05.0422 2720 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
15:19:05.0469 2720 bthserv - ok
15:19:05.0500 2720 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
15:19:05.0547 2720 BTHUSB - ok
15:19:05.0609 2720 btmaux (16c1bac9760c9fa85a30f3fa0fbb1b7a) C:\Windows\system32\DRIVERS\btmaux.sys
15:19:05.0625 2720 btmaux - ok
15:19:05.0656 2720 btmhsf (0c468d8da95be16bfdd380bb9de88259) C:\Windows\system32\DRIVERS\btmhsf.sys
15:19:05.0703 2720 btmhsf - ok
15:19:05.0765 2720 c2scsi64 (59626ab5920f316bdbfdc8b47521a882) C:\Windows\system32\DRIVERS\c2scsi64.sys
15:19:05.0797 2720 c2scsi64 - ok
15:19:05.0797 2720 catchme - ok
15:19:05.0828 2720 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
15:19:05.0906 2720 cdfs - ok
15:19:05.0953 2720 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
15:19:06.0015 2720 cdrom - ok
15:19:06.0077 2720 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
15:19:06.0155 2720 CertPropSvc - ok
15:19:06.0187 2720 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
15:19:06.0218 2720 circlass - ok
15:19:06.0296 2720 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
15:19:06.0343 2720 CLFS - ok
15:19:06.0405 2720 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:19:06.0421 2720 clr_optimization_v2.0.50727_32 - ok
15:19:06.0483 2720 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:19:06.0483 2720 clr_optimization_v2.0.50727_64 - ok
15:19:06.0577 2720 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:19:06.0608 2720 clr_optimization_v4.0.30319_32 - ok
15:19:06.0655 2720 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:19:06.0670 2720 clr_optimization_v4.0.30319_64 - ok
15:19:06.0748 2720 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
15:19:06.0811 2720 CmBatt - ok
15:19:06.0842 2720 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
15:19:06.0857 2720 cmdide - ok
15:19:06.0935 2720 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
15:19:06.0998 2720 CNG - ok
15:19:07.0045 2720 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
15:19:07.0076 2720 Compbatt - ok
15:19:07.0216 2720 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
15:19:07.0279 2720 CompositeBus - ok
15:19:07.0279 2720 COMSysApp - ok
15:19:07.0310 2720 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
15:19:07.0341 2720 crcdisk - ok
15:19:07.0372 2720 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
15:19:07.0435 2720 CryptSvc - ok
15:19:07.0481 2720 CtClsFlt (fbe228abeab2be13b9c3a3a112d4d8dc) C:\Windows\system32\DRIVERS\CtClsFlt.sys
15:19:07.0528 2720 CtClsFlt - ok
15:19:07.0747 2720 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
15:19:07.0778 2720 cvhsvc - ok
15:19:07.0949 2720 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
15:19:08.0059 2720 DcomLaunch - ok
15:19:08.0105 2720 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
15:19:08.0183 2720 defragsvc - ok
15:19:08.0261 2720 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
15:19:08.0324 2720 DfsC - ok
15:19:08.0371 2720 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
15:19:08.0433 2720 Dhcp - ok
15:19:08.0449 2720 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
15:19:08.0495 2720 discache - ok
15:19:08.0558 2720 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
15:19:08.0589 2720 Disk - ok
15:19:08.0605 2720 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
15:19:08.0651 2720 Dnscache - ok
15:19:08.0761 2720 DockLoginService (0840abbbdf438691ee65a20040635cbe) C:\Program Files\Dell\DellDock\DockLogin.exe
15:19:08.0807 2720 DockLoginService ( UnsignedFile.Multi.Generic ) - warning
15:19:08.0807 2720 DockLoginService - detected UnsignedFile.Multi.Generic (1)
15:19:08.0870 2720 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
15:19:08.0932 2720 dot3svc - ok
15:19:08.0995 2720 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
15:19:09.0073 2720 DPS - ok
15:19:09.0104 2720 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
15:19:09.0166 2720 drmkaud - ok
15:19:09.0213 2720 dtsoftbus01 (46571ed73ae84469dca53081d33cf3c8) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
15:19:09.0244 2720 dtsoftbus01 - ok
15:19:09.0291 2720 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
15:19:09.0322 2720 DXGKrnl - ok
15:19:09.0353 2720 EagleX64 - ok
15:19:09.0400 2720 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
15:19:09.0494 2720 EapHost - ok
15:19:09.0634 2720 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
15:19:09.0712 2720 ebdrv - ok
15:19:09.0821 2720 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
15:19:09.0899 2720 EFS - ok
15:19:09.0993 2720 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
15:19:10.0040 2720 ehRecvr - ok
15:19:10.0087 2720 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
15:19:10.0102 2720 ehSched - ok
15:19:10.0211 2720 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
15:19:10.0258 2720 elxstor - ok
15:19:10.0289 2720 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
15:19:10.0352 2720 ErrDev - ok
15:19:10.0430 2720 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
15:19:10.0492 2720 EventSystem - ok
15:19:10.0648 2720 EvtEng (8b6c9924b0d333dbf76086b8258a0891) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
15:19:10.0679 2720 EvtEng - ok
15:19:10.0820 2720 ewusbmbb - ok
15:19:10.0898 2720 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
15:19:10.0945 2720 exfat - ok
15:19:11.0023 2720 FACAP (2c1d443e14f376e8331f52f135dca9ef) C:\Windows\system32\DRIVERS\facap.sys
15:19:11.0054 2720 FACAP - ok
15:19:11.0272 2720 FAService (69ce05be48cd9fb80b108be872be3a74) C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe
15:19:11.0350 2720 FAService ( UnsignedFile.Multi.Generic ) - warning
15:19:11.0350 2720 FAService - detected UnsignedFile.Multi.Generic (1)
15:19:11.0475 2720 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
15:19:11.0553 2720 fastfat - ok
15:19:11.0615 2720 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
15:19:11.0693 2720 Fax - ok
15:19:11.0725 2720 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
15:19:11.0771 2720 fdc - ok
15:19:11.0818 2720 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
15:19:11.0896 2720 fdPHost - ok
15:19:11.0927 2720 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
15:19:11.0990 2720 FDResPub - ok
15:19:12.0037 2720 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
15:19:12.0052 2720 FileInfo - ok
15:19:12.0068 2720 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
15:19:12.0161 2720 Filetrace - ok
15:19:12.0193 2720 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
15:19:12.0193 2720 flpydisk - ok
15:19:12.0224 2720 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
15:19:12.0239 2720 FltMgr - ok
