Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Multiple severe trojan infections. [Solved]

Started by Ren12 , Jul 30 2012 09:32 PM

This topic is locked

#16
Ren12

Posted 31 July 2012 - 03:00 PM

Member

Topic Starter
Member
180 posts

All is working good so far. Should I uninstall any of the programs you told me? There is also 3 quarantined viruses on MSE. What should I do with those?

I also run a quick scan which everything seems good so far. My history still has the quanrtined items.
Thank you for your time though. Your help is truly appreciated as a humanitarian to everyone

Edited by Ren12, 31 July 2012 - 03:01 PM.

#17
Essexboy

Posted 31 July 2012 - 03:01 PM

GeekU Moderator

Retired Staff
69,964 posts

Delete the files from quarantine

Subject to no further problems

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Run OTL

Under the Custom Scans/Fixes box at the bottom, paste in the following

:Commands
[resethosts]
[emptytemp]
[Reboot]

Then click the Run Fix button at the top
Let the program run unhindered, reboot the PC when it is done

Remove ComboFix

Hold down the Windows key + R on your keyboard. This will display the Run dialogue box
In the Run box, type in ComboFix /Uninstall (Notice the space between the "x" and "/") then click OK
Follow the prompts on the screen
A message should appear confirming that ComboFix was uninstalled

Run OTL and hit the cleanup button. It will remove all the programmes we have used plus itself.

We will now confirm that your hidden files are set to that, as some of the tools I use will change that

Go to control panel
Select folder options (Appearance > Folder options in category view)
Select the View Tab.
Under the Hidden files and folders heading select Do not show hidden files and folders.
Click Yes to confirm.
Click OK.

Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system.
Please follow these steps to remove older version of Java components and upgrade the application.

Upgrading Java:

Go to this site and click Do I have Java
It will check your current version and then offer to update to the latest version

SPRING CLEAN

To manually create a new Restore Point

Go to Control Panel and select System
Select System
On the left select System Protection and accept the warning if you get one
Select System Protection Tab
Select Create at the bottom
Type in a name i.e. Clean
Select Create

Now we can purge the infected ones

GoStart > All programs > Accessories > system tools
Right click Disc cleanup and select run as administrator
Select Your main drive and accept the warning if you get one
For a few moments the system will make some calculations
Select the More Options tab
In the System Restore and Shadow Backups select Clean up
Select Delete on the pop up
Select OK
Select Delete

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:
Posted Image

Malwarebytes. Update and run weekly to keep your system clean

Download and install FileHippo update checker and run it monthly it will show you which programmes on your system need updating and give a download link

It is critical to have both a firewall and anti virus to protect your system and to keep them updated. To keep your operating system up to date visit

Microsoft Windows Update

To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?

Keep safe :wave:

#18
Ren12

Posted 31 July 2012 - 03:20 PM

Member

Topic Starter
Member
180 posts

We will now confirm that your hidden files are set to that, as some of the tools I use will change that
Go to control panel
Select folder options (Appearance > Folder options in category view)
Select the View Tab.
Under the Hidden files and folders heading select Do not show hidden files and folders.
Click Yes to confirm.
Click OK.

I'm lost here.

Also I couldn't uninstall combo fix. When I did what you said it said that windows could not find the program after tpying it in. So i had to manually delete it from desktop.

Procedding to java download.

#19
Essexboy

Posted 31 July 2012 - 03:33 PM

GeekU Moderator

Retired Staff
69,964 posts

Not a problem OTL will remove any combofix left

[attachment=59344:Capture.GIF]

#20
Ren12

Posted 31 July 2012 - 03:38 PM

Member

Topic Starter
Member
180 posts

Thanks I appreciate your help. Should I use MSE or Malwarebytes. Most of my friends use MSE.

I will watch myself when I got to any suspicious website to prevent any more attacks on my computer and so that I won't have to ask for your time again.

I will let you know the condition of my computers after 24 hours like you requested.

Thank you very much.

#21
Essexboy

Posted 31 July 2012 - 03:43 PM

GeekU Moderator

Retired Staff
69,964 posts

MSE and malwarebytes are two different animals .. You can safely run both to enhance your security

#22
Ren12

Posted 31 July 2012 - 03:45 PM

Member

Topic Starter
Member
180 posts

MSE and malwarebytes are two different animals .. You can safely run both to enhance your security

Thank you.

Also, one last problem. How do I fix my MSE. It freezes when it runs a full scan.

#23
Essexboy

Posted 01 August 2012 - 11:20 AM

GeekU Moderator

Retired Staff
69,964 posts

Does it freeze on a specific file or folder ?

#24
Essexboy

Posted 04 August 2012 - 10:19 AM

GeekU Moderator

Retired Staff
69,964 posts

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.

#25
Essexboy

Posted 04 August 2012 - 01:30 PM

GeekU Moderator

Retired Staff
69,964 posts

Which folder does it stick on ?

#26
Ren12

Posted 04 August 2012 - 01:45 PM

Member

Topic Starter
Member
180 posts

It used to get stuck on Online file from prohram files. It seems to keep scanning the green bar isn't seem to be doing anything.

Also, i have bigger problems now that I didn't notice till now. Not sure if I should make a new topic but apparently no matter how many times I remove the virus from MSE i keep getting new different type of viruses. SO apparently the attacker keeps downloading stuff.

New detected viruses

Trojan:win32/meredrop
Trojan:win32/alureon.FO

Both have been detected 3 days ago but i've only seen the effects till now.

They keep messing up with my browser.It keeps freezing especially on youtube videos and whatnot and I can't hear sound.

#27
Essexboy

Posted 04 August 2012 - 01:50 PM

GeekU Moderator

Retired Staff
69,964 posts

OK lets see where that is hiding

Download the latest version of TDSSKiller from here and save it to your Desktop.

Doubleclick on TDSSKiller.exe to run the application
Then click on Change parameters.
Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
Click the Start Scan button.
If a suspicious object is detected, the default action will be Skip, click on Continue.
If malicious objects are found, they will show in the Scan results and offer three (3) options.
Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Get the report by selecting Reports
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

Please copy and paste its contents on your next reply.