15:19:12.0302 2720 FontCache (b4447f606bb19fd8ad0bafb59b90f5d9) C:\Windows\system32\FntCache.dll
15:19:12.0395 2720 FontCache - ok
15:19:12.0473 2720 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:19:12.0489 2720 FontCache3.0.0.0 - ok
15:19:12.0520 2720 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
15:19:12.0536 2720 FsDepends - ok
15:19:12.0598 2720 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
15:19:12.0614 2720 Fs_Rec - ok
15:19:12.0692 2720 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
15:19:12.0739 2720 fvevol - ok
15:19:12.0785 2720 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
15:19:12.0817 2720 gagp30kx - ok
15:19:12.0910 2720 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
15:19:13.0004 2720 gpsvc - ok
15:19:13.0051 2720 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
15:19:13.0097 2720 hcw85cir - ok
15:19:13.0144 2720 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
15:19:13.0207 2720 HdAudAddService - ok
15:19:13.0253 2720 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
15:19:13.0331 2720 HDAudBus - ok
15:19:13.0363 2720 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
15:19:13.0394 2720 HidBatt - ok
15:19:13.0425 2720 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
15:19:13.0456 2720 HidBth - ok
15:19:13.0472 2720 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
15:19:13.0503 2720 HidIr - ok
15:19:13.0550 2720 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
15:19:13.0612 2720 hidserv - ok
15:19:13.0659 2720 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
15:19:13.0690 2720 HidUsb - ok
15:19:13.0753 2720 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
15:19:13.0846 2720 hkmsvc - ok
15:19:13.0893 2720 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
15:19:13.0971 2720 HomeGroupListener - ok
15:19:14.0018 2720 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
15:19:14.0080 2720 HomeGroupProvider - ok
15:19:14.0158 2720 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
15:19:14.0189 2720 HpSAMD - ok
15:19:14.0283 2720 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
15:19:14.0392 2720 HTTP - ok
15:19:14.0408 2720 huawei_enumerator - ok
15:19:14.0423 2720 hwdatacard - ok
15:19:14.0455 2720 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
15:19:14.0470 2720 hwpolicy - ok
15:19:14.0548 2720 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
15:19:14.0564 2720 i8042prt - ok
15:19:14.0642 2720 iaStor (d7921d5a870b11cc1adab198a519d50a) C:\Windows\system32\DRIVERS\iaStor.sys
15:19:14.0689 2720 iaStor - ok
15:19:14.0767 2720 IAStorDataMgrSvc (8fff9083252c16fe3960173722605e9e) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
15:19:14.0782 2720 IAStorDataMgrSvc - ok
15:19:14.0876 2720 iaStorV (3df4395a7cf8b7a72a5f4606366b8c2d) C:\Windows\system32\drivers\iaStorV.sys
15:19:14.0891 2720 iaStorV - ok
15:19:14.0923 2720 iBtFltCoex (fc85972037815fa7b413e790b426acb2) C:\Windows\system32\DRIVERS\iBtFltCoex.sys
15:19:14.0938 2720 iBtFltCoex - ok
15:19:15.0016 2720 IDMWFP (71359fc89451bf54fa06f049d3a87adf) C:\Windows\system32\DRIVERS\idmwfp.sys
15:19:15.0047 2720 IDMWFP - ok
15:19:15.0141 2720 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:19:15.0172 2720 idsvc - ok
15:19:15.0609 2720 igfx (78527e6a4d78b1153925914c55872beb) C:\Windows\system32\DRIVERS\igdkmd64.sys
15:19:15.0812 2720 igfx - ok
15:19:15.0952 2720 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
15:19:15.0983 2720 iirsp - ok
15:19:16.0030 2720 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
15:19:16.0108 2720 IKEEXT - ok
15:19:16.0155 2720 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
15:19:16.0186 2720 intelide - ok
15:19:16.0249 2720 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
15:19:16.0295 2720 intelppm - ok
15:19:16.0342 2720 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
15:19:16.0436 2720 IPBusEnum - ok
15:19:16.0483 2720 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:19:16.0576 2720 IpFilterDriver - ok
15:19:16.0654 2720 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
15:19:16.0732 2720 iphlpsvc - ok
15:19:16.0779 2720 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
15:19:16.0826 2720 IPMIDRV - ok
15:19:16.0873 2720 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
15:19:16.0966 2720 IPNAT - ok
15:19:16.0997 2720 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
15:19:17.0060 2720 IRENUM - ok
15:19:17.0091 2720 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
15:19:17.0122 2720 isapnp - ok
15:19:17.0138 2720 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
15:19:17.0169 2720 iScsiPrt - ok
15:19:17.0216 2720 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
15:19:17.0231 2720 kbdclass - ok
15:19:17.0294 2720 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
15:19:17.0325 2720 kbdhid - ok
15:19:17.0387 2720 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:19:17.0434 2720 KeyIso - ok
15:19:17.0465 2720 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
15:19:17.0497 2720 KSecDD - ok
15:19:17.0512 2720 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
15:19:17.0528 2720 KSecPkg - ok
15:19:17.0590 2720 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
15:19:17.0653 2720 ksthunk - ok
15:19:17.0699 2720 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
15:19:17.0762 2720 KtmRm - ok
15:19:17.0840 2720 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
15:19:17.0933 2720 LanmanServer - ok
15:19:17.0965 2720 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
15:19:18.0043 2720 LanmanWorkstation - ok
15:19:18.0089 2720 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
15:19:18.0167 2720 lltdio - ok
15:19:18.0230 2720 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
15:19:18.0292 2720 lltdsvc - ok
15:19:18.0323 2720 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
15:19:18.0386 2720 lmhosts - ok
15:19:18.0495 2720 LMS (0803906d607a9b83184447b75b60ecc2) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
15:19:18.0526 2720 LMS - ok
15:19:18.0604 2720 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
15:19:18.0620 2720 LSI_FC - ok
15:19:18.0635 2720 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
15:19:18.0651 2720 LSI_SAS - ok
15:19:18.0667 2720 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:19:18.0682 2720 LSI_SAS2 - ok
15:19:18.0698 2720 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:19:18.0713 2720 LSI_SCSI - ok
15:19:18.0760 2720 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
15:19:18.0854 2720 luafv - ok
15:19:18.0885 2720 massfilter - ok
15:19:18.0963 2720 MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys
15:19:18.0994 2720 MBAMProtector - ok
15:19:19.0103 2720 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
15:19:19.0119 2720 MBAMService - ok
15:19:19.0181 2720 McAWFwk - ok
15:19:19.0259 2720 mcdbus (79d51e7f5926e8ce1b3ebecebae28cff) C:\Windows\system32\DRIVERS\mcdbus.sys
15:19:19.0275 2720 mcdbus - ok
15:19:19.0353 2720 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
15:19:19.0431 2720 Mcx2Svc - ok
15:19:19.0447 2720 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
15:19:19.0447 2720 megasas - ok
15:19:19.0509 2720 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
15:19:19.0540 2720 MegaSR - ok
15:19:19.0603 2720 MEIx64 (1c6e73fc46b509eff9d0086aa37132df) C:\Windows\system32\DRIVERS\HECIx64.sys
15:19:19.0634 2720 MEIx64 - ok
15:19:19.0727 2720 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
15:19:19.0759 2720 Microsoft Office Groove Audit Service - ok
15:19:19.0821 2720 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
15:19:19.0915 2720 MMCSS - ok
15:19:19.0946 2720 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
15:19:20.0024 2720 Modem - ok
15:19:20.0055 2720 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
15:19:20.0117 2720 monitor - ok
15:19:20.0180 2720 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
15:19:20.0195 2720 mouclass - ok
15:19:20.0258 2720 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
15:19:20.0320 2720 mouhid - ok
15:19:20.0383 2720 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
15:19:20.0414 2720 mountmgr - ok
15:19:20.0507 2720 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:19:20.0539 2720 MozillaMaintenance - ok
15:19:20.0570 2720 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
15:19:20.0601 2720 mpio - ok
15:19:20.0617 2720 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
15:19:20.0648 2720 mpsdrv - ok
15:19:20.0695 2720 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
15:19:20.0804 2720 MpsSvc - ok
15:19:20.0851 2720 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
15:19:20.0913 2720 MRxDAV - ok
15:19:20.0960 2720 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:19:21.0022 2720 mrxsmb - ok
15:19:21.0069 2720 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:19:21.0116 2720 mrxsmb10 - ok
15:19:21.0147 2720 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:19:21.0178 2720 mrxsmb20 - ok
15:19:21.0225 2720 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
15:19:21.0241 2720 msahci - ok
15:19:21.0287 2720 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
15:19:21.0319 2720 msdsm - ok
15:19:21.0350 2720 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
15:19:21.0412 2720 MSDTC - ok
15:19:21.0459 2720 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
15:19:21.0506 2720 Msfs - ok
15:19:21.0553 2720 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
15:19:21.0646 2720 mshidkmdf - ok
15:19:21.0677 2720 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
15:19:21.0677 2720 msisadrv - ok
15:19:21.0709 2720 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
15:19:21.0802 2720 MSiSCSI - ok
15:19:21.0802 2720 msiserver - ok
15:19:21.0833 2720 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
15:19:21.0911 2720 MSKSSRV - ok
15:19:21.0943 2720 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
15:19:22.0005 2720 MSPCLOCK - ok
15:19:22.0036 2720 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
15:19:22.0114 2720 MSPQM - ok
15:19:22.0161 2720 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
15:19:22.0192 2720 MsRPC - ok
15:19:22.0223 2720 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
15:19:22.0239 2720 mssmbios - ok
15:19:22.0255 2720 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
15:19:22.0333 2720 MSTEE - ok
15:19:22.0364 2720 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
15:19:22.0411 2720 MTConfig - ok
15:19:22.0442 2720 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
15:19:22.0457 2720 Mup - ok
15:19:22.0598 2720 MyWiFiDHCPDNS (6ed8935257672f4cd04a88a0f3de093d) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
15:19:22.0629 2720 MyWiFiDHCPDNS - ok
15:19:22.0660 2720 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
15:19:22.0723 2720 napagent - ok
15:19:22.0769 2720 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
15:19:22.0832 2720 NativeWifiP - ok
15:19:22.0910 2720 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys
15:19:22.0941 2720 NDIS - ok
15:19:23.0019 2720 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
15:19:23.0066 2720 NdisCap - ok
15:19:23.0113 2720 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
15:19:23.0191 2720 NdisTapi - ok
15:19:23.0237 2720 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
15:19:23.0331 2720 Ndisuio - ok
15:19:23.0378 2720 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
15:19:23.0440 2720 NdisWan - ok
15:19:23.0503 2720 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
15:19:23.0549 2720 NDProxy - ok
15:19:23.0581 2720 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
15:19:23.0643 2720 NetBIOS - ok
15:19:23.0690 2720 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
15:19:23.0752 2720 NetBT - ok
15:19:23.0846 2720 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:19:23.0893 2720 Netlogon - ok
15:19:23.0971 2720 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
15:19:24.0080 2720 Netman - ok
15:19:24.0111 2720 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
15:19:24.0173 2720 netprofm - ok
15:19:24.0267 2720 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:19:24.0298 2720 NetTcpPortSharing - ok
15:19:24.0657 2720 NETwNs64 (5d262402b0634c998f8cbcead7dd8676) C:\Windows\system32\DRIVERS\NETwNs64.sys
15:19:24.0797 2720 NETwNs64 - ok
15:19:24.0938 2720 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
15:19:24.0953 2720 nfrd960 - ok
15:19:25.0031 2720 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
15:19:25.0125 2720 NlaSvc - ok
15:19:25.0328 2720 NOBU (b9b72faaaa41d59b73b88fe3dd737ed1) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
15:19:25.0375 2720 NOBU - ok
15:19:25.0484 2720 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
15:19:25.0531 2720 Npfs - ok
15:19:25.0546 2720 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
15:19:25.0640 2720 nsi - ok
15:19:25.0671 2720 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
15:19:25.0687 2720 nsiproxy - ok
15:19:25.0780 2720 Ntfs (05d78aa5cb5f3f5c31160bdb955d0b7c) C:\Windows\system32\drivers\Ntfs.sys
15:19:25.0811 2720 Ntfs - ok
15:19:25.0843 2720 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
15:19:25.0889 2720 Null - ok
15:19:25.0967 2720 nusb3hub (158ad24745bd85ba9be3c51c38f48c32) C:\Windows\system32\DRIVERS\nusb3hub.sys
15:19:25.0983 2720 nusb3hub - ok
15:19:26.0014 2720 nusb3xhc (d40a13b2c0891e218f9523b376955db6) C:\Windows\system32\DRIVERS\nusb3xhc.sys
15:19:26.0077 2720 nusb3xhc - ok