#28
Ren12

Posted 04 August 2012 - 02:14 PM

Member

Topic Starter
Member
180 posts

16:11:42.0579 7132 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
16:11:42.0858 7132 ============================================================
16:11:42.0859 7132 Current date / time: 2012/08/04 16:11:42.0858
16:11:42.0859 7132 SystemInfo:
16:11:42.0859 7132
16:11:42.0859 7132 OS Version: 6.1.7601 ServicePack: 1.0
16:11:42.0859 7132 Product type: Workstation
16:11:42.0859 7132 ComputerName: RENATO-PC
16:11:42.0859 7132 UserName: Renato
16:11:42.0859 7132 Windows directory: C:\Windows
16:11:42.0859 7132 System windows directory: C:\Windows
16:11:42.0860 7132 Running under WOW64
16:11:42.0860 7132 Processor architecture: Intel x64
16:11:42.0860 7132 Number of processors: 4
16:11:42.0860 7132 Page size: 0x1000
16:11:42.0860 7132 Boot type: Normal boot
16:11:42.0860 7132 ============================================================
16:11:44.0199 7132 Drive \Device\Harddisk0\DR0 - Size: 0xE8D4A50000 (931.32 Gb), SectorSize: 0x200, Cylinders: 0x1DAE8, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:11:44.0235 7132 ============================================================
16:11:44.0235 7132 \Device\Harddisk0\DR0:
16:11:44.0235 7132 MBR partitions:
16:11:44.0235 7132 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
16:11:44.0235 7132 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x72F54800
16:11:44.0235 7132 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x72F87000, BlocksNum 0x171D800
16:11:44.0235 7132 ============================================================
16:11:44.0260 7132 C: <-> \Device\Harddisk0\DR0\Partition1
16:11:44.0310 7132 D: <-> \Device\Harddisk0\DR0\Partition2
16:11:44.0310 7132 ============================================================
16:11:44.0310 7132 Initialize success
16:11:44.0310 7132 ============================================================
16:12:01.0716 6048 ============================================================
16:12:01.0716 6048 Scan started
16:12:01.0716 6048 Mode: Manual; SigCheck; TDLFS;
16:12:01.0716 6048 ============================================================
16:12:02.0113 6048 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
16:12:02.0294 6048 1394ohci - ok
16:12:02.0378 6048 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
16:12:02.0420 6048 ACPI - ok
16:12:02.0463 6048 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
16:12:02.0541 6048 AcpiPmi - ok
16:12:02.0666 6048 AdobeARMservice (11a52cf7b265631deeb24c6149309eff) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:12:02.0692 6048 AdobeARMservice - ok
16:12:02.0844 6048 AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:12:02.0876 6048 AdobeFlashPlayerUpdateSvc - ok
16:12:02.0960 6048 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
16:12:03.0034 6048 adp94xx - ok
16:12:03.0099 6048 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
16:12:03.0151 6048 adpahci - ok
16:12:03.0183 6048 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
16:12:03.0219 6048 adpu320 - ok
16:12:03.0264 6048 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
16:12:03.0409 6048 AeLookupSvc - ok
16:12:03.0504 6048 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
16:12:03.0562 6048 AFD - ok
16:12:03.0605 6048 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
16:12:03.0636 6048 agp440 - ok
16:12:03.0664 6048 ahcix64s (aa3f73ccbf498bd56800f840d75e40e4) C:\Windows\system32\DRIVERS\ahcix64s.sys
16:12:03.0704 6048 ahcix64s - ok
16:12:03.0719 6048 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
16:12:03.0787 6048 ALG - ok
16:12:03.0815 6048 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
16:12:03.0843 6048 aliide - ok
16:12:03.0887 6048 AMD External Events Utility (998021e7c3de3e97e441abace498ffb6) C:\Windows\system32\atiesrxx.exe
16:12:04.0032 6048 AMD External Events Utility - ok
16:12:04.0039 6048 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
16:12:04.0068 6048 amdide - ok
16:12:04.0109 6048 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
16:12:04.0223 6048 AmdK8 - ok
16:12:04.0900 6048 amdkmdag (250d5b746fff9b7d88591ee60b63b3e4) C:\Windows\system32\DRIVERS\atikmdag.sys
16:12:05.0239 6048 amdkmdag - ok
16:12:05.0409 6048 amdkmdap (781daec0c3e63950cca53d193582f2e8) C:\Windows\system32\DRIVERS\atikmpag.sys
16:12:05.0467 6048 amdkmdap - ok
16:12:05.0511 6048 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
16:12:05.0562 6048 AmdPPM - ok
16:12:05.0614 6048 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
16:12:05.0647 6048 amdsata - ok
16:12:05.0694 6048 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
16:12:05.0730 6048 amdsbs - ok
16:12:05.0756 6048 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
16:12:05.0785 6048 amdxata - ok
16:12:05.0878 6048 AMD_RAIDXpert (2b8d1c23d204c0e70eff48a3ffa1c67b) C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
16:12:06.0002 6048 AMD_RAIDXpert ( UnsignedFile.Multi.Generic ) - warning
16:12:06.0002 6048 AMD_RAIDXpert - detected UnsignedFile.Multi.Generic (1)
16:12:06.0068 6048 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
16:12:06.0256 6048 AppID - ok
16:12:06.0272 6048 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
16:12:06.0379 6048 AppIDSvc - ok
16:12:06.0414 6048 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
16:12:06.0515 6048 Appinfo - ok
16:12:06.0566 6048 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
16:12:06.0597 6048 arc - ok
16:12:06.0617 6048 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
16:12:06.0650 6048 arcsas - ok
16:12:06.0682 6048 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
16:12:06.0785 6048 AsyncMac - ok
16:12:06.0843 6048 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
16:12:06.0872 6048 atapi - ok
16:12:07.0011 6048 athr (7d89b0c443f6068e5b27aa3b972069ff) C:\Windows\system32\DRIVERS\athrx.sys
16:12:07.0132 6048 athr - ok
16:12:07.0271 6048 AtiHdmiService (77c149e6d702737b2e372dee166faef8) C:\Windows\system32\drivers\AtiHdmi.sys
16:12:07.0334 6048 AtiHdmiService - ok
16:12:07.0867 6048 atikmdag (250d5b746fff9b7d88591ee60b63b3e4) C:\Windows\system32\DRIVERS\atikmdag.sys
16:12:08.0146 6048 atikmdag - ok
16:12:08.0245 6048 AtiPcie (7c5d273e29dcc5505469b299c6f29163) C:\Windows\system32\DRIVERS\AtiPcie.sys
16:12:08.0269 6048 AtiPcie - ok
16:12:08.0365 6048 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
16:12:08.0498 6048 AudioEndpointBuilder - ok
16:12:08.0515 6048 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
16:12:08.0619 6048 AudioSrv - ok
16:12:08.0678 6048 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
16:12:08.0747 6048 AxInstSV - ok
16:12:08.0825 6048 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
16:12:08.0909 6048 b06bdrv - ok
16:12:08.0967 6048 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
16:12:09.0018 6048 b57nd60a - ok
16:12:09.0066 6048 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
16:12:09.0135 6048 BDESVC - ok
16:12:09.0145 6048 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
16:12:09.0248 6048 Beep - ok
16:12:09.0350 6048 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
16:12:09.0488 6048 BFE - ok
16:12:09.0588 6048 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
16:12:09.0762 6048 BITS - ok
16:12:09.0820 6048 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
16:12:09.0866 6048 blbdrive - ok
16:12:09.0912 6048 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
16:12:09.0946 6048 bowser - ok
16:12:09.0965 6048 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:12:10.0132 6048 BrFiltLo - ok
16:12:10.0145 6048 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:12:10.0206 6048 BrFiltUp - ok
16:12:10.0243 6048 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
16:12:10.0333 6048 BridgeMP - ok
16:12:10.0375 6048 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
16:12:10.0479 6048 Browser - ok
16:12:10.0531 6048 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
16:12:10.0599 6048 Brserid - ok
16:12:10.0630 6048 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
16:12:10.0680 6048 BrSerWdm - ok
16:12:10.0705 6048 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
16:12:10.0762 6048 BrUsbMdm - ok
16:12:10.0783 6048 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
16:12:10.0829 6048 BrUsbSer - ok
16:12:10.0857 6048 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
16:12:10.0911 6048 BTHMODEM - ok
16:12:10.0947 6048 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
16:12:11.0051 6048 bthserv - ok
16:12:11.0105 6048 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
16:12:11.0215 6048 cdfs - ok
16:12:11.0288 6048 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
16:12:11.0336 6048 cdrom - ok
16:12:11.0385 6048 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
16:12:11.0472 6048 CertPropSvc - ok
16:12:11.0504 6048 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
16:12:11.0540 6048 circlass - ok
16:12:11.0578 6048 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
16:12:11.0621 6048 CLFS - ok
16:12:11.0691 6048 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:12:11.0718 6048 clr_optimization_v2.0.50727_32 - ok
16:12:11.0786 6048 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:12:11.0814 6048 clr_optimization_v2.0.50727_64 - ok
16:12:11.0912 6048 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:12:11.0942 6048 clr_optimization_v4.0.30319_32 - ok
16:12:11.0976 6048 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:12:12.0004 6048 clr_optimization_v4.0.30319_64 - ok
16:12:12.0036 6048 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
16:12:12.0087 6048 CmBatt - ok
16:12:12.0122 6048 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
16:12:12.0151 6048 cmdide - ok
16:12:12.0219 6048 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
16:12:12.0304 6048 CNG - ok
16:12:12.0323 6048 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
16:12:12.0352 6048 Compbatt - ok
16:12:12.0404 6048 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
16:12:12.0460 6048 CompositeBus - ok
16:12:12.0482 6048 COMSysApp - ok
16:12:12.0514 6048 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
16:12:12.0546 6048 crcdisk - ok
16:12:12.0607 6048 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
16:12:12.0650 6048 CryptSvc - ok
16:12:12.0737 6048 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
16:12:12.0881 6048 DcomLaunch - ok
16:12:12.0932 6048 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
16:12:13.0010 6048 defragsvc - ok
16:12:13.0113 6048 Desura Install Service (2b9a817dc1bdad9ce5495099b6a7136a) C:\Program Files (x86)\Common Files\Desura\desura_service.exe
16:12:13.0408 6048 Desura Install Service - ok
16:12:13.0452 6048 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
16:12:13.0505 6048 DfsC - ok
16:12:13.0575 6048 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
16:12:13.0612 6048 Dhcp - ok
16:12:13.0630 6048 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
16:12:13.0663 6048 discache - ok
16:12:13.0685 6048 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
16:12:13.0697 6048 Disk - ok
16:12:13.0737 6048 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
16:12:13.0779 6048 Dnscache - ok
16:12:13.0823 6048 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
16:12:13.0938 6048 dot3svc - ok
16:12:13.0998 6048 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
16:12:14.0100 6048 DPS - ok
16:12:14.0150 6048 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
16:12:14.0202 6048 drmkaud - ok
16:12:14.0299 6048 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
16:12:14.0373 6048 DXGKrnl - ok
16:12:14.0420 6048 EagleX64 - ok
16:12:14.0469 6048 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
16:12:14.0579 6048 EapHost - ok
16:12:14.0813 6048 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
16:12:14.0981 6048 ebdrv - ok
16:12:15.0101 6048 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
16:12:15.0165 6048 EFS - ok
16:12:15.0261 6048 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
16:12:15.0332 6048 ehRecvr - ok
16:12:15.0364 6048 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
16:12:15.0429 6048 ehSched - ok
16:12:15.0506 6048 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
16:12:15.0566 6048 elxstor - ok
16:12:15.0601 6048 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
16:12:15.0647 6048 ErrDev - ok
16:12:15.0721 6048 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
16:12:15.0844 6048 EventSystem - ok
16:12:15.0887 6048 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
16:12:15.0997 6048 exfat - ok
16:12:16.0039 6048 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
16:12:16.0148 6048 fastfat - ok
16:12:16.0244 6048 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
16:12:16.0344 6048 Fax - ok
16:12:16.0375 6048 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
16:12:16.0421 6048 fdc - ok
16:12:16.0459 6048 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
16:12:16.0571 6048 fdPHost - ok
16:12:16.0601 6048 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
16:12:16.0694 6048 FDResPub - ok
16:12:16.0724 6048 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
16:12:16.0756 6048 FileInfo - ok
16:12:16.0776 6048 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
16:12:16.0877 6048 Filetrace - ok
16:12:16.0913 6048 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
16:12:16.0942 6048 flpydisk - ok
16:12:17.0009 6048 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
16:12:17.0053 6048 FltMgr - ok
16:12:17.0159 6048 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
16:12:17.0234 6048 FontCache - ok
16:12:17.0317 6048 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:12:17.0341 6048 FontCache3.0.0.0 - ok
16:12:17.0372 6048 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
16:12:17.0404 6048 FsDepends - ok
16:12:17.0437 6048 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
16:12:17.0468 6048 Fs_Rec - ok
16:12:17.0529 6048 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
16:12:17.0576 6048 fvevol - ok
16:12:17.0603 6048 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
16:12:17.0635 6048 gagp30kx - ok
16:12:17.0717 6048 GameConsoleService (d154305de6090e6e84e525f84bb08a06) C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
16:12:17.0748 6048 GameConsoleService - ok
16:12:17.0834 6048 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
16:12:17.0969 6048 gpsvc - ok
16:12:18.0074 6048 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:12:18.0101 6048 gupdate - ok
16:12:18.0118 6048 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:12:18.0143 6048 gupdatem - ok
16:12:18.0163 6048 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
16:12:18.0225 6048 hcw85cir - ok
16:12:18.0279 6048 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
16:12:18.0334 6048 HDAudBus - ok
16:12:18.0364 6048 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
16:12:18.0393 6048 HidBatt - ok
16:12:18.0424 6048 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
16:12:18.0478 6048 HidBth - ok
16:12:18.0501 6048 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
16:12:18.0537 6048 HidIr - ok
16:12:18.0567 6048 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
16:12:18.0677 6048 hidserv - ok
16:12:18.0738 6048 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
16:12:18.0768 6048 HidUsb - ok
16:12:18.0859 6048 HiPatchService (5a457c3d00c1c701230a12aa1580114d) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
16:12:18.0920 6048 HiPatchService ( UnsignedFile.Multi.Generic ) - warning
16:12:18.0920 6048 HiPatchService - detected UnsignedFile.Multi.Generic (1)
16:12:18.0957 6048 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
16:12:19.0064 6048 hkmsvc - ok
16:12:19.0129 6048 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
16:12:19.0203 6048 HomeGroupListener - ok
16:12:19.0253 6048 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
16:12:19.0304 6048 HomeGroupProvider - ok
16:12:19.0395 6048 HP Support Assistant Service (13bb1114451c63bfb41ba7daa4d70a29) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
16:12:19.0419 6048 HP Support Assistant Service - ok
16:12:19.0468 6048 HPDrvMntSvc.exe (bcc4a8b2e2e902f52e7f2e7d8e125765) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
16:12:19.0492 6048 HPDrvMntSvc.exe - ok
16:12:19.0559 6048 hpqwmiex (ec9739a46f1f83c6e52a7a4697f44a65) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
16:12:19.0617 6048 hpqwmiex - ok
16:12:19.0686 6048 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
16:12:19.0717 6048 HpSAMD - ok
16:12:19.0808 6048 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
16:12:19.0916 6048 HTTP - ok
16:12:19.0962 6048 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
16:12:19.0990 6048 hwpolicy - ok
16:12:20.0039 6048 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
16:12:20.0069 6048 i8042prt - ok
16:12:20.0140 6048 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
16:12:20.0192 6048 iaStorV - ok
16:12:20.0328 6048 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:12:20.0395 6048 idsvc - ok