15:19:26.0139 2720 NVHDA (10204955027011e08a9dc27737a48a54) C:\Windows\system32\drivers\nvhda64v.sys
15:19:26.0170 2720 NVHDA - ok
15:19:26.0264 2720 nvkflt (63bcd806f51c31159193697f306feb7f) C:\Windows\system32\DRIVERS\nvkflt.sys
15:19:26.0295 2720 nvkflt - ok
15:19:26.0747 2720 nvlddmkm (b15258b1f45f9571758ac6bb2f043b01) C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:19:26.0903 2720 nvlddmkm - ok
15:19:27.0013 2720 nvpciflt (682ea9ed3399d6066f0daecf7938727e) C:\Windows\system32\DRIVERS\nvpciflt.sys
15:19:27.0044 2720 nvpciflt - ok
15:19:27.0091 2720 nvraid (5d9fd91f3d38dc9da01e3cb5fa89cd48) C:\Windows\system32\drivers\nvraid.sys
15:19:27.0122 2720 nvraid - ok
15:19:27.0153 2720 nvstor (f7cd50fe7139f07e77da8ac8033d1832) C:\Windows\system32\drivers\nvstor.sys
15:19:27.0153 2720 nvstor - ok
15:19:27.0293 2720 NVSvc (2d7092fec9bd2aca199673bba2ba9277) C:\Windows\system32\nvvsvc.exe
15:19:27.0325 2720 NVSvc - ok
15:19:27.0512 2720 nvUpdatusService (7e22de30e222bfdfcec7e77032baf3cd) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
15:19:27.0590 2720 nvUpdatusService - ok
15:19:27.0746 2720 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
15:19:27.0761 2720 nv_agp - ok
15:19:27.0871 2720 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:19:27.0902 2720 odserv - ok
15:19:27.0917 2720 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
15:19:27.0964 2720 ohci1394 - ok
15:19:28.0011 2720 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:19:28.0042 2720 ose - ok
15:19:28.0245 2720 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:19:28.0339 2720 osppsvc - ok
15:19:28.0448 2720 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
15:19:28.0510 2720 p2pimsvc - ok
15:19:28.0557 2720 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
15:19:28.0604 2720 p2psvc - ok
15:19:28.0666 2720 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
15:19:28.0697 2720 Parport - ok
15:19:28.0729 2720 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
15:19:28.0760 2720 partmgr - ok
15:19:28.0947 2720 pcapsvc (98862cdb96cdccf0ebeafb57d477e099) C:\Program Files\Proxy Labs\ProxyCap\pcapsvc.exe
15:19:29.0009 2720 pcapsvc ( UnsignedFile.Multi.Generic ) - warning
15:19:29.0009 2720 pcapsvc - detected UnsignedFile.Multi.Generic (1)
15:19:29.0103 2720 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
15:19:29.0181 2720 PcaSvc - ok
15:19:29.0259 2720 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 (7317a0b550f7ac0223b7070897670476) c:\program files\dell support center\pcdsrvc_x64.pkms
15:19:29.0321 2720 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - ok
15:19:29.0384 2720 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
15:19:29.0415 2720 pci - ok
15:19:29.0446 2720 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
15:19:29.0477 2720 pciide - ok
15:19:29.0524 2720 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
15:19:29.0555 2720 pcmcia - ok
15:19:29.0571 2720 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
15:19:29.0587 2720 pcw - ok
15:19:29.0602 2720 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
15:19:29.0649 2720 PEAUTH - ok
15:19:29.0743 2720 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
15:19:29.0789 2720 PerfHost - ok
15:19:29.0914 2720 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
15:19:29.0992 2720 pla - ok
15:19:30.0086 2720 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
15:19:30.0148 2720 PlugPlay - ok
15:19:30.0179 2720 PnkBstrA - ok
15:19:30.0226 2720 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
15:19:30.0289 2720 PNRPAutoReg - ok
15:19:30.0320 2720 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
15:19:30.0351 2720 PNRPsvc - ok
15:19:30.0398 2720 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
15:19:30.0476 2720 PolicyAgent - ok
15:19:30.0538 2720 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
15:19:30.0601 2720 Power - ok
15:19:30.0694 2720 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
15:19:30.0772 2720 PptpMiniport - ok
15:19:30.0803 2720 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
15:19:30.0866 2720 Processor - ok
15:19:30.0913 2720 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
15:19:30.0975 2720 ProfSvc - ok
15:19:31.0022 2720 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:19:31.0053 2720 ProtectedStorage - ok
15:19:31.0115 2720 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
15:19:31.0178 2720 Psched - ok
15:19:31.0256 2720 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
15:19:31.0271 2720 PxHlpa64 - ok
15:19:31.0381 2720 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
15:19:31.0412 2720 ql2300 - ok
15:19:31.0537 2720 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
15:19:31.0568 2720 ql40xx - ok
15:19:31.0615 2720 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
15:19:31.0693 2720 QWAVE - ok
15:19:31.0724 2720 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
15:19:31.0786 2720 QWAVEdrv - ok
15:19:31.0802 2720 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
15:19:31.0880 2720 RasAcd - ok
15:19:31.0927 2720 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
15:19:31.0973 2720 RasAgileVpn - ok
15:19:32.0036 2720 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
15:19:32.0114 2720 RasAuto - ok
15:19:32.0161 2720 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:19:32.0239 2720 Rasl2tp - ok
15:19:32.0301 2720 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
15:19:32.0348 2720 RasMan - ok
15:19:32.0379 2720 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
15:19:32.0457 2720 RasPppoe - ok
15:19:32.0504 2720 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
15:19:32.0597 2720 RasSstp - ok
15:19:32.0629 2720 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
15:19:32.0660 2720 rdbss - ok
15:19:32.0675 2720 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
15:19:32.0722 2720 rdpbus - ok
15:19:32.0769 2720 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:19:32.0816 2720 RDPCDD - ok
15:19:32.0816 2720 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
15:19:32.0863 2720 RDPENCDD - ok
15:19:32.0894 2720 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
15:19:32.0925 2720 RDPREFMP - ok
15:19:32.0972 2720 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
15:19:33.0034 2720 RDPWD - ok
15:19:33.0081 2720 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
15:19:33.0112 2720 rdyboost - ok
15:19:33.0190 2720 RegSrvc (189c5a8d2098e0aa14fd157a954b34fc) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
15:19:33.0221 2720 RegSrvc - ok
15:19:33.0253 2720 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
15:19:33.0346 2720 RemoteAccess - ok
15:19:33.0393 2720 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
15:19:33.0471 2720 RemoteRegistry - ok
15:19:33.0549 2720 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
15:19:33.0627 2720 RFCOMM - ok
15:19:33.0830 2720 RoxMediaDB12OEM (3c957189b31c34d3ad21967b12b6aed7) c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
15:19:33.0845 2720 RoxMediaDB12OEM - ok
15:19:33.0877 2720 RoxWatch12 (2b73088cc2ca757a172b425c9398e5bc) c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
15:19:33.0892 2720 RoxWatch12 - ok
15:19:33.0986 2720 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
15:19:34.0079 2720 RpcEptMapper - ok
15:19:34.0111 2720 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
15:19:34.0157 2720 RpcLocator - ok
15:19:34.0220 2720 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\System32\rpcss.dll
15:19:34.0267 2720 RpcSs - ok
15:19:34.0360 2720 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
15:19:34.0407 2720 rspndr - ok
15:19:34.0485 2720 RSUSBSTOR (be29b0a3ac1e8bd02ffab8cee86badfa) C:\Windows\system32\Drivers\RtsUStor.sys
15:19:34.0516 2720 RSUSBSTOR - ok
15:19:34.0579 2720 RTL8167 (2777226ee8bf50b059d7a7c90177e99c) C:\Windows\system32\DRIVERS\Rt64win7.sys
15:19:34.0610 2720 RTL8167 - ok
15:19:34.0625 2720 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:19:34.0657 2720 SamSs - ok
15:19:34.0688 2720 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
15:19:34.0719 2720 sbp2port - ok
15:19:34.0750 2720 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
15:19:34.0844 2720 SCardSvr - ok
15:19:34.0875 2720 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
15:19:34.0953 2720 scfilter - ok
15:19:35.0015 2720 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
15:19:35.0093 2720 Schedule - ok
15:19:35.0140 2720 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
15:19:35.0187 2720 SCPolicySvc - ok
15:19:35.0218 2720 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
15:19:35.0265 2720 SDRSVC - ok
15:19:35.0343 2720 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
15:19:35.0421 2720 secdrv - ok
15:19:35.0468 2720 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
15:19:35.0483 2720 seclogon - ok
15:19:35.0561 2720 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
15:19:35.0608 2720 SENS - ok
15:19:35.0655 2720 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
15:19:35.0686 2720 SensrSvc - ok
15:19:35.0733 2720 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
15:19:35.0780 2720 Serenum - ok
15:19:35.0827 2720 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
15:19:35.0842 2720 Serial - ok
15:19:35.0905 2720 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
15:19:35.0967 2720 sermouse - ok
15:19:36.0029 2720 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
15:19:36.0107 2720 SessionEnv - ok
15:19:36.0154 2720 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
15:19:36.0201 2720 sffdisk - ok
15:19:36.0232 2720 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
15:19:36.0279 2720 sffp_mmc - ok
15:19:36.0310 2720 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
15:19:36.0373 2720 sffp_sd - ok
15:19:36.0388 2720 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
15:19:36.0419 2720 sfloppy - ok
15:19:36.0513 2720 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
15:19:36.0560 2720 Sftfs - ok
15:19:36.0638 2720 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
15:19:36.0669 2720 sftlist - ok
15:19:36.0778 2720 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
15:19:36.0809 2720 Sftplay - ok
15:19:36.0825 2720 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
15:19:36.0825 2720 Sftredir - ok
15:19:36.0934 2720 SftService (e1974a92ac0914a3859359a0a8c82c68) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
15:19:36.0981 2720 SftService - ok
15:19:37.0028 2720 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
15:19:37.0043 2720 Sftvol - ok
15:19:37.0121 2720 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
15:19:37.0153 2720 sftvsa - ok
15:19:37.0231 2720 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
15:19:37.0324 2720 SharedAccess - ok
15:19:37.0371 2720 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
15:19:37.0449 2720 ShellHWDetection - ok
15:19:37.0496 2720 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:19:37.0527 2720 SiSRaid2 - ok
15:19:37.0543 2720 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
15:19:37.0558 2720 SiSRaid4 - ok
15:19:37.0605 2720 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
15:19:37.0699 2720 Smb - ok
15:19:37.0745 2720 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
15:19:37.0808 2720 SNMPTRAP - ok
15:19:37.0839 2720 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
15:19:37.0870 2720 spldr - ok
15:19:37.0901 2720 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
15:19:37.0948 2720 Spooler - ok
15:19:38.0089 2720 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
15:19:38.0182 2720 sppsvc - ok
15:19:38.0276 2720 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
15:19:38.0354 2720 sppuinotify - ok
15:19:38.0463 2720 sptd (dfc4e2081324e505ca479e473a78d893) C:\Windows\System32\Drivers\sptd.sys
15:19:38.0479 2720 sptd - ok
15:19:38.0510 2720 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
15:19:38.0572 2720 srv - ok
15:19:38.0619 2720 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
15:19:38.0650 2720 srv2 - ok
15:19:38.0681 2720 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
15:19:38.0713 2720 srvnet - ok
15:19:38.0775 2720 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
15:19:38.0869 2720 SSDPSRV - ok
15:19:38.0915 2720 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
15:19:38.0947 2720 SstpSvc - ok
15:19:39.0071 2720 STacSV (9547816fdfb53bf023d6df57b42f8ede) C:\Program Files\IDT\WDM\STacSV64.exe
15:19:39.0118 2720 STacSV - ok
15:19:39.0243 2720 Stereo Service (9e1222c417291bc836210743624a8e5e) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
15:19:39.0290 2720 Stereo Service - ok
15:19:39.0337 2720 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
15:19:39.0352 2720 stexstor - ok
15:19:39.0415 2720 STHDA (0eed97162cbc151f072e2d36a3fdbf62) C:\Windows\system32\DRIVERS\stwrt64.sys
15:19:39.0477 2720 STHDA - ok
15:19:39.0555 2720 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
15:19:39.0649 2720 stisvc - ok
15:19:39.0727 2720 stllssvr (7731f46ec0d687a931cba063e8f90ef0) c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
15:19:39.0758 2720 stllssvr - ok
15:19:39.0820 2720 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
15:19:39.0851 2720 swenum - ok
15:19:39.0898 2720 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
15:19:39.0976 2720 swprv - ok
15:19:40.0085 2720 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
15:19:40.0148 2720 SysMain - ok