16:12:20.0425 6048 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
16:12:20.0457 6048 iirsp - ok
16:12:20.0555 6048 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
16:12:20.0697 6048 IKEEXT - ok
16:12:20.0916 6048 IntcAzAudAddService (3c4b4ee54febb09f7e9f58776de96dca) C:\Windows\system32\drivers\RTKVHD64.sys
16:12:21.0066 6048 IntcAzAudAddService - ok
16:12:21.0202 6048 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
16:12:21.0230 6048 intelide - ok
16:12:21.0268 6048 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
16:12:21.0310 6048 intelppm - ok
16:12:21.0354 6048 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
16:12:21.0470 6048 IPBusEnum - ok
16:12:21.0522 6048 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:12:21.0623 6048 IpFilterDriver - ok
16:12:21.0684 6048 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
16:12:21.0801 6048 iphlpsvc - ok
16:12:21.0842 6048 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
16:12:21.0893 6048 IPMIDRV - ok
16:12:21.0937 6048 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
16:12:22.0041 6048 IPNAT - ok
16:12:22.0074 6048 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
16:12:22.0113 6048 IRENUM - ok
16:12:22.0139 6048 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
16:12:22.0167 6048 isapnp - ok
16:12:22.0216 6048 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
16:12:22.0256 6048 iScsiPrt - ok
16:12:22.0302 6048 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
16:12:22.0332 6048 kbdclass - ok
16:12:22.0384 6048 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
16:12:22.0414 6048 kbdhid - ok
16:12:22.0456 6048 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:12:22.0485 6048 KeyIso - ok
16:12:22.0531 6048 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
16:12:22.0563 6048 KSecDD - ok
16:12:22.0626 6048 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
16:12:22.0660 6048 KSecPkg - ok
16:12:22.0671 6048 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
16:12:22.0780 6048 ksthunk - ok
16:12:22.0834 6048 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
16:12:22.0958 6048 KtmRm - ok
16:12:23.0031 6048 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
16:12:23.0143 6048 LanmanServer - ok
16:12:23.0186 6048 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
16:12:23.0294 6048 LanmanWorkstation - ok
16:12:23.0726 6048 LeapFrog Connect Device Service (3daeb081420a871224fb6573ac5707f5) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
16:12:24.0251 6048 LeapFrog Connect Device Service - ok
16:12:24.0327 6048 LightScribeService (2238b91ac1a12cc6cc4c4fed41258b2a) c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
16:12:24.0357 6048 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
16:12:24.0357 6048 LightScribeService - detected UnsignedFile.Multi.Generic (1)
16:12:24.0502 6048 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
16:12:24.0614 6048 lltdio - ok
16:12:24.0678 6048 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
16:12:24.0816 6048 lltdsvc - ok
16:12:24.0839 6048 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
16:12:24.0928 6048 lmhosts - ok
16:12:24.0984 6048 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
16:12:25.0017 6048 LSI_FC - ok
16:12:25.0072 6048 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
16:12:25.0105 6048 LSI_SAS - ok
16:12:25.0126 6048 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:12:25.0157 6048 LSI_SAS2 - ok
16:12:25.0185 6048 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:12:25.0218 6048 LSI_SCSI - ok
16:12:25.0258 6048 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
16:12:25.0363 6048 luafv - ok
16:12:25.0408 6048 LVPr2M64 (ded333dbdbbcc3555a6e6244522e2f1a) C:\Windows\system32\DRIVERS\LVPr2M64.sys
16:12:25.0476 6048 LVPr2M64 - ok
16:12:25.0485 6048 LVPr2Mon (ded333dbdbbcc3555a6e6244522e2f1a) C:\Windows\system32\DRIVERS\LVPr2M64.sys
16:12:25.0508 6048 LVPr2Mon - ok
16:12:25.0571 6048 LVPrcS64 (a35679e56e78091e1042a2d7adbf2958) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
16:12:25.0601 6048 LVPrcS64 - ok
16:12:25.0653 6048 LVRS64 (986c1cb787a007baa5f74e7d316d7246) C:\Windows\system32\DRIVERS\lvrs64.sys
16:12:25.0700 6048 LVRS64 - ok
16:12:26.0071 6048 LVUVC64 (5747bc465abea2858c5d037252aed84e) C:\Windows\system32\DRIVERS\lvuvc64.sys
16:12:26.0404 6048 LVUVC64 - ok
16:12:26.0481 6048 McciCMService (f8b823414a22dbf3bec10dcaa5f93cd8) C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
16:12:26.0516 6048 McciCMService ( UnsignedFile.Multi.Generic ) - warning
16:12:26.0516 6048 McciCMService - detected UnsignedFile.Multi.Generic (1)
16:12:26.0623 6048 McciCMService64 (859e5a32485178daeca06b52e2bb44b2) C:\Program Files\Common Files\Motive\McciCMService.exe
16:12:26.0671 6048 McciCMService64 ( UnsignedFile.Multi.Generic ) - warning
16:12:26.0671 6048 McciCMService64 - detected UnsignedFile.Multi.Generic (1)
16:12:26.0777 6048 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
16:12:26.0812 6048 Mcx2Svc - ok
16:12:26.0854 6048 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
16:12:26.0884 6048 megasas - ok
16:12:26.0926 6048 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
16:12:26.0968 6048 MegaSR - ok
16:12:27.0010 6048 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:12:27.0102 6048 MMCSS - ok
16:12:27.0139 6048 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
16:12:27.0243 6048 Modem - ok
16:12:27.0281 6048 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
16:12:27.0316 6048 monitor - ok
16:12:27.0356 6048 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
16:12:27.0387 6048 mouclass - ok
16:12:27.0422 6048 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
16:12:27.0467 6048 mouhid - ok
16:12:27.0513 6048 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
16:12:27.0544 6048 mountmgr - ok
16:12:27.0669 6048 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:12:27.0699 6048 MozillaMaintenance - ok
16:12:27.0778 6048 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys
16:12:27.0816 6048 MpFilter - ok
16:12:27.0858 6048 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
16:12:27.0893 6048 mpio - ok
16:12:27.0920 6048 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
16:12:28.0012 6048 mpsdrv - ok
16:12:28.0101 6048 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
16:12:28.0240 6048 MpsSvc - ok
16:12:28.0311 6048 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS
16:12:28.0336 6048 MREMP50 ( UnsignedFile.Multi.Generic ) - warning
16:12:28.0336 6048 MREMP50 - detected UnsignedFile.Multi.Generic (1)
16:12:28.0392 6048 MREMP50a64 - ok
16:12:28.0401 6048 MREMPR5 - ok
16:12:28.0411 6048 MRENDIS5 - ok
16:12:28.0443 6048 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS
16:12:28.0467 6048 MRESP50 ( UnsignedFile.Multi.Generic ) - warning
16:12:28.0468 6048 MRESP50 - detected UnsignedFile.Multi.Generic (1)
16:12:28.0475 6048 MRESP50a64 - ok
16:12:28.0516 6048 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
16:12:28.0582 6048 MRxDAV - ok
16:12:28.0638 6048 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:12:28.0710 6048 mrxsmb - ok
16:12:28.0766 6048 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:12:28.0837 6048 mrxsmb10 - ok
16:12:28.0910 6048 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:12:28.0954 6048 mrxsmb20 - ok
16:12:28.0992 6048 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
16:12:29.0021 6048 msahci - ok
16:12:29.0073 6048 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
16:12:29.0108 6048 msdsm - ok
16:12:29.0144 6048 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
16:12:29.0198 6048 MSDTC - ok
16:12:29.0244 6048 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
16:12:29.0334 6048 Msfs - ok
16:12:29.0348 6048 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
16:12:29.0454 6048 mshidkmdf - ok
16:12:29.0501 6048 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
16:12:29.0530 6048 msisadrv - ok
16:12:29.0579 6048 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
16:12:29.0673 6048 MSiSCSI - ok
16:12:29.0680 6048 msiserver - ok
16:12:29.0720 6048 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
16:12:29.0821 6048 MSKSSRV - ok
16:12:29.0906 6048 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) c:\Program Files\Microsoft Security Client\MsMpEng.exe
16:12:29.0936 6048 MsMpSvc - ok
16:12:29.0951 6048 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
16:12:30.0049 6048 MSPCLOCK - ok
16:12:30.0071 6048 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
16:12:30.0171 6048 MSPQM - ok
16:12:30.0232 6048 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
16:12:30.0284 6048 MsRPC - ok
16:12:30.0327 6048 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
16:12:30.0356 6048 mssmbios - ok
16:12:30.0380 6048 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
16:12:30.0492 6048 MSTEE - ok
16:12:30.0521 6048 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
16:12:30.0550 6048 MTConfig - ok
16:12:30.0581 6048 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
16:12:30.0614 6048 Mup - ok
16:12:30.0678 6048 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
16:12:30.0803 6048 napagent - ok
16:12:30.0850 6048 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
16:12:30.0934 6048 NativeWifiP - ok
16:12:31.0031 6048 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
16:12:31.0099 6048 NDIS - ok
16:12:31.0122 6048 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
16:12:31.0214 6048 NdisCap - ok
16:12:31.0235 6048 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
16:12:31.0327 6048 NdisTapi - ok
16:12:31.0376 6048 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
16:12:31.0477 6048 Ndisuio - ok
16:12:31.0525 6048 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
16:12:31.0634 6048 NdisWan - ok
16:12:31.0690 6048 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
16:12:31.0778 6048 NDProxy - ok
16:12:31.0794 6048 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
16:12:31.0901 6048 NetBIOS - ok
16:12:31.0969 6048 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
16:12:32.0072 6048 NetBT - ok
16:12:32.0111 6048 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:12:32.0139 6048 Netlogon - ok
16:12:32.0197 6048 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
16:12:32.0324 6048 Netman - ok
16:12:32.0378 6048 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
16:12:32.0507 6048 netprofm - ok
16:12:32.0595 6048 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:12:32.0623 6048 NetTcpPortSharing - ok
16:12:32.0671 6048 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
16:12:32.0701 6048 nfrd960 - ok
16:12:32.0747 6048 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
16:12:32.0775 6048 NisDrv - ok
16:12:32.0886 6048 NisSrv (10a43829a9e606af3eef25a1c1665923) c:\Program Files\Microsoft Security Client\NisSrv.exe
16:12:32.0930 6048 NisSrv - ok
16:12:32.0978 6048 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
16:12:33.0084 6048 NlaSvc - ok
16:12:33.0112 6048 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
16:12:33.0201 6048 Npfs - ok
16:12:33.0229 6048 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
16:12:33.0332 6048 nsi - ok
16:12:33.0360 6048 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
16:12:33.0464 6048 nsiproxy - ok
16:12:33.0616 6048 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
16:12:33.0722 6048 Ntfs - ok
16:12:33.0803 6048 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
16:12:33.0912 6048 Null - ok
16:12:33.0978 6048 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
16:12:34.0013 6048 nvraid - ok
16:12:34.0059 6048 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
16:12:34.0093 6048 nvstor - ok
16:12:34.0131 6048 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
16:12:34.0164 6048 nv_agp - ok
16:12:34.0200 6048 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
16:12:34.0250 6048 ohci1394 - ok
16:12:34.0346 6048 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:12:34.0375 6048 ose - ok
16:12:34.0741 6048 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:12:35.0007 6048 osppsvc - ok
16:12:35.0137 6048 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:12:35.0187 6048 p2pimsvc - ok
16:12:35.0230 6048 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
16:12:35.0296 6048 p2psvc - ok
16:12:35.0358 6048 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
16:12:35.0388 6048 Parport - ok
16:12:35.0426 6048 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
16:12:35.0457 6048 partmgr - ok
16:12:35.0484 6048 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
16:12:35.0543 6048 PcaSvc - ok
16:12:35.0596 6048 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
16:12:35.0630 6048 pci - ok
16:12:35.0668 6048 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
16:12:35.0697 6048 pciide - ok
16:12:35.0728 6048 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
16:12:35.0765 6048 pcmcia - ok
16:12:35.0798 6048 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
16:12:35.0828 6048 pcw - ok
16:12:35.0885 6048 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
16:12:36.0008 6048 PEAUTH - ok
16:12:36.0127 6048 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
16:12:36.0180 6048 PerfHost - ok
16:12:36.0408 6048 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
16:12:36.0548 6048 pla - ok
16:12:36.0627 6048 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
16:12:36.0707 6048 PlugPlay - ok
16:12:36.0729 6048 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
16:12:36.0759 6048 PNRPAutoReg - ok
16:12:36.0793 6048 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:12:36.0829 6048 PNRPsvc - ok
16:12:36.0876 6048 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
16:12:36.0987 6048 PolicyAgent - ok
16:12:37.0017 6048 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
16:12:37.0132 6048 Power - ok
16:12:37.0200 6048 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
16:12:37.0305 6048 PptpMiniport - ok
16:12:37.0340 6048 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
16:12:37.0391 6048 Processor - ok
16:12:37.0462 6048 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
16:12:37.0529 6048 ProfSvc - ok
16:12:37.0567 6048 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:12:37.0595 6048 ProtectedStorage - ok
16:12:37.0639 6048 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
16:12:37.0745 6048 Psched - ok
16:12:37.0890 6048 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
16:12:37.0997 6048 ql2300 - ok
16:12:38.0104 6048 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
16:12:38.0138 6048 ql40xx - ok
16:12:38.0180 6048 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
16:12:38.0232 6048 QWAVE - ok
16:12:38.0267 6048 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
16:12:38.0326 6048 QWAVEdrv - ok
16:12:38.0347 6048 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
16:12:38.0437 6048 RasAcd - ok
16:12:38.0463 6048 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
16:12:38.0552 6048 RasAgileVpn - ok
16:12:38.0569 6048 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
16:12:38.0681 6048 RasAuto - ok
16:12:38.0723 6048 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:12:38.0811 6048 Rasl2tp - ok
16:12:38.0879 6048 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
16:12:38.0987 6048 RasMan - ok
16:12:39.0029 6048 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
16:12:39.0121 6048 RasPppoe - ok
16:12:39.0142 6048 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
16:12:39.0234 6048 RasSstp - ok
16:12:39.0289 6048 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
16:12:39.0397 6048 rdbss - ok
16:12:39.0428 6048 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
16:12:39.0484 6048 rdpbus - ok
16:12:39.0502 6048 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:12:39.0592 6048 RDPCDD - ok
16:12:39.0624 6048 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
16:12:39.0731 6048 RDPENCDD - ok
16:12:39.0754 6048 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
16:12:39.0842 6048 RDPREFMP - ok
16:12:39.0887 6048 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
16:12:39.0935 6048 RDPWD - ok
16:12:39.0990 6048 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
16:12:40.0028 6048 rdyboost - ok
16:12:40.0064 6048 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
16:12:40.0179 6048 RemoteAccess - ok
16:12:40.0213 6048 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
16:12:40.0315 6048 RemoteRegistry - ok
16:12:40.0340 6048 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
16:12:40.0456 6048 RpcEptMapper - ok
16:12:40.0490 6048 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
16:12:40.0537 6048 RpcLocator - ok
16:12:40.0612 6048 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\System32\rpcss.dll
16:12:40.0713 6048 RpcSs - ok
16:12:40.0756 6048 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
16:12:40.0866 6048 rspndr - ok
16:12:40.0932 6048 RTL8167 (3b01789ee4eaee97f5eb46b711387d5e) C:\Windows\system32\DRIVERS\Rt64win7.sys
16:12:40.0979 6048 RTL8167 - ok