15:19:40.0241 2720 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
15:19:40.0288 2720 TabletInputService - ok
15:19:40.0366 2720 tap0901 (f0b9d3ed88e56d3cd713dff21e42aaf0) C:\Windows\system32\DRIVERS\tap0901.sys
15:19:40.0429 2720 tap0901 - ok
15:19:40.0475 2720 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
15:19:40.0569 2720 TapiSrv - ok
15:19:40.0616 2720 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
15:19:40.0663 2720 TBS - ok
15:19:40.0819 2720 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
15:19:40.0850 2720 Tcpip - ok
15:19:41.0053 2720 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
15:19:41.0084 2720 TCPIP6 - ok
15:19:41.0131 2720 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
15:19:41.0209 2720 tcpipreg - ok
15:19:41.0255 2720 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
15:19:41.0302 2720 TDPIPE - ok
15:19:41.0333 2720 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
15:19:41.0396 2720 TDTCP - ok
15:19:41.0443 2720 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
15:19:41.0489 2720 tdx - ok
15:19:41.0521 2720 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
15:19:41.0521 2720 TermDD - ok
15:19:41.0567 2720 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
15:19:41.0614 2720 TermService - ok
15:19:41.0630 2720 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
15:19:41.0692 2720 Themes - ok
15:19:41.0739 2720 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
15:19:41.0801 2720 THREADORDER - ok
15:19:41.0833 2720 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
15:19:41.0911 2720 TrkWks - ok
15:19:41.0973 2720 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
15:19:42.0067 2720 TrustedInstaller - ok
15:19:42.0129 2720 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:19:42.0207 2720 tssecsrv - ok
15:19:42.0254 2720 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
15:19:42.0285 2720 TsUsbFlt - ok
15:19:42.0488 2720 TuneUp.UtilitiesSvc (dc0f2a0c445ef104bc240954d3a460c2) C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
15:19:42.0519 2720 TuneUp.UtilitiesSvc - ok
15:19:42.0581 2720 TuneUpUtilitiesDrv (dcc94c51d27c7ec0dadeca8f64c94fcf) C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys
15:19:42.0613 2720 TuneUpUtilitiesDrv - ok
15:19:42.0769 2720 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
15:19:42.0878 2720 tunnel - ok
15:19:42.0925 2720 TurboB (fd24f98d2898be093fe926604be7db99) C:\Windows\system32\DRIVERS\TurboB.sys
15:19:42.0956 2720 TurboB - ok
15:19:42.0987 2720 TurboBoost (600b406a04d90f577fea8a88d7379f08) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
15:19:43.0003 2720 TurboBoost - ok
15:19:43.0034 2720 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
15:19:43.0049 2720 uagp35 - ok
15:19:43.0159 2720 UCManSvc (f7df6654663ad07dab615a7af513d90c) C:\Program Files (x86)\SoftDenchi\UCManSvc.exe
15:19:43.0174 2720 UCManSvc ( UnsignedFile.Multi.Generic ) - warning
15:19:43.0174 2720 UCManSvc - detected UnsignedFile.Multi.Generic (1)
15:19:43.0221 2720 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
15:19:43.0283 2720 udfs - ok
15:19:43.0330 2720 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
15:19:43.0361 2720 UI0Detect - ok
15:19:43.0424 2720 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
15:19:43.0455 2720 uliagpkx - ok
15:19:43.0517 2720 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
15:19:43.0580 2720 umbus - ok
15:19:43.0627 2720 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
15:19:43.0673 2720 UmPass - ok
15:19:43.0876 2720 UNS (eb79c6c91a99930015ef29ae7fa802d1) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
15:19:43.0939 2720 UNS - ok
15:19:44.0032 2720 UnsignedThemes (8f387a1cc015a3f5020700c657a0fc85) C:\Windows\UnsignedThemesSvc.exe
15:19:44.0063 2720 UnsignedThemes - ok
15:19:44.0141 2720 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
15:19:44.0188 2720 upnphost - ok
15:19:44.0329 2720 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
15:19:44.0375 2720 usbaudio - ok
15:19:44.0422 2720 usbccgp (481dff26b4dca8f4cbac1f7dce1d6829) C:\Windows\system32\drivers\usbccgp.sys
15:19:44.0485 2720 usbccgp - ok
15:19:44.0531 2720 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
15:19:44.0563 2720 usbcir - ok
15:19:44.0578 2720 usbehci (74ee782b1d9c241efe425565854c661c) C:\Windows\system32\drivers\usbehci.sys
15:19:44.0625 2720 usbehci - ok
15:19:44.0656 2720 usbhub (dc96bd9ccb8403251bcf25047573558e) C:\Windows\system32\drivers\usbhub.sys
15:19:44.0672 2720 usbhub - ok
15:19:44.0687 2720 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\drivers\usbohci.sys
15:19:44.0750 2720 usbohci - ok
15:19:44.0781 2720 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
15:19:44.0843 2720 usbprint - ok
15:19:44.0906 2720 USBSTOR (d76510cfa0fc09023077f22c2f979d86) C:\Windows\system32\drivers\USBSTOR.SYS
15:19:44.0953 2720 USBSTOR - ok
15:19:44.0984 2720 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\drivers\usbuhci.sys
15:19:45.0031 2720 usbuhci - ok
15:19:45.0062 2720 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
15:19:45.0109 2720 usbvideo - ok
15:19:45.0171 2720 uxpatch (297ee9c666fc8bb96a232db0ddba1e49) C:\Windows\system32\drivers\uxpatch.sys
15:19:45.0202 2720 uxpatch - ok
15:19:45.0233 2720 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
15:19:45.0311 2720 UxSms - ok
15:19:45.0374 2720 UxTuneUp (04611bc8f101ef6bae519260ee4225d4) C:\Windows\System32\uxtuneup.dll
15:19:45.0389 2720 UxTuneUp - ok
15:19:45.0421 2720 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:19:45.0436 2720 VaultSvc - ok
15:19:45.0499 2720 VClone (fd911873c0bb6945fa38c16e9a2b58f9) C:\Windows\system32\DRIVERS\VClone.sys
15:19:45.0561 2720 VClone - ok
15:19:45.0608 2720 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
15:19:45.0639 2720 vdrvroot - ok
15:19:45.0686 2720 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
15:19:45.0717 2720 vds - ok
15:19:45.0764 2720 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
15:19:45.0811 2720 vga - ok
15:19:45.0826 2720 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
15:19:45.0889 2720 VgaSave - ok
15:19:45.0951 2720 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
15:19:45.0982 2720 vhdmp - ok
15:19:46.0029 2720 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
15:19:46.0060 2720 viaide - ok
15:19:46.0076 2720 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
15:19:46.0091 2720 volmgr - ok
15:19:46.0123 2720 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
15:19:46.0154 2720 volmgrx - ok
15:19:46.0185 2720 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
15:19:46.0216 2720 volsnap - ok
15:19:46.0294 2720 vproiah (f93c87c70a830d0803235b51bb7678a5) C:\Windows\system32\DRIVERS\vproiah.sys
15:19:46.0325 2720 vproiah - ok
15:19:46.0403 2720 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
15:19:46.0419 2720 vsmraid - ok
15:19:46.0497 2720 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
15:19:46.0575 2720 VSS - ok
15:19:46.0684 2720 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
15:19:46.0731 2720 vwifibus - ok
15:19:46.0778 2720 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
15:19:46.0809 2720 vwififlt - ok
15:19:46.0809 2720 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
15:19:46.0825 2720 vwifimp - ok
15:19:46.0871 2720 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
15:19:46.0918 2720 W32Time - ok
15:19:46.0949 2720 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
15:19:46.0949 2720 WacomPen - ok
15:19:47.0027 2720 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
15:19:47.0105 2720 WANARP - ok
15:19:47.0105 2720 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
15:19:47.0121 2720 Wanarpv6 - ok
15:19:47.0230 2720 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
15:19:47.0261 2720 WatAdminSvc - ok
15:19:47.0355 2720 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
15:19:47.0417 2720 wbengine - ok
15:19:47.0527 2720 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
15:19:47.0573 2720 WbioSrvc - ok
15:19:47.0605 2720 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
15:19:47.0683 2720 wcncsvc - ok
15:19:47.0698 2720 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
15:19:47.0745 2720 WcsPlugInService - ok
15:19:47.0792 2720 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
15:19:47.0823 2720 Wd - ok
15:19:47.0854 2720 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
15:19:47.0901 2720 Wdf01000 - ok
15:19:47.0917 2720 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
15:19:47.0932 2720 WdiServiceHost - ok
15:19:47.0932 2720 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
15:19:47.0948 2720 WdiSystemHost - ok
15:19:48.0010 2720 wdkmd (94dc2bf6cbaaa95e369c3756d3115a76) C:\Windows\system32\DRIVERS\WDKMD.sys
15:19:48.0026 2720 wdkmd - ok
15:19:48.0057 2720 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
15:19:48.0104 2720 WebClient - ok
15:19:48.0151 2720 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
15:19:48.0229 2720 Wecsvc - ok
15:19:48.0260 2720 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
15:19:48.0338 2720 wercplsupport - ok
15:19:48.0369 2720 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
15:19:48.0416 2720 WerSvc - ok
15:19:48.0478 2720 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
15:19:48.0541 2720 WfpLwf - ok
15:19:48.0556 2720 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
15:19:48.0572 2720 WimFltr - ok
15:19:48.0587 2720 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
15:19:48.0587 2720 WIMMount - ok
15:19:48.0665 2720 WinDefend - ok
15:19:48.0681 2720 WinHttpAutoProxySvc - ok
15:19:48.0728 2720 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
15:19:48.0790 2720 Winmgmt - ok
15:19:48.0868 2720 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
15:19:48.0962 2720 WinRM - ok
15:19:49.0133 2720 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
15:19:49.0149 2720 WinUsb - ok
15:19:49.0227 2720 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
15:19:49.0289 2720 Wlansvc - ok
15:19:49.0399 2720 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
15:19:49.0430 2720 wlcrasvc - ok
15:19:49.0617 2720 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:19:49.0664 2720 wlidsvc - ok
15:19:49.0773 2720 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
15:19:49.0789 2720 WmiAcpi - ok
15:19:49.0867 2720 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
15:19:49.0898 2720 wmiApSrv - ok
15:19:49.0945 2720 WMPNetworkSvc - ok
15:19:50.0007 2720 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
15:19:50.0054 2720 WPCSvc - ok
15:19:50.0085 2720 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
15:19:50.0101 2720 WPDBusEnum - ok
15:19:50.0116 2720 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
15:19:50.0194 2720 ws2ifsl - ok
15:19:50.0210 2720 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
15:19:50.0272 2720 wscsvc - ok
15:19:50.0272 2720 WSearch - ok
15:19:50.0413 2720 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
15:19:50.0459 2720 wuauserv - ok
15:19:50.0569 2720 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
15:19:50.0647 2720 WudfPf - ok
15:19:50.0725 2720 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:19:50.0803 2720 WUDFRd - ok
15:19:50.0834 2720 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
15:19:50.0865 2720 wudfsvc - ok
15:19:50.0896 2720 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
15:19:50.0959 2720 WwanSvc - ok
15:19:51.0052 2720 X6va008 - ok
15:19:51.0099 2720 X6va009 - ok
15:19:51.0161 2720 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys
15:19:51.0224 2720 yukonw7 - ok
15:19:51.0239 2720 ZTEusbmdm6k - ok
15:19:51.0255 2720 ZTEusbnmea - ok
15:19:51.0271 2720 ZTEusbser6k - ok
15:19:51.0302 2720 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
15:19:51.0598 2720 \Device\Harddisk0\DR0 - ok
15:19:51.0614 2720 Boot (0x1200) (b4a651ea79a9998884da67ecffb5e2e7) \Device\Harddisk0\DR0\Partition0
15:19:51.0614 2720 \Device\Harddisk0\DR0\Partition0 - ok
15:19:51.0645 2720 Boot (0x1200) (146399bf8fd3a9fecee900bb269d0d87) \Device\Harddisk0\DR0\Partition1
15:19:51.0645 2720 \Device\Harddisk0\DR0\Partition1 - ok
15:19:51.0645 2720 ============================================================
15:19:51.0645 2720 Scan finished
15:19:51.0645 2720 ============================================================
15:19:51.0676 2412 Detected object count: 6
15:19:51.0676 2412 Actual detected object count: 6
15:20:03.0205 2412 Bluetooth Device Monitor ( UnsignedFile.Multi.Generic ) - skipped by user
15:20:03.0205 2412 Bluetooth Device Monitor ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:20:03.0220 2412 Bluetooth Media Service ( UnsignedFile.Multi.Generic ) - skipped by user
15:20:03.0220 2412 Bluetooth Media Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:20:03.0220 2412 DockLoginService ( UnsignedFile.Multi.Generic ) - skipped by user
15:20:03.0220 2412 DockLoginService ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:20:03.0220 2412 FAService ( UnsignedFile.Multi.Generic ) - skipped by user
15:20:03.0220 2412 FAService ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:20:03.0220 2412 pcapsvc ( UnsignedFile.Multi.Generic ) - skipped by user
15:20:03.0220 2412 pcapsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:20:03.0220 2412 UCManSvc ( UnsignedFile.Multi.Generic ) - skipped by user
15:20:03.0220 2412 UCManSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
  • 0