16:12:41.0024 6048 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:12:41.0053 6048 SamSs - ok
16:12:41.0109 6048 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
16:12:41.0142 6048 sbp2port - ok
16:12:41.0192 6048 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
16:12:41.0289 6048 SCardSvr - ok
16:12:41.0330 6048 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
16:12:41.0432 6048 scfilter - ok
16:12:41.0539 6048 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
16:12:41.0681 6048 Schedule - ok
16:12:41.0729 6048 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
16:12:41.0816 6048 SCPolicySvc - ok
16:12:41.0852 6048 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
16:12:41.0926 6048 SDRSVC - ok
16:12:41.0997 6048 SeaPort (d358e077a0a05d9b12da22d137ee8464) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
16:12:42.0028 6048 SeaPort - ok
16:12:42.0083 6048 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
16:12:42.0182 6048 secdrv - ok
16:12:42.0223 6048 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
16:12:42.0310 6048 seclogon - ok
16:12:42.0338 6048 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
16:12:42.0448 6048 SENS - ok
16:12:42.0485 6048 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
16:12:42.0528 6048 SensrSvc - ok
16:12:42.0549 6048 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
16:12:42.0600 6048 Serenum - ok
16:12:42.0642 6048 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
16:12:42.0673 6048 Serial - ok
16:12:42.0712 6048 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
16:12:42.0758 6048 sermouse - ok
16:12:42.0908 6048 ServicepointService (b041aae7a14a0db47583f9c866b8b2ea) C:\Program Files (x86)\Verizon\VSP\ServicepointService.exe
16:12:42.0978 6048 ServicepointService - ok
16:12:43.0025 6048 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
16:12:43.0130 6048 SessionEnv - ok
16:12:43.0169 6048 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
16:12:43.0231 6048 sffdisk - ok
16:12:43.0253 6048 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
16:12:43.0281 6048 sffp_mmc - ok
16:12:43.0298 6048 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
16:12:43.0352 6048 sffp_sd - ok
16:12:43.0372 6048 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
16:12:43.0421 6048 sfloppy - ok
16:12:43.0488 6048 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
16:12:43.0606 6048 SharedAccess - ok
16:12:43.0673 6048 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
16:12:43.0801 6048 ShellHWDetection - ok
16:12:43.0831 6048 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:12:43.0861 6048 SiSRaid2 - ok
16:12:43.0879 6048 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
16:12:43.0911 6048 SiSRaid4 - ok
16:12:44.0004 6048 SkypeUpdate (ea396139541706b4b433641d62ea53ce) C:\Program Files (x86)\Skype\Updater\Updater.exe
16:12:44.0032 6048 SkypeUpdate - ok
16:12:44.0074 6048 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
16:12:44.0175 6048 Smb - ok
16:12:44.0226 6048 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
16:12:44.0281 6048 SNMPTRAP - ok
16:12:44.0306 6048 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
16:12:44.0335 6048 spldr - ok
16:12:44.0391 6048 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
16:12:44.0501 6048 Spooler - ok
16:12:44.0745 6048 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
16:12:44.0999 6048 sppsvc - ok
16:12:45.0081 6048 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
16:12:45.0198 6048 sppuinotify - ok
16:12:45.0275 6048 sprtsvc_verizondm - ok
16:12:45.0358 6048 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
16:12:45.0454 6048 srv - ok
16:12:45.0518 6048 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
16:12:45.0564 6048 srv2 - ok
16:12:45.0588 6048 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
16:12:45.0637 6048 srvnet - ok
16:12:45.0678 6048 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
16:12:45.0792 6048 SSDPSRV - ok
16:12:45.0820 6048 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
16:12:45.0913 6048 SstpSvc - ok
16:12:45.0967 6048 Steam Client Service - ok
16:12:46.0010 6048 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
16:12:46.0040 6048 stexstor - ok
16:12:46.0123 6048 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
16:12:46.0215 6048 stisvc - ok
16:12:46.0278 6048 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
16:12:46.0307 6048 swenum - ok
16:12:46.0392 6048 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
16:12:46.0508 6048 swprv - ok
16:12:46.0657 6048 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
16:12:46.0782 6048 SysMain - ok
16:12:46.0907 6048 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
16:12:46.0954 6048 TabletInputService - ok
16:12:47.0001 6048 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
16:12:47.0122 6048 TapiSrv - ok
16:12:47.0147 6048 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
16:12:47.0239 6048 TBS - ok
16:12:47.0421 6048 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
16:12:47.0542 6048 Tcpip - ok
16:12:47.0717 6048 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
16:12:47.0816 6048 TCPIP6 - ok
16:12:47.0937 6048 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
16:12:48.0044 6048 tcpipreg - ok
16:12:48.0078 6048 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
16:12:48.0139 6048 TDPIPE - ok
16:12:48.0185 6048 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
16:12:48.0230 6048 TDTCP - ok
16:12:48.0294 6048 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
16:12:48.0381 6048 tdx - ok
16:12:48.0618 6048 TeamViewer6 (1c46c27e9f1938b9589859c70450d275) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
16:12:48.0753 6048 TeamViewer6 - ok
16:12:48.0878 6048 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
16:12:48.0908 6048 TermDD - ok
16:12:48.0969 6048 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
16:12:49.0102 6048 TermService - ok
16:12:49.0130 6048 tgsrvc_verizondm - ok
16:12:49.0169 6048 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
16:12:49.0224 6048 Themes - ok
16:12:49.0254 6048 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:12:49.0345 6048 THREADORDER - ok
16:12:49.0369 6048 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
16:12:49.0462 6048 TrkWks - ok
16:12:49.0518 6048 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
16:12:49.0608 6048 TrustedInstaller - ok
16:12:49.0633 6048 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:12:49.0734 6048 tssecsrv - ok
16:12:49.0776 6048 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
16:12:49.0817 6048 TsUsbFlt - ok
16:12:49.0867 6048 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
16:12:49.0967 6048 tunnel - ok
16:12:50.0012 6048 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
16:12:50.0043 6048 uagp35 - ok
16:12:50.0085 6048 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
16:12:50.0189 6048 udfs - ok
16:12:50.0234 6048 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
16:12:50.0268 6048 UI0Detect - ok
16:12:50.0303 6048 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
16:12:50.0334 6048 uliagpkx - ok
16:12:50.0379 6048 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
16:12:50.0424 6048 umbus - ok
16:12:50.0464 6048 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
16:12:50.0509 6048 UmPass - ok
16:12:50.0559 6048 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
16:12:50.0688 6048 upnphost - ok
16:12:50.0739 6048 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
16:12:50.0777 6048 usbaudio - ok
16:12:50.0820 6048 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
16:12:50.0876 6048 usbccgp - ok
16:12:50.0932 6048 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
16:12:50.0968 6048 usbcir - ok
16:12:51.0013 6048 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
16:12:51.0041 6048 usbehci - ok
16:12:51.0071 6048 usbfilter (6648c6d7323a2ce0c4776c36cefbcb14) C:\Windows\system32\DRIVERS\usbfilter.sys
16:12:51.0097 6048 usbfilter - ok
16:12:51.0167 6048 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
16:12:51.0220 6048 usbhub - ok
16:12:51.0276 6048 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
16:12:51.0336 6048 usbohci - ok
16:12:51.0363 6048 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
16:12:51.0418 6048 usbprint - ok
16:12:51.0451 6048 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:12:51.0489 6048 USBSTOR - ok
16:12:51.0507 6048 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
16:12:51.0548 6048 usbuhci - ok
16:12:51.0612 6048 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
16:12:51.0652 6048 usbvideo - ok
16:12:51.0692 6048 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
16:12:51.0800 6048 UxSms - ok
16:12:51.0855 6048 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:12:51.0883 6048 VaultSvc - ok
16:12:51.0926 6048 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
16:12:51.0956 6048 vdrvroot - ok
16:12:52.0029 6048 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
16:12:52.0160 6048 vds - ok
16:12:52.0198 6048 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
16:12:52.0232 6048 vga - ok
16:12:52.0263 6048 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
16:12:52.0351 6048 VgaSave - ok
16:12:52.0404 6048 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
16:12:52.0442 6048 vhdmp - ok
16:12:52.0478 6048 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
16:12:52.0506 6048 viaide - ok
16:12:52.0546 6048 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
16:12:52.0577 6048 volmgr - ok
16:12:52.0638 6048 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
16:12:52.0680 6048 volmgrx - ok
16:12:52.0733 6048 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
16:12:52.0776 6048 volsnap - ok
16:12:52.0807 6048 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
16:12:52.0843 6048 vsmraid - ok
16:12:52.0976 6048 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
16:12:53.0139 6048 VSS - ok
16:12:53.0234 6048 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
16:12:53.0288 6048 vwifibus - ok
16:12:53.0312 6048 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
16:12:53.0352 6048 vwififlt - ok
16:12:53.0387 6048 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
16:12:53.0426 6048 vwifimp - ok
16:12:53.0482 6048 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
16:12:53.0588 6048 W32Time - ok
16:12:53.0616 6048 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
16:12:53.0646 6048 WacomPen - ok
16:12:53.0685 6048 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:12:53.0786 6048 WANARP - ok
16:12:53.0794 6048 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:12:53.0879 6048 Wanarpv6 - ok
16:12:53.0996 6048 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
16:12:54.0083 6048 WatAdminSvc - ok
16:12:54.0199 6048 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
16:12:54.0318 6048 wbengine - ok
16:12:54.0425 6048 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
16:12:54.0473 6048 WbioSrvc - ok
16:12:54.0509 6048 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
16:12:54.0571 6048 wcncsvc - ok
16:12:54.0595 6048 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
16:12:54.0627 6048 WcsPlugInService - ok
16:12:54.0671 6048 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
16:12:54.0700 6048 Wd - ok
16:12:54.0772 6048 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
16:12:54.0841 6048 Wdf01000 - ok
16:12:54.0860 6048 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:12:54.0945 6048 WdiServiceHost - ok
16:12:54.0952 6048 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:12:54.0997 6048 WdiSystemHost - ok
16:12:55.0059 6048 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
16:12:55.0130 6048 WebClient - ok
16:12:55.0168 6048 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
16:12:55.0266 6048 Wecsvc - ok
16:12:55.0282 6048 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
16:12:55.0391 6048 wercplsupport - ok
16:12:55.0433 6048 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
16:12:55.0545 6048 WerSvc - ok
16:12:55.0622 6048 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
16:12:55.0710 6048 WfpLwf - ok
16:12:55.0732 6048 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
16:12:55.0761 6048 WIMMount - ok
16:12:55.0779 6048 WinDefend - ok
16:12:55.0793 6048 WinHttpAutoProxySvc - ok
16:12:55.0853 6048 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
16:12:55.0947 6048 Winmgmt - ok
16:12:56.0111 6048 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
16:12:56.0282 6048 WinRM - ok
16:12:56.0411 6048 WinUSB (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUSB.sys
16:12:56.0463 6048 WinUSB - ok
16:12:56.0564 6048 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
16:12:56.0648 6048 Wlansvc - ok
16:12:56.0747 6048 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
16:12:56.0772 6048 wlcrasvc - ok
16:12:56.0971 6048 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:12:57.0105 6048 wlidsvc - ok
16:12:57.0186 6048 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
16:12:57.0213 6048 WmiAcpi - ok
16:12:57.0292 6048 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
16:12:57.0340 6048 wmiApSrv - ok
16:12:57.0383 6048 WMPNetworkSvc - ok
16:12:57.0485 6048 WMZuneComm (45de51db0950a4b8595520ef0bafcff1) c:\Program Files\Zune\WMZuneComm.exe
16:12:57.0539 6048 WMZuneComm - ok
16:12:57.0573 6048 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
16:12:57.0610 6048 WPCSvc - ok
16:12:57.0650 6048 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
16:12:57.0688 6048 WPDBusEnum - ok
16:12:57.0707 6048 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
16:12:57.0794 6048 ws2ifsl - ok
16:12:57.0817 6048 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
16:12:57.0880 6048 wscsvc - ok
16:12:57.0887 6048 WSearch - ok
16:12:58.0083 6048 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
16:12:58.0234 6048 wuauserv - ok
16:12:58.0359 6048 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
16:12:58.0462 6048 WudfPf - ok
16:12:58.0508 6048 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
16:12:58.0612 6048 WUDFRd - ok
16:12:58.0651 6048 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
16:12:58.0742 6048 wudfsvc - ok
16:12:58.0773 6048 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
16:12:58.0836 6048 WwanSvc - ok
16:12:59.0356 6048 ZuneNetworkSvc (b79c2ce5340a5eca38ca1f74aa445d2b) c:\Program Files\Zune\ZuneNss.exe
16:12:59.0780 6048 ZuneNetworkSvc - ok
16:12:59.0994 6048 ZuneWlanCfgSvc (e2859aea054422fe40517179ae867c2d) c:\Windows\system32\ZuneWlanCfgSvc.exe
16:13:00.0057 6048 ZuneWlanCfgSvc - ok
16:13:00.0143 6048 {55662437-DA8C-40c0-AADA-2C816A897A49} (74983addca2d9618512c088d856d6615) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl
16:13:00.0173 6048 {55662437-DA8C-40c0-AADA-2C816A897A49} - ok
16:13:00.0198 6048 MBR (0x1B8) (9b8685c1aa1ea1781be9d92c7b1b495f) \Device\Harddisk0\DR0
16:13:00.0531 6048 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
16:13:00.0531 6048 \Device\Harddisk0\DR0 - detected TDSS File System (1)
16:13:00.0539 6048 Boot (0x1200) (edaaf848bbd6a62bc9f9112dc69ae3a0) \Device\Harddisk0\DR0\Partition0
16:13:00.0542 6048 \Device\Harddisk0\DR0\Partition0 - ok
16:13:00.0588 6048 Boot (0x1200) (d6e5a30d6b4346afcf902a5956123741) \Device\Harddisk0\DR0\Partition1
16:13:00.0591 6048 \Device\Harddisk0\DR0\Partition1 - ok
16:13:00.0629 6048 Boot (0x1200) (2b6f69d9c5a812427f2f0ee86dfb8bb8) \Device\Harddisk0\DR0\Partition2
16:13:00.0632 6048 \Device\Harddisk0\DR0\Partition2 - ok
16:13:00.0633 6048 ============================================================
16:13:00.0633 6048 Scan finished
16:13:00.0633 6048 ============================================================
16:13:00.0658 2616 Detected object count: 8
16:13:00.0658 2616 Actual detected object count: 8
16:13:17.0100 2616 AMD_RAIDXpert ( UnsignedFile.Multi.Generic ) - skipped by user
16:13:17.0100 2616 AMD_RAIDXpert ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:13:17.0104 2616 HiPatchService ( UnsignedFile.Multi.Generic ) - skipped by user
16:13:17.0104 2616 HiPatchService ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:13:17.0107 2616 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
16:13:17.0107 2616 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:13:17.0111 2616 McciCMService ( UnsignedFile.Multi.Generic ) - skipped by user
16:13:17.0111 2616 McciCMService ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:13:17.0114 2616 McciCMService64 ( UnsignedFile.Multi.Generic ) - skipped by user
16:13:17.0114 2616 McciCMService64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:13:17.0118 2616 MREMP50 ( UnsignedFile.Multi.Generic ) - skipped by user
16:13:17.0118 2616 MREMP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:13:17.0122 2616 MRESP50 ( UnsignedFile.Multi.Generic ) - skipped by user
16:13:17.0122 2616 MRESP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:13:17.0125 2616 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
16:13:17.0126 2616 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

#29
Essexboy

Posted 04 August 2012 - 02:21 PM

GeekU Moderator

Retired Staff
69,964 posts

Re-run TDSSKiller with the same parameters
Then when you see the following select delete :

\Device\Harddisk0\DR0 ( TDSS File System )

THEN

Download OTL to your Desktop

Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
Select All Users
Under the Custom Scan box paste this in
netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
services.*
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
/md5stop
HKEY_CURRENT_USER\Software\Microsoft\Windows Media\WMSDK\Local\AutoProxyCache /s
CREATERESTOREPOINT
Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
Post both logs

#30
Ren12

Posted 04 August 2012 - 02:50 PM

Member

Topic Starter
Member
180 posts

OTL logfile created on: 8/4/2012 4:25:50 PM - Run 1
OTL by OldTimer - Version 3.2.56.0 Folder = C:\Users\Renato\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.99 Gb Total Physical Memory | 5.72 Gb Available Physical Memory | 71.53% Memory free
15.98 Gb Paging File | 11.03 Gb Available in Paging File | 69.01% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 919.67 Gb Total Space | 742.31 Gb Free Space | 80.72% Space Free | Partition Type: NTFS
Drive D: | 11.56 Gb Total Space | 1.58 Gb Free Space | 13.66% Space Free | Partition Type: NTFS

Computer Name: RENATO-PC | User Name: Renato | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/08/04 16:25:27 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Renato\Downloads\OTL.exe
PRC - [2012/08/01 14:19:01 | 000,529,232 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2012/07/31 01:36:16 | 001,229,848 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2012/07/30 22:40:15 | 001,536,712 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_268.exe
PRC - [2012/07/20 17:29:44 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/07/12 22:31:52 | 000,038,744 | ---- | M] (NCSoft) -- C:\Program Files (x86)\NCSoft\Launcher\NCLauncher.exe
PRC - [2011/08/30 12:18:30 | 002,358,656 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2011/08/02 20:41:47 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2011/06/06 15:06:12 | 000,251,744 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
PRC - [2011/06/06 14:26:54 | 006,132,576 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
PRC - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/03/28 18:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2011/01/10 12:56:36 | 000,689,464 | ---- | M] (Radialpoint Inc.) -- C:\Program Files (x86)\Verizon\VSP\ServicepointService.exe
PRC - [2011/01/10 12:56:32 | 004,318,520 | ---- | M] (Verizon) -- C:\Program Files (x86)\Verizon\VSP\VerizonServicepoint.exe
PRC - [2011/01/10 12:56:32 | 000,488,760 | ---- | M] (Radialpoint Inc.) -- C:\Program Files (x86)\Verizon\VSP\VerizonServicepointComHandler.exe
PRC - [2010/11/20 08:17:55 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
PRC - [2010/10/29 16:06:08 | 005,915,480 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Logitech\Vid HD\Vid.exe
PRC - [2010/09/02 05:46:18 | 000,185,640 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\VERIZONDM\bin\tgsrvc.exe
PRC - [2010/09/02 05:46:16 | 000,206,120 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\VERIZONDM\bin\sprtsvc.exe
PRC - [2010/09/02 05:46:04 | 000,206,120 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\VERIZONDM\bin\sprtcmd.exe
PRC - [2010/03/17 16:53:24 | 000,207,872 | ---- | M] (Alcatel-Lucent) -- C:\Program Files (x86)\Common Files\Motive\McciContextHookShim.exe
PRC - [2009/12/01 23:49:52 | 000,210,216 | ---- | M] (CyberLink) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
PRC - [2009/10/14 16:36:56 | 002,793,304 | ---- | M] () -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
PRC - [2009/10/14 16:34:18 | 000,560,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\LogiShrd\LQCVFX\COCIManager.exe
PRC - [2009/10/07 04:47:22 | 000,125,464 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
PRC - [2009/09/19 18:40:54 | 000,122,880 | ---- | M] () -- C:\Windows\SysWOW64\WinMsgBalloonServer.exe
PRC - [2009/09/19 18:40:48 | 000,139,264 | ---- | M] () -- C:\Windows\SysWOW64\WinMsgBalloonClient.exe
PRC - [2009/09/19 18:39:06 | 000,122,880 | ---- | M] (AMD) -- C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
PRC - [2009/09/19 18:38:48 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
PRC - [2009/08/24 22:11:15 | 000,656,896 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
PRC - [2009/06/03 16:35:16 | 000,430,080 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
PRC - [2009/04/23 07:29:18 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2009/04/23 07:29:14 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2009/01/08 09:44:06 | 000,070,936 | ---- | M] (Octoshape ApS) -- C:\Users\Renato\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
PRC - [2008/11/20 14:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe

========== Modules (No Company Name) ==========

MOD - [2012/08/01 14:18:58 | 020,316,496 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2012/08/01 14:18:49 | 000,900,944 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2012/08/01 14:18:48 | 001,099,576 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2012/08/01 14:18:48 | 000,190,776 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2012/08/01 14:18:48 | 000,123,192 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2012/07/31 01:36:14 | 000,442,392 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.60\ppgooglenaclpluginchrome.dll
MOD - [2012/07/31 01:36:13 | 012,235,288 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.60\PepperFlash\pepflashplayer.dll
MOD - [2012/07/31 01:36:12 | 003,997,720 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.60\pdf.dll
MOD - [2012/07/31 01:34:57 | 000,526,872 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.60\libglesv2.dll
MOD - [2012/07/31 01:34:55 | 000,104,984 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.60\libegl.dll
MOD - [2012/07/31 01:34:45 | 000,144,424 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.60\avutil-51.dll
MOD - [2012/07/31 01:34:43 | 000,266,792 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.60\avformat-54.dll
MOD - [2012/07/31 01:34:42 | 002,480,680 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.60\avcodec-54.dll
MOD - [2012/07/30 22:40:15 | 009,465,032 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll
MOD - [2012/07/20 17:29:38 | 002,003,424 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012/07/12 22:31:55 | 000,217,088 | ---- | M] () -- C:\Program Files (x86)\NCSoft\Launcher\UnRar.Net.dll
MOD - [2012/07/12 22:31:53 | 000,024,576 | ---- | M] () -- C:\Program Files (x86)\NCSoft\Launcher\NC.Logging.dll
MOD - [2012/06/14 03:31:55 | 010,580,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Design\7c144f89b1f8f292d6940a1b2f8ffbec\System.Design.ni.dll
MOD - [2012/06/14 03:31:40 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e717a230496832656b05b515eb9f3bc5\PresentationFramework.ni.dll
MOD - [2012/06/14 03:31:28 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012/06/14 03:31:23 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012/06/14 03:31:20 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\14a87218ea49639f38097e278b98a3da\PresentationCore.ni.dll
MOD - [2012/05/11 03:38:42 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\9b2f17fb61b7197f2a04108f5d1a1cc6\System.Management.ni.dll
MOD - [2012/05/11 03:35:55 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8e56489276063ededde74e597a121df3\PresentationFramework.Aero.ni.dll
MOD - [2012/05/11 03:35:43 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
MOD - [2012/05/11 03:35:42 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\f3814b488d9e083cbbc623e01b389f09\System.Data.ni.dll
MOD - [2012/05/11 03:35:18 | 000,185,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\d8af9a65cf0ed85d47360796e2645a06\UIAutomationTypes.ni.dll
MOD - [2012/05/11 03:35:06 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
MOD - [2012/05/11 03:35:04 | 000,680,448 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Security\054fcff18035c210487b0888e6461192\System.Security.ni.dll
MOD - [2012/05/11 03:35:02 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012/05/11 03:34:59 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012/05/11 03:34:58 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012/05/11 03:34:48 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2012/03/08 16:36:24 | 012,290,432 | ---- | M] () -- C:\Users\Renato\AppData\Roaming\PictureMover\Bin\Core.dll
MOD - [2012/03/08 16:36:20 | 001,699,200 | ---- | M] () -- C:\Users\Renato\AppData\Roaming\PictureMover\EN-US\Presentation.dll
MOD - [2012/02/03 10:02:10 | 000,036,920 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll
MOD - [2011/10/23 20:18:06 | 008,007,680 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll
MOD - [2011/04/01 15:48:48 | 008,217,088 | ---- | M] () -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\QtGui4.dll
MOD - [2011/04/01 15:41:58 | 002,267,648 | ---- | M] () -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\QtCore4.dll
MOD - [2011/01/10 12:47:40 | 000,158,208 | ---- | M] () -- C:\Program Files (x86)\Verizon\VSP\Windows7Features.dll
MOD - [2010/11/04 21:58:05 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2010/10/29 16:02:38 | 000,751,616 | ---- | M] () -- C:\Program Files (x86)\Logitech\Vid HD\vpxmd.dll
MOD - [2010/10/29 16:01:30 | 000,027,472 | ---- | M] () -- C:\Program Files (x86)\Logitech\Vid HD\SDL.dll
MOD - [2009/12/01 23:49:50 | 000,931,112 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
MOD - [2009/10/14 16:39:58 | 001,421,656 | ---- | M] () -- C:\Program Files\Logitech\Logitech WebCam Software\videoc.dll
MOD - [2009/10/14 16:36:56 | 002,793,304 | ---- | M] () -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
MOD - [2009/10/14 16:36:34 | 000,181,592 | ---- | M] () -- C:\Program Files (x86)\Common Files\LogiShrd\LvApi11\LvApi11.dll
MOD - [2009/10/14 16:34:18 | 000,560,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\LogiShrd\LQCVFX\COCIManager.exe
MOD - [2009/09/29 19:25:46 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
MOD - [2009/09/29 19:25:44 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
MOD - [2009/09/29 19:25:38 | 000,040,960 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll
MOD - [2009/09/29 19:25:38 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll
MOD - [2009/09/29 19:25:38 | 000,007,680 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll
MOD - [2009/09/29 19:25:36 | 000,005,632 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll
MOD - [2009/09/29 19:25:28 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll
MOD - [2009/09/29 19:25:18 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll
MOD - [2009/07/13 21:15:45 | 000,364,544 | ---- | M] () -- C:\Windows\SysWOW64\msjetoledb40.dll
MOD - [2009/04/22 17:53:56 | 000,969,040 | ---- | M] () -- C:\Program Files (x86)\Logitech\Vid HD\QtNetwork4.dll
MOD - [2009/04/16 14:02:16 | 000,970,752 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
MOD - [2009/04/09 19:04:56 | 002,141,008 | ---- | M] () -- C:\Program Files (x86)\Logitech\Vid HD\QtCore4.dll
MOD - [2009/03/03 18:18:08 | 000,138,064 | ---- | M] () -- C:\Program Files (x86)\Logitech\Vid HD\plugins\imageformats\qjpeg4.dll
MOD - [2009/03/03 18:18:06 | 000,035,152 | ---- | M] () -- C:\Program Files (x86)\Logitech\Vid HD\plugins\imageformats\qico4.dll
MOD - [2009/03/03 18:18:06 | 000,029,008 | ---- | M] () -- C:\Program Files (x86)\Logitech\Vid HD\plugins\imageformats\qgif4.dll
MOD - [2009/03/03 18:17:46 | 011,311,952 | ---- | M] () -- C:\Program Files (x86)\Logitech\Vid HD\QtWebKit4.dll
MOD - [2009/03/03 18:17:46 | 000,363,856 | ---- | M] () -- C:\Program Files (x86)\Logitech\Vid HD\QtXml4.dll
MOD - [2009/03/03 18:17:44 | 000,200,016 | ---- | M] () -- C:\Program Files (x86)\Logitech\Vid HD\QtSql4.dll
MOD - [2009/03/03 18:17:40 | 000,475,472 | ---- | M] () -- C:\Program Files (x86)\Logitech\Vid HD\QtOpenGL4.dll
MOD - [2009/03/03 18:17:38 | 007,704,400 | ---- | M] () -- C:\Program Files (x86)\Logitech\Vid HD\QtGui4.dll
MOD - [2009/03/03 18:17:32 | 000,291,664 | ---- | M] () -- C:\Program Files (x86)\Logitech\Vid HD\phonon4.dll

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012/03/26 18:49:56 | 000,291,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2012/03/26 18:49:56 | 000,012,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2011/06/01 02:58:10 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/09/24 13:17:16 | 000,467,696 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV:64bit: - [2010/09/24 13:17:16 | 000,306,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Zune\WMZuneComm.exe -- (WMZuneComm)
SRV:64bit: - [2010/09/24 13:17:10 | 008,251,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/10/07 04:47:10 | 000,191,000 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe -- (LVPrcS64)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/08/03 01:11:01 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/08/01 14:19:01 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/07/20 17:29:44 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/07/03 13:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/04/05 15:50:06 | 000,008,704 | ---- | M] (Hi-Rez Studios) [Auto | Running] -- C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe -- (HiPatchService)
SRV - [2012/02/16 15:31:12 | 000,131,912 | ---- | M] (Desura Pty Ltd) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Desura\desura_service.exe -- (Desura Install Service)
SRV - [2011/09/09 18:10:28 | 000,086,072 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2011/08/30 12:18:30 | 002,358,656 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011/06/06 14:26:54 | 006,132,576 | ---- | M] (LeapFrog Enterprises, Inc.) [Auto | Running] -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe -- (LeapFrog Connect Device Service)
SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/03/28 18:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2011/01/10 12:56:36 | 000,689,464 | ---- | M] (Radialpoint Inc.) [Auto | Running] -- C:\Program Files (x86)\Verizon\VSP\ServicepointService.exe -- (ServicepointService)
SRV - [2010/09/02 05:46:18 | 000,185,640 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\VERIZONDM\bin\tgsrvc.exe -- (tgsrvc_verizondm)
SRV - [2010/09/02 05:46:16 | 000,206,120 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\VERIZONDM\bin\sprtsvc.exe -- (sprtsvc_verizondm)
SRV - [2010/06/18 21:59:12 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/09/19 18:39:06 | 000,122,880 | ---- | M] (AMD) [Auto | Running] -- C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe -- (AMD_RAIDXpert)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/03/20 20:44:12 | 000,098,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/06/01 05:12:38 | 009,320,448 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2011/06/01 05:12:38 | 009,320,448 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/06/01 02:19:14 | 000,306,688 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/29 07:31:18 | 001,579,520 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/01/28 13:33:38 | 000,116,736 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009/10/07 11:49:28 | 006,379,288 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2009/10/07 09:47:46 | 000,327,704 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2009/10/07 04:45:50 | 000,030,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2Mon)
DRV:64bit: - [2009/10/07 04:45:50 | 000,030,232 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2M64)
DRV:64bit: - [2009/10/06 09:49:14 | 000,230,456 | ---- | M] (Advanced Micro Devices, Inc) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ahcix64s.sys -- (ahcix64s)
DRV:64bit: - [2009/08/20 20:05:06 | 000,239,616 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/05 06:00:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie)
DRV:64bit: - [2009/04/03 10:39:58 | 000,034,872 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV - [2010/03/17 16:53:38 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2010/03/17 16:53:22 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2009/09/17 21:41:28 | 000,146,928 | ---- | M] (CyberLink Corp.) [2010/02/07 10:18:53] [Kernel | Auto | Running] -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl -- ({55662437-DA8C-40c0-AADA-2C816A897A49})
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {C9B3E73D-3E54-4289-821F-DF4FC0BA4351}
IE:64bit: - HKLM\..\SearchScopes\{8365DB78-A617-4110-B550-5E692367EC58}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE:64bit: - HKLM\..\SearchScopes\{C9B3E73D-3E54-4289-821F-DF4FC0BA4351}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1
IE - HKLM\..\SearchScopes,DefaultScope = {C9B3E73D-3E54-4289-821F-DF4FC0BA4351}
IE - HKLM\..\SearchScopes\{8365DB78-A617-4110-B550-5E692367EC58}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE - HKLM\..\SearchScopes\{C9B3E73D-3E54-4289-821F-DF4FC0BA4351}: "URL" = http://www.bing.com/...rc=IE-SearchBox

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3591711946-2265182465-2123470179-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.alothome.com/en
IE - HKU\S-1-5-21-3591711946-2265182465-2123470179-1001\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-3591711946-2265182465-2123470179-1001\..\SearchScopes,DefaultScope = {C9B3E73D-3E54-4289-821F-DF4FC0BA4351}
IE - HKU\S-1-5-21-3591711946-2265182465-2123470179-1001\..\SearchScopes\{8365DB78-A617-4110-B550-5E692367EC58}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE - HKU\S-1-5-21-3591711946-2265182465-2123470179-1001\..\SearchScopes\{A531D99C-5A22-449b-83DA-872725C6D0ED}: "URL" = http://search.alot.c...on=1.1.3001.0(B)
IE - HKU\S-1-5-21-3591711946-2265182465-2123470179-1001\..\SearchScopes\{C9B3E73D-3E54-4289-821F-DF4FC0BA4351}: "URL" = http://www.gobrs.com...=t&rls=ergWfHzj
IE - HKU\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906
FF - prefs.js..keyword.URL: "http://www.gobrs.com...ls=ergWfHzj&q="

FF - user.js..keyword.URL: "http://www.gobrs.com...ls=ergWfHzj&q="

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_270.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@radialpoint.com/SPA,version=1: C:\Program Files (x86)\Verizon\VSP\nprpspa.dll (Verizon)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_270.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files (x86)\Common Files\Motive\npMotive.dll (Alcatel-Lucent)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@radialpoint.com/SPA,version=1: C:\Program Files (x86)\Verizon\VSP\nprpspa.dll (Verizon)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@wolfram.com/Mathematica: C:\Program Files (x86)\Common Files\Wolfram Research\Browser\8.0.3.2427702\npmathplugin.dll (Wolfram Research, Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@hulu.com/Hulu Desktop: C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.9.1\npHDPlg.dll ()
FF - HKCU\Software\MozillaPlugins\@octoshape.com/Octoshape Streaming Services,version=1.0: C:\Users\Renato\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1101262-0-npoctoshape.dll (Octoshape ApS)
FF - HKCU\Software\MozillaPlugins\@onlive.com/OnLiveGameClientDetector,version=1.0.0: C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll (OnLive)
FF - HKCU\Software\MozillaPlugins\@powerchallenge.com/PowerLoader: C:\Users\Renato\AppData\LocalLow\POWERC~1\nppowerloader.dll (Power Challenge Sweden AB)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/07/20 17:29:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/07/31 17:23:34 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/07/20 17:29:45 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/07/31 17:23:34 | 000,000,000 | ---D | M]

[2010/07/11 17:37:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Renato\AppData\Roaming\Mozilla\Extensions
[2012/06/27 00:21:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Renato\AppData\Roaming\Mozilla\Firefox\Profiles\04uebt4x.default\extensions
[2010/08/24 16:17:24 | 000,002,197 | ---- | M] () -- C:\Users\Renato\AppData\Roaming\Mozilla\Firefox\Profiles\04uebt4x.default\searchplugins\google-search.xml
[2012/01/12 08:09:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/02/27 17:04:07 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[1832/11/29 00:37:17 | 000,004,819 | ---- | M] () (No name found) -- C:\USERS\RENATO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\04UEBT4X.DEFAULT\EXTENSIONS\[email protected]
[2012/07/20 17:29:45 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/06/19 11:30:33 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/06/19 11:30:33 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.60\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U29 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.60\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.60\pdf.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll
CHR - plugin: downloadUpdater (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
CHR - plugin: downloadUpdater2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll
CHR - plugin: Octoshape Streaming Services (Enabled) = C:\Users\Renato\AppData\Roaming\Mozilla\plugins\npoctoshape.dll
CHR - plugin: Octoshape Streaming Services (Enabled) = C:\Users\Renato\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1101262-0-npoctoshape.dll
CHR - plugin: Motive Plugin (Enabled) = C:\Program Files (x86)\Common Files\Motive\npMotive.dll
CHR - plugin: Wolfram Mathematica (Enabled) = C:\Program Files (x86)\Common Files\Wolfram Research\Browser\8.0.3.2427702\npmathplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: OnLive Game Client Detector (Enabled) = C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Verizon Servicepoint (Enabled) = C:\Program Files (x86)\Verizon\VSP\nprpspa.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Nexon Game Controller (Enabled) = C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
CHR - plugin: Power Challenge Loader (Enabled) = C:\Users\Renato\AppData\LocalLow\POWERC~1\nppowerloader.dll
CHR - plugin: Hulu Desktop (Enabled) = C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.9.1\npHDPlg.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Skype Click to Call = C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\
CHR - Extension: Gmail = C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/07/31 17:06:41 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (ALOT Appbar Helper) - {85F5CF95-EC8F-49fc-BB3F-38C79455CBA2} - C:\Program Files (x86)\alotappbar\bin\BHO\ALOTHelperBHO.dll File not found
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (ALOT Appbar) - {A531D99C-5A22-449b-83DA-872725C6D0ED} - C:\Program Files (x86)\alotappbar\bin\ALOTHelper.dll File not found
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [PC-Doctor for Windows localizer] C:\Program Files\PC-Doctor for Windows\localizer.exe (PC-Doctor, Inc.)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4:64bit: - HKLM..\Run: [Verizon_McciTrayApp] C:\Program Files\Verizon\McciTrayApp.exe (Alcatel-Lucent)
O4:64bit: - HKLM..\Run: [Zune Launcher] c:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKLM..\Run: [HP Remote Solution] C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [Monitor] C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe (LeapFrog Enterprises, Inc.)
O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [VERIZONDM] C:\Program Files (x86)\VERIZONDM\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [VerizonServicepoint.exe] C:\Program Files (x86)\Verizon\VSP\VerizonServicepoint.exe (Verizon)
O4 - HKU\S-1-5-21-3591711946-2265182465-2123470179-1001..\Run: [Desura] C:\Program Files (x86)\Desura\desura.exe (Desura Pty Ltd)
O4 - HKU\S-1-5-21-3591711946-2265182465-2123470179-1001..\Run: [Logitech Vid] C:\Program Files (x86)\Logitech\Vid HD\Vid.exe (Logitech Inc.)
O4 - HKU\S-1-5-21-3591711946-2265182465-2123470179-1001..\Run: [NCsoft Launcher] C:\Program Files (x86)\NCSoft\Launcher\NCLauncher.exe (NCSoft)
O4 - HKU\S-1-5-21-3591711946-2265182465-2123470179-1001..\Run: [Octoshape Streaming Services] C:\Users\Renato\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe (Octoshape ApS)
O4 - HKU\S-1-5-21-3591711946-2265182465-2123470179-1001..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - Startup: C:\Users\Renato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3591711946-2265182465-2123470179-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zon...kr.cab56986.cab (Checkers Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zon...1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.5.1)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5A5AFBFE-0AEC-4C60-BB67-C7A8524E9C34}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C50C78B9-022C-4CA0-8F29-AC858A9CCC9F}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/08/04 16:24:04 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012/08/04 15:57:54 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{EE182234-E52C-4C96-86C5-DC47205226B6}
[2012/08/04 15:57:21 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{698CA2AF-1DE7-4358-80DB-1819C3B1BACD}
[2012/08/03 18:35:34 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{9F3F4ED6-EFA1-4893-A773-86572A03D05A}
[2012/08/03 18:35:00 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{3F77F8BB-04F2-4540-8471-73047E106787}
[2012/08/03 06:34:35 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{0D5D6AE2-11F5-4030-81E5-77A7D97B1A73}
[2012/08/03 06:34:01 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{ED9F9C01-9AE7-479B-B445-F7BD3269CFCA}
[2012/08/02 17:27:36 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{81447F91-46B6-4DDF-84A6-C6AF3D35A953}
[2012/08/02 17:27:03 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{1B9BD357-C349-480E-A851-876037E1CD6D}
[2012/08/01 16:10:05 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{1D2A3D58-B41E-40A8-B0B0-C2548071B4A7}
[2012/08/01 16:09:33 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{4733287C-79E1-4FEE-BDE4-AEA5DA268A6A}
[2012/07/31 19:50:25 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{86F58BD0-1F8C-4A2A-BFCA-FA9B99DC654F}
[2012/07/31 19:49:52 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{FD5BF2E8-6702-44B9-BAF5-A2C2EED770D3}
[2012/07/31 17:24:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/07/31 17:24:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Oracle
[2012/07/31 16:42:05 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Roaming\Malwarebytes
[2012/07/31 16:41:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/07/31 16:41:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/07/31 16:41:49 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/07/31 16:41:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/07/31 16:28:37 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/07/31 15:57:15 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012/07/31 06:59:59 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{CB3EE67E-EDEE-45A5-ABF5-5C2E584575E6}
[2012/07/31 06:59:50 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{E5309293-9D27-4939-ACB8-409522CFAB66}
[2012/07/29 22:13:53 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{08F194F5-3235-4883-AD00-D0A0CDC3A8C6}
[2012/07/29 22:13:22 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{8DB85C90-DE99-4048-A10C-DEEC2DA01CCB}
[2012/07/29 06:26:55 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{5E4579F1-3058-492D-9B33-672479E869CB}
[2012/07/29 06:26:20 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{C35732E9-3B94-4521-9E93-5F8578CC1BD8}
[2012/07/28 15:34:43 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{2BCA94A2-0A43-4362-B8FC-8BB1BD3B8660}
[2012/07/28 15:34:11 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{EC9CD37B-7426-4A07-8D03-CA6B52B5C847}
[2012/07/27 19:41:04 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{BF878FB7-C29F-4AF1-A5F6-62FBF2D89E48}
[2012/07/27 19:40:54 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{DC5A7017-AA96-4D88-BF29-82804F21F540}
[2012/07/26 18:03:29 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{0953F0B7-F522-467A-8CB0-CE6D36D0810E}
[2012/07/26 18:02:57 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{F1A1A4EA-42C6-4F68-8E7F-AD061D31C214}
[2012/07/25 22:22:43 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{D61D9559-1BB1-4A3A-B764-B85BFF5DA972}
[2012/07/25 22:22:10 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{689C1BE4-1152-4795-8741-CFC3B081A0A1}
[2012/07/25 06:43:05 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{F211A0A0-CE30-473B-8112-871DA9BF7CD4}
[2012/07/25 06:42:32 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{45D7295C-30F6-456A-8CDC-10589DF55B95}
[2012/07/24 11:40:15 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{EE062D01-6EC8-4F05-9F6F-AF78CDE515E5}
[2012/07/24 11:39:43 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{A2225D2D-718E-428C-BD41-A1D9510318F8}
[2012/07/23 20:30:31 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{F993E5D9-46C9-4BF1-AAC7-A3D2B6BD90EB}
[2012/07/23 20:29:58 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{08DCFC46-93FB-4925-B3BF-F98F6D3FC105}
[2012/07/23 06:55:43 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{8F37CA71-D385-434C-A4B7-1FC68DC51C38}
[2012/07/23 06:55:11 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{399341D9-8248-462F-8309-738AE1EF0D9B}
[2012/07/22 08:27:04 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{32DCC184-BBB6-4A61-8663-613231DA7895}
[2012/07/22 08:26:32 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{AFECE737-8979-45F1-A243-687A9BD6C00E}
[2012/07/21 15:30:16 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{9FB633F8-00D1-4EB7-ABCB-9D4A5A081F4E}
[2012/07/21 15:29:44 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{9A4C5213-57DB-413D-8E1E-A3FA35EE6E42}
[2012/07/20 18:55:30 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{8D47C79F-88CD-4667-AC84-3D3D54068B95}
[2012/07/20 18:54:57 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{2ECA6445-E17E-4227-8DEB-F4F6C3DF56E6}
[2012/07/20 06:54:34 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{7D80C799-5D26-424A-BCD5-20B3B5745E72}
[2012/07/20 06:54:01 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{93CA45CD-603B-4271-A687-4CFA5C2C7939}
[2012/07/19 17:15:15 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{F7CA6C51-8232-4149-AD11-5E5B44D2306B}
[2012/07/19 17:14:42 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{5C35817D-1C2C-469F-8CD4-7CC5A79F634F}
[2012/07/18 20:42:33 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{47B7F550-866B-49C1-94D4-EDEA627B2887}
[2012/07/18 20:42:00 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{335BAE51-6000-4775-860C-C4FB2AFA9DD8}
[2012/07/18 07:18:32 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{348E3299-DBB4-4A0E-9D3F-5CC9D049CABE}
[2012/07/18 07:17:59 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{FF991F12-01CC-4659-AAA9-850A63D5F05D}
[2012/07/17 18:38:02 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{F69A53DB-71D1-4B67-9E15-B02E8178666F}
[2012/07/17 18:37:29 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{8E5B31AA-C7C6-4CEB-8EDC-8E16ADE431FC}
[2012/07/17 06:37:04 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{78BF9AEB-710D-4010-AF43-76E7E338E218}
[2012/07/17 06:36:32 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{D749BEA5-2D19-4AE1-B507-8990B312D5AB}
[2012/07/16 18:36:08 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{8E4E3DBB-96F0-4CB1-9DAF-2D9EFC1E5862}
[2012/07/16 18:35:36 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{67AFF1A2-1566-41F8-8D4F-E739D37019E6}
[2012/07/16 06:35:09 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{E27E175B-3597-49D4-A392-564303AF08B0}
[2012/07/16 06:34:37 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{6AD81CD4-8FCF-4195-8164-6E8D15AEC46B}
[2012/07/15 08:06:50 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{6F482A74-A341-4542-8943-17C39A599BA3}
[2012/07/15 08:06:16 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{35AABC18-A36C-4B78-B9A6-6EA1A6B76AC8}
[2012/07/14 14:50:35 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{7026B4F8-EE4A-494F-96C8-1BD7D59B5F8A}
[2012/07/14 14:50:03 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{20FDECEC-C179-4D8C-BE6D-B79598FBEA3B}
[2012/07/14 01:09:00 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Roaming\Media Player Classic
[2012/07/14 01:01:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Combined Community Codec Pack
[2012/07/13 20:00:45 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{64E63576-FC60-44C8-A86E-C3BDA99DC946}
[2012/07/13 20:00:14 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{93F85059-D769-481B-B939-38BE2D5234E8}
[2012/07/13 06:48:14 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{E2CD4EA7-F47F-4298-B3E2-4F62D2296FCA}
[2012/07/13 06:47:42 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{DAAB0EF8-3826-48A6-9AE2-3391F01E6E5C}
[2012/07/12 23:29:31 | 000,000,000 | ---D | C] -- C:\Riot Games
[2012/07/12 23:07:02 | 000,000,000 | ---D | C] -- C:\Users\Renato\Desktop\League of legends
[2012/07/12 21:45:19 | 000,000,000 | ---D | C] -- C:\d4590c3a176633490c8f354336
[2012/07/12 21:36:21 | 000,000,000 | ---D | C] -- C:\54cdb4b65e9ece2fb3246e87a3
[2012/07/12 06:48:20 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{992F42BF-38E5-484E-AB10-F6162F1F7C06}
[2012/07/12 06:47:46 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{E3CDEDEC-272A-44F5-A0E3-F0AAE0C5F92E}
[2012/07/10 19:48:42 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{2F74EC3F-F1B6-4363-8DE5-CA82AB8036E3}
[2012/07/10 19:48:10 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{8D924D17-33D9-4D2D-9DAD-DF6D1B0FA7DC}
[2012/07/10 06:57:30 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{854F6CA3-9AD3-4E47-9D1E-8B88903617FF}
[2012/07/10 06:56:57 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{EFC30B48-4220-46C1-9575-19FF21B0131F}
[2012/07/09 18:48:39 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{B1286949-33C8-4A14-B17B-A1BD38B0B8FC}
[2012/07/09 18:48:06 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{0F1D435E-2364-4BEE-8DDB-3931FC515DA9}
[2012/07/09 06:47:40 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{79213C55-6EC2-433F-AD97-5465F719E1D1}
[2012/07/09 06:47:07 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{FC1EDED0-E1F4-49F1-92B2-987DA6362032}
[2012/07/08 08:25:23 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{DB66A59E-EEB8-4F49-B454-7301548B313E}
[2012/07/08 08:24:51 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{8CCD3AEC-845C-43A2-9EFD-212E0201F2C6}
[2012/07/07 17:31:17 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{1A6CDB6F-07F9-4499-AD24-AE331B6F534B}
[2012/07/07 17:30:45 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{A6B83F4E-15A7-4859-93BE-62FC077F8C73}
[2012/07/06 20:47:07 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{D2F966CD-2910-4D19-ACE6-C5EC9EB56D15}
[2012/07/06 20:46:36 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{30F63680-B1DE-4256-A4AD-B13F2285AFE0}
[2012/07/06 07:10:54 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{7FAE07D4-0A45-4DDB-AF9B-AF3D31B7FCC7}
[2012/07/06 07:10:21 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{D776ADF8-406C-41B2-A1DF-1FE022135DA2}
[2012/07/05 18:36:29 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{E673B12C-01DD-4C44-AAA0-BABA682A1BC7}
[2012/07/05 18:35:56 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{DB7CB847-C9DD-4049-B7B5-B441F816C7DA}

========== Files - Modified Within 30 Days ==========

[2012/08/04 16:31:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/08/04 15:40:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/08/04 14:13:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/08/04 14:13:16 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\lvuvc.hs
[2012/08/03 20:31:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/08/03 14:17:39 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/03 14:17:39 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/02 14:32:58 | 000,002,346 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012/08/02 14:31:06 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForRenato.job
[2012/08/02 14:19:11 | 2141,106,175 | -HS- | M] () -- C:\hiberfil.sys
[2012/07/31 17:06:41 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2012/07/31 16:41:54 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/07/31 15:22:57 | 000,000,512 | ---- | M] () -- C:\Users\Renato\Desktop\MBR.dat
[2012/07/31 13:55:40 | 000,000,544 | ---- | M] () -- C:\Windows\tasks\PCDRScheduledMaintenance.job
[2012/07/20 17:29:46 | 000,002,050 | ---- | M] () -- C:\Users\Renato\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/07/13 17:41:54 | 000,425,752 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/07/12 23:33:57 | 000,001,722 | ---- | M] () -- C:\Users\Public\Desktop\Play League of Legends.lnk

========== Files Created - No Company Name ==========

[2012/07/31 16:41:54 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/07/31 15:22:57 | 000,000,512 | ---- | C] () -- C:\Users\Renato\Desktop\MBR.dat
[2012/07/19 14:56:46 | 000,000,336 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForRenato.job
[2012/07/12 23:33:57 | 000,001,722 | ---- | C] () -- C:\Users\Public\Desktop\Play League of Legends.lnk
[2011/03/17 18:51:46 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011/02/10 17:25:05 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/02/02 19:36:20 | 000,743,538 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/12/09 17:14:28 | 000,000,268 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2010/08/15 18:18:26 | 000,003,656 | ---- | C] () -- C:\Users\Renato\AppData\Roaming\wklnhst.dat
[2010/07/27 18:12:22 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat

========== LOP Check ==========

[2010/10/24 11:38:02 | 000,000,000 | ---D | M] -- C:\Users\Renato\AppData\Roaming\.minecraft
[2010/08/25 18:46:25 | 000,000,000 | ---D | M] -- C:\Users\Renato\AppData\Roaming\acccore
[2011/08/17 01:41:25 | 000,000,000 | ---D | M] -- C:\Users\Renato\AppData\Roaming\Amazon
[2011/05/23 18:48:09 | 000,000,000 | ---D | M] -- C:\Users\Renato\AppData\Roaming\Bioshock
[2011/03/05 14:50:50 | 000,000,000 | ---D | M] -- C:\Users\Renato\AppData\Roaming\Braid
[2012/03/01 22:05:08 | 000,000,000 | ---D | M] -- C:\Users\Renato\AppData\Roaming\GetRightToGo
[2010/07/13 16:04:08 | 000,000,000 | ---D | M] -- C:\Users\Renato\AppData\Roaming\iWin
[2010/07/12 01:35:12 | 000,000,000 | ---D | M] -- C:\Users\Renato\AppData\Roaming\Leadertech
[2011/03/15 20:31:07 | 000,000,000 | ---D | M] -- C:\Users\Renato\AppData\Roaming\LolClient
[2012/05/23 15:47:02 | 000,000,000 | ---D | M] -- C:\Users\Renato\AppData\Roaming\LolClient2
[2010/08/27 20:44:03 | 000,000,000 | ---D | M] -- C:\Users\Renato\AppData\Roaming\Octoshape
[2011/07/13 22:35:07 | 000,000,000 | ---D | M] -- C:\Users\Renato\AppData\Roaming\OnLive App
[2012/02/01 18:54:49 | 000,000,000 | ---D | M] -- C:\Users\Renato\AppData\Roaming\OpenOffice.org
[2010/09/11 14:21:32 | 000,000,000 | ---D | M] -- C:\Users\Renato\AppData\Roaming\Panda Security
[2010/07/11 17:30:53 | 000,000,000 | ---D | M] -- C:\Users\Renato\AppData\Roaming\PictureMover
[2010/09/11 14:20:09 | 000,000,000 | ---D | M] -- C:\Users\Renato\AppData\Roaming\SurfSecret Privacy Suite
[2012/03/16 21:19:24 | 000,000,000 | ---D | M] -- C:\Users\Renato\AppData\Roaming\SystemRequirementsLab
[2010/10/11 15:03:45 | 000,000,000 | ---D | M] -- C:\Users\Renato\AppData\Roaming\TechWizard
[2010/08/15 18:18:28 | 000,000,000 | ---D | M] -- C:\Users\Renato\AppData\Roaming\Template
[2010/08/17 16:48:08 | 000,000,000 | ---D | M] -- C:\Users\Renato\AppData\Roaming\Tific
[2011/07/03 18:59:39 | 000,000,000 | ---D | M] -- C:\Users\Renato\AppData\Roaming\Tropico 3
[2010/07/12 16:26:43 | 000,000,000 | ---D | M] -- C:\Users\Renato\AppData\Roaming\WildTangent
[2010/07/14 10:19:43 | 000,000,000 | ---D | M] -- C:\Users\Renato\AppData\Roaming\WinBatch
[2010/09/23 14:08:22 | 000,000,000 | ---D | M] -- C:\Users\Renato\AppData\Roaming\Windows Live Writer
[2012/07/31 13:55:40 | 000,000,544 | ---- | M] () -- C:\Windows\Tasks\PCDRScheduledMaintenance.job
[2012/05/27 18:18:45 | 000,032,560 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< MD5 for: EXPLORER.EXE >
[2009/10/06 02:06:36 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=00B0358734CAA32C39D181FE6916B178 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_b8b0208ee0ce1889\explorer.exe
[2011/02/26 02:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/26 01:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/13 21:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/26 01:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009/10/31 01:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011/02/26 01:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\erdnt\cache86\explorer.exe
[2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 02:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 08:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009/10/06 02:35:29 | 002,868,736 | ---- | M] (Microsoft Corporation) MD5=6D4F9E4B640B413C6F73414327484C80 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_addea9f19345cd81\explorer.exe
[2009/08/03 02:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009/10/31 02:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009/08/03 01:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/11/20 09:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009/10/31 02:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009/08/03 01:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/13 21:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009/10/31 02:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2009/10/06 02:31:09 | 002,868,736 | ---- | M] (Microsoft Corporation) MD5=CA17F8620815267DC838E30B68CB5052 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_ae5b763cac6d568e\explorer.exe
[2011/02/26 02:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009/08/03 02:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
[2009/10/06 01:53:03 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=FC89FACA0473641CB625EDA9277D0885 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_b8335443c7a68f7c\explorer.exe

< MD5 for: SERVICES >
[2009/06/10 17:00:26 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6079f415110c0210\services

< MD5 for: SERVICES.CFG >
[2011/09/05 13:04:56 | 000,584,808 | ---- | M] () MD5=B3B25937514C772FD2490108B91CE17F -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Services\Services.cfg

< MD5 for: SERVICES.EXE >
[2009/07/13 21:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\erdnt\cache64\services.exe
[2009/07/13 21:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009/07/13 21:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SERVICES.EXE.MUI >
[2009/07/13 22:25:40 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\Windows\SysNative\en-US\services.exe.mui
[2009/07/13 22:25:40 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_en-us_c5f238be3fa63468\services.exe.mui

< MD5 for: SERVICES.LNK >
[2009/07/14 00:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 00:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk

< MD5 for: SERVICES.M >
[2011/07/10 19:20:24 | 000,023,826 | ---- | M] () MD5=0EAD8CEEB4694A7863D1F11DFB701E48 -- C:\Program Files (x86)\Wolfram Research\Wolfram CDF Player\8.0\SystemFiles\Autoload\PacletManager\Kernel\Services.m

< MD5 for: SERVICES.MOF >
[2009/06/10 16:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\SysNative\wbem\services.mof
[2009/06/10 16:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.mof

< MD5 for: SERVICES.MSC >
[2009/07/13 22:23:30 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\en-US\services.msc
[2009/06/10 16:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\services.msc
[2009/07/13 22:08:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\en-US\services.msc
[2009/06/10 17:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\services.msc
[2009/07/13 22:23:30 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_003408aa160fce5b\services.msc
[2009/06/10 16:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_2b58d44b5f6beb8a\services.msc
[2009/07/13 22:08:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_a4156d265db25d25\services.msc
[2009/06/10 17:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_cf3a38c7a70e7a54\services.msc

< MD5 for: SERVICES.PTXML >
[2009/07/13 16:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\SysNative\wdi\perftrack\Services.ptxml
[2009/07/13 16:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\Services.ptxml

< MD5 for: SERVICES.RDB >
[2009/04/24 01:34:14 | 005,472,256 | ---- | M] () MD5=81CCB59A28A03DB55807B883CB679027 -- C:\Program Files (x86)\OpenOffice.org 3\Basis\program\services.rdb
[2009/04/24 01:35:04 | 000,262,144 | ---- | M] () MD5=81CCB59A28A03DB55807B883CB679027 -- C:\Program Files (x86)\OpenOffice.org 3\URE\misc\services.rdb
[2009/04/24 01:34:14 | 005,472,256 | ---- | M] () MD5=81CCB59A28A03DB55807B883CB679027 -- C:\Users\Renato\AppData\Local\Temp\services.rdb

< MD5 for: SVCHOST.EXE >
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\erdnt\cache86\svchost.exe
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2012/07/03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\erdnt\cache64\svchost.exe
[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: USERINIT.EXE >
[2010/11/20 08:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\erdnt\cache86\userinit.exe
[2010/11/20 08:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 08:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/13 21:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/13 21:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 09:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\erdnt\cache64\userinit.exe
[2010/11/20 09:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 09:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/20 09:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\erdnt\cache64\winlogon.exe
[2010/11/20 09:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/20 09:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/13 21:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2012/07/03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009/10/28 03:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009/10/28 02:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< HKEY_CURRENT_USER\Software\Microsoft\Windows Media\WMSDK\Local\AutoProxyCache /s >

========== Files - Unicode (All) ==========
[2011/09/24 08:42:27 | 000,000,720 | ---- | M] ()(C:\Users\Renato\AppData\Local\PMB Fik?s) -- C:\Users\Renato\AppData\Local\PMB Fik聥s
[2011/09/24 08:42:05 | 000,000,720 | ---- | C] ()(C:\Users\Renato\AppData\Local\PMB Fik?s) -- C:\Users\Renato\AppData\Local\PMB Fik聥s

< End of report >