#8
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
What are your current issues with your computer?
  • 0

#9
finn the human

finn the human

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
I'm really not sure but to me it seems fine now. So it is mean that my computer is clean?
  • 0

#10
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts

So it is mean that my computer is clean?

Not necessarily but it means the major issues are gone. Please continue by running the following steps:







Step 1.



Double Click MalwareByte's AntiMalware, we just want to run it on demand.
  • Click the update tab and check for updates.
  • If an update is found, it will download and install the latest version.
  • Once the update has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish, so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.


Extra Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.



Step 2.

Run ESET Online Scan

Note: You can use either Internet Explorer or Mozilla FireFox for this scan.

Vista / 7 users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.

Please go here then click on: Posted Image

If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
All of the following instructions work with either Internet Explorer or Mozilla FireFox.

  • Select the option YES, I accept the Terms of Use then click on: Posted Image
  • When prompted allow Add-On/Active X to install.
  • Make sure that the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: Posted Image
  • The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically. The scan may take several hours.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close, make sure you copy the logfile first!
  • Now click on: Posted Image
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.


Step 3.

Security Check
Download Security Check by screen317 from here or here.

Save it to your Desktop.
Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.


Step 4.

Please post:


mbam log
eset log
security check log


Please give me an update on how your computer is doing!
  • 0

Advertisements


#11
finn the human

finn the human

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
until now everything seems fine. Here are the logs.


mbam log


Malwarebytes Anti-Malware (Trial) 1.62.0.1300
www.malwarebytes.org

Database version: v2012.07.14.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Lelouch :: LELOUCH-PC [administrator]

Protection: Disabled

14/7/2012 2:51:07 PM
mbam-log-2012-07-14 (14-51-07).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 236269
Time elapsed: 3 minute(s), 29 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)



eset log


C:\Program Files (x86)\Dell DataSafe Local Backup\hstart.exe a variant of Win32/HiddenStart.A application cleaned by deleting - quarantined
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe a variant of Win32/HiddenStart.A application cleaned by deleting - quarantined
C:\Users\Lelouch\Downloads\Cherry.Tree.High.Comedy.Club.v1.0.full-THETA.rar probably a variant of Win32/HackTool.YJOMXB application deleted - quarantined
C:\Users\Lelouch\Downloads\Programs\CrystalDiskInfo5_0_0Shizuku-en.exe Win32/OpenCandy application cleaned by deleting - quarantined
C:\Users\Lelouch\Downloads\Software\Unlocker1.9.1-x64.exe a variant of Win32/Toolbar.Babylon application cleaned by deleting - quarantined



security check log

Results of screen317's Security Check version 0.99.42
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
avast! Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.62.0.1300
TuneUp Utilities 2012
TuneUp Utilities Language Pack (en-US)
TuneUp Utilities 2012
TuneUp Utilities Language Pack (en-US)
Java™ 6 Update 33
Java version out of Date!
Adobe Flash Player 10 Flash Player out of Date!
Adobe Flash Player 11.2.202.235 Flash Player out of Date!
Adobe Reader X (10.1.3)
Mozilla Firefox (13.0.1)
Google Chrome 20.0.1132.47
Google Chrome 20.0.1132.57
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
AVAST Software Avast AvastSvc.exe
AVAST Software Avast AvastUI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````
  • 0

#12
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
Step 1.

Clear the Java Cache by following the instructions here


Step 2.

Update Java

Please download JavaRa to your desktop and unzip it to its own folder

Run JavaRa.exe, pick the language of your choice and click Select. Then click Remove Older Versions.
Accept any prompts.
Open JavaRa.exe again and select Search For Updates.
Select Update Using Sun Java's Website then click Search and click on the Open Webpage button. Download and install the latest Java Runtime Environment (JRE) version for your computer.


Step 3.

Update adobe flash player

We need to uninstall the existing flash player(s). Please go here
Follow steps 1. to 4.
Once flash player is uninstalled go on to the next paragraph.

You will need to download and install both the IE and non-IE versions of Adobe Flashplayer. Make sure to uncheck the install of the McAfee tool before downloading. You will need to select your operating system (Windows 7 64-bit) and then each version to download and install separately.



Then come back and give me an update on your computer
  • 0

#13
finn the human

finn the human

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
After I updated JRE and Adobe Flash Player, it seems nothing wrong has appear. So, what should I do next?
  • 0

#14
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts

it seems nothing wrong has appear

That is good news!

So, what should I do next?


Subject to no further problems :)

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Your log now appears clean :thumbsup:

The following will implement some cleanup procedures as well as reset System Restore points:

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :Commands
    [resethosts]
    [emptytemp]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done

Remove ComboFix

  • Hold down the Windows key + R on your keyboard. This will display the Run dialogue box
  • In the Run box, type in ComboFix /Uninstall (Notice the space between the "x" and "/") then click OK

    Posted Image
  • Follow the prompts on the screen
  • A message should appear confirming that ComboFix was uninstalled

Run OTL and hit the Cleanup button. It will remove all the programs we have used plus itself.

We will now confirm that your hidden files are set to that, as some of the tools I use will change that
  • Click Start.
  • Open My Computer.
  • Select the Tools menu and click Folder Options.
  • Select the View Tab.
  • Under the Hidden files and folders heading select Do not show hidden files and folders.
  • Click Yes to confirm.
  • Click OK.


SPRING CLEAN

To manually create a new Restore Point
  • Go to Control Panel and select System
  • Select System
  • On the left select System Protection and accept the warning if you get one
  • Select System Protection Tab
  • Select Create at the bottom
  • Type in a name i.e. Clean
  • Select Create

Now we can purge the infected ones
  • GoStart > All programs > Accessories > system tools
  • Right click Disc cleanup and select run as administrator
  • Select Your main drive and accept the warning if you get one
  • For a few moments the system will make some calculations
  • Select the More Options tab
  • In the System Restore and Shadow Backups select Clean up
  • Select Delete on the pop up
  • Select OK
  • Select Delete

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programs:
Posted Image
Malwarebytes. Update and run weekly to keep your system clean

Download and install FileHippo update checker and run it monthly it will show you which programmes on your system need updating and give a download link

It is critical to have both a firewall and anti virus to protect your system and to keep them updated. To keep your operating system up to date visit

To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?

Keep safe :wave:
  • 0

#15
finn the human

finn the human

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
Okay, thanks for spending your time to solve my problem. I'm really appreciates it. I'll will reply if any problems appear. Thank you very much.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP