Thanks for getting back so quickly, I had to give up last night as the ComboFix hung, I let it run all night and still had to shut it down. It gave me no log. I hope I got all the logs I should have posted responses at each step would have been better. I don't seam to have a problem right now. Windows update is available I won't do any updates till I hear back.
All the other stuff is below:
/
OTL Extras logfile created on: 8/2/2012 7:37:27 AM - Run 3
OTL by OldTimer - Version 3.2.55.0 Folder = C:\Users\Doug\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.96 Gb Total Physical Memory | 2.40 Gb Available Physical Memory | 60.55% Memory free
8.11 Gb Paging File | 6.37 Gb Available in Paging File | 78.49% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 283.40 Gb Total Space | 165.53 Gb Free Space | 58.41% Space Free | Partition Type: NTFS
Drive E: | 14.65 Gb Total Space | 5.59 Gb Free Space | 38.14% Space Free | Partition Type: NTFS
Computer Name: DOUGLT | User Name: Doug | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (All) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm[@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp[@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta[@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html[@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf[@ = inffile] -- C:\Windows\SysNative\NOTEPAD.EXE ()
.ini[@ = inifile] -- C:\Windows\SysNative\NOTEPAD.EXE ()
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
.js[@ = JSFile] -- C:\Windows\SysNative\WScript.exe ()
.jse[@ = JSEFile] -- C:\Windows\SysNative\WScript.exe ()
.reg[@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.txt[@ = txtfile] -- C:\Windows\SysNative\NOTEPAD.EXE ()
.vbe[@ = VBEFile] -- C:\Windows\SysNative\WScript.exe ()
.vbs[@ = VBSFile] -- C:\Windows\SysNative\WScript.exe ()
.wsf[@ = WSFFile] -- C:\Windows\SysNative\WScript.exe ()
.wsh[@ = WSHFile] -- C:\Windows\SysNative\WScript.exe ()
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = comfile] -- "%1" %*
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf [@ = inffile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
.js [@ = JSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\Windows\SysWow64\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 ()
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 ()
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 ()
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 ()
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" ()
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 ()
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 ()
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 ()
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 ()
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
InternetShortcut [print] -- rundll32.exe C:\Windows\system32\mshtml.dll,PrintHTML "%1" ()
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 ()
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* ()
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 ()
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 ()
jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* ()
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 ()
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" ()
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" ()
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 ()
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 ()
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" ()
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 ()
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* ()
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 ()
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 ()
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* ()
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 ()
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 ()
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* ()
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 ()
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* ()
Unknown [openas] -- "C:\Program Files (x86)\File Type Assistant\tsassist.exe" "%1" (Trusted Software ApS)
Directory [cmd] -- cmd.exe /s /k pushd "%V" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
InternetShortcut [print] -- rundll32.exe C:\Windows\SysWOW64\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- "C:\Program Files (x86)\File Type Assistant\tsassist.exe" "%1" (Trusted Software ApS)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ========== ========== Authorized Applications List ========== ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0826F9E4-787E-481D-83E0-BC6A57B056D5}" = Microsoft SQL Server VSS Writer
"{26A24AE4-039D-4CA4-87B4-2F86416013FF}" = Java 6 Update 13 (64-bit)
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{7E0E61CC-1C99-429D-BEA7-C4DD5B898D2A}" = HP Officejet 4500 G510n-z
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}" = Microsoft SQL Server Native Client
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A4DDB2AB-ECCD-4C3A-8633-77D5A1A0E542}" = Network64
"{BBDE8A3D-64A2-43A6-95F3-C27B87DF7AC1}" = Microsoft SQL Server 2008 Native Client
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"781745E87AFF80C0C1388CFF79D19ECAB2E9BB47" = Windows Driver Package - LeapFrog (FlyUsb) USB (11/05/2008 1.1.1.0)
"8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D" = Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012)
"CCleaner" = CCleaner
"Creative OA009" = Integrated Webcam Driver (1.02.01.0320)
"HDMI" = Intel® Graphics Media Accelerator Driver
"HP Document Manager" = HP Document Manager 2.0
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Shop for HP Supplies" = Shop for HP Supplies
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{00C1B233-D218-484B-8078-9375482C5608}" = LeapFrog Tag Plugin
"{04F693CE-1C19-4DED-8418-31A9E79212D2}" = Xactimate 25
"{050BF7DA-82C4-416A-8294-7AFEB8ED94E1}" = Microsoft® Office Language Pack 2010 – English (Business Contact Manager for Microsoft Outlook 2010)
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{196E77C5-F524-4B50-BD1A-2C21EEE9B8F7}" = Microsoft SQL Server 2008 Common Files
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java 6 Update 26
"{2750B389-A2D2-4953-99CA-27C1F2A8E6FD}" = Microsoft SQL Server 2005 Tools Express Edition
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (XACTWARE)
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{33AE9E89-47C9-4A0D-9E9D-BDD6966A3804}" = Microsoft SQL Server 2008 RsFx Driver
"{3A4D5E2D-988D-4ee9-8E7F-3AC200A2B8F5}" = 4500G510nz_Software_Min
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3D5044A5-97B8-45C0-B956-BB2376569188}" = Windows Live Movie Maker
"{4112625F-2D38-49EF-924F-48511BC5CD34}" = Microsoft SQL Server 2008 Database Engine Services
"{41785C66-90F2-40CE-8CB5-1C94BFC97280}" = Microsoft Chart Controls for Microsoft .NET Framework 3.5
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{4815BD99-96A4-49FE-A885-DCF06E9E4E78}" = Microsoft SQL Server 2008 Database Engine Shared
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{5AC5ED2E-2936-4B54-A429-703F9034938E}" = Covenant Eyes
"{5B05FF91-F20C-4832-A8DE-E1912639C17C}" = 4500G510nz
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD DX
"{690879A5-18EF-447B-98D6-B699D51008AB}" = 4500_G510nz_Help
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.SingleImage_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0116-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{92A51949-EE4C-466D-AAF0-99E74A49A63F}" = DocMgr
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{95120000-0122-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{A3D88A98-506E-4CFC-B294-E256C679B0EE}" = Microsoft Store Download Manager
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A92000000001}" = Adobe Reader 9.2
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{B8E9F8A1-9F4D-43D5-ABD6-1DF067FAA469}" = Microsoft SQL Server 2008 Database Engine Services
"{B935C985-A17F-484B-8470-09E4FC27DC26}" = Dell-eBay
"{BA4DA261-CB60-4690-B202-44998DFC6986}" = Microsoft SQL Server 2008 Setup Support Files
"{BAE06076-DB3F-4936-8864-249A7B2AA662}" = Intel® Integrated Performance Primitives Run-Time Installer 5.1 for Windows* on IA-32 Intel® Architecture
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C688457E-03FD-4941-923B-A27F4D42A7DD}" = Microsoft SQL Server 2008 Browser
"{C965F01C-76EA-4BD7-973E-46236AE312D7}" = Sql Server Customer Experience Improvement Program
"{D3AE96EE-2876-4B3F-847C-D3A4AD689E43}" = LogMeIn
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E30E7561-A466-4393-B8BF-FD93E733EF3C}" = Microsoft Office Live Meeting 2007
"{E4B48349-A165-4097-8D78-AC950BD8638E}" = Business Contact Manager for Microsoft Outlook 2010
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F3494AB6-6900-41C6-AF57-823626827ED8}" = Microsoft SQL Server 2008 Database Engine Shared
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F9D59E62-845F-49A2-8B75-DDB00661673C}" = LeapFrog Connect
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.10
"Business Contact Manager" = Business Contact Manager for Microsoft Outlook 2010
"Coupon Printer for Windows5.0.0.1" = Coupon Printer for Windows
"Dell Video Chat" = Dell Video Chat
"Dell Webcam Central" = Dell Webcam Central
"FreeFileViewer_is1" = Free File Viewer 2011
"Google Calendar Sync" = Google Calendar Sync
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.62.0.1300
"Microsoft SQL Server 10" = Microsoft SQL Server 2008
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox 14.0.1 (x86 en-US)" = Mozilla Firefox 14.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.SingleImage" = Microsoft Office Professional 2010
"TagPlugin" = Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Plugin)
"Trusted Software Assistant_is1" = File Type Assistant
"TurboMeeting" = TurboMeeting
"UPCShell" = LeapFrog Connect
"WinLiveSuite_Wave3" = Windows Live Essentials
========== Last 20 Event Log Errors ========== [ Application Events ]
Error - 8/2/2012 9:56:01 AM | Computer Name = DougLT | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "C:\Program Files (x86)\Windows
Live\Photo Gallery\MovieMaker.Exe".Error in manifest or policy file "C:\Program
Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL" on line 8. Component identity
found in manifest does not match the identity of the component requested. Reference
is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". Definition
is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Please use
sxstrace.exe for detailed diagnosis.
Error - 8/2/2012 9:57:08 AM | Computer Name = DougLT | Source = WinMgmt | ID = 10
Description =
[ Media Center Events ]
Error - 5/19/2012 8:22:03 PM | Computer Name = DougLT | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 5/19/2012 9:48:37 PM | Computer Name = DougLT | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 5/20/2012 8:12:32 AM | Computer Name = DougLT | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 5/20/2012 6:25:50 PM | Computer Name = DougLT | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 5/21/2012 1:47:44 PM | Computer Name = DougLT | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 5/22/2012 8:33:04 AM | Computer Name = DougLT | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 5/22/2012 3:11:34 PM | Computer Name = DougLT | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 5/22/2012 11:04:48 PM | Computer Name = DougLT | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 8/1/2012 8:43:51 PM | Computer Name = DougLT | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 8/2/2012 12:06:26 AM | Computer Name = DougLT | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
[ System Events ]
Error - 8/2/2012 9:55:30 AM | Computer Name = DougLT | Source = HTTP | ID = 15016
Description =
Error - 8/2/2012 9:55:34 AM | Computer Name = DougLT | Source = Print | ID = 19
Description = The print spooler failed to share printer TurboMeeting Printer with
shared resource name TurboMeeting Printer. Error 1753. The printer cannot be used
by others on the network.
Error - 8/2/2012 9:57:09 AM | Computer Name = DougLT | Source = Service Control Manager | ID = 7000
Description =
Error - 8/2/2012 9:57:09 AM | Computer Name = DougLT | Source = Service Control Manager | ID = 7000
Description =
Error - 8/2/2012 9:57:09 AM | Computer Name = DougLT | Source = Service Control Manager | ID = 7000
Description =
Error - 8/2/2012 9:57:09 AM | Computer Name = DougLT | Source = Service Control Manager | ID = 7023
Description =
Error - 8/2/2012 9:57:09 AM | Computer Name = DougLT | Source = Service Control Manager | ID = 7000
Description =
< End of report >
OTL logfile created on: 8/2/2012 7:37:27 AM - Run 3
OTL by OldTimer - Version 3.2.55.0 Folder = C:\Users\Doug\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.96 Gb Total Physical Memory | 2.40 Gb Available Physical Memory | 60.55% Memory free
8.11 Gb Paging File | 6.37 Gb Available in Paging File | 78.49% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 283.40 Gb Total Space | 165.53 Gb Free Space | 58.41% Space Free | Partition Type: NTFS
Drive E: | 14.65 Gb Total Space | 5.59 Gb Free Space | 38.14% Space Free | Partition Type: NTFS
Computer Name: DOUGLT | User Name: Doug | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2012/08/01 18:05:28 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\Doug\Desktop\OTL(1).exe
PRC - [2012/07/19 10:03:32 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/07/03 13:46:44 | 000,462,920 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/11/12 13:04:12 | 000,268,640 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
PRC - [2011/11/12 12:21:58 | 006,141,792 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
PRC - [2011/07/18 03:27:14 | 001,299,192 | ---- | M] () -- C:\Program Files (x86)\CE\nmSvc.exe
PRC - [2011/07/18 03:27:06 | 000,291,064 | ---- | M] () -- C:\Program Files (x86)\CE\nmFlt.exe
PRC - [2011/04/08 05:50:02 | 000,542,264 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe
PRC - [2010/03/25 05:45:38 | 000,031,144 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2009/02/04 19:26:38 | 000,128,232 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2008/05/07 15:41:14 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008/05/07 15:41:12 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
========== Modules (No Company Name) ========== MOD - [2012/07/19 10:03:32 | 002,003,424 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011/09/14 10:19:06 | 008,500,224 | ---- | M] () -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\QtGui4.dll
MOD - [2011/09/14 10:19:06 | 002,348,544 | ---- | M] () -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\QtCore4.dll
MOD - [2011/07/18 03:27:14 | 001,299,192 | ---- | M] () -- C:\Program Files (x86)\CE\nmSvc.exe
MOD - [2011/07/18 03:27:14 | 000,078,584 | ---- | M] () -- C:\Program Files (x86)\CE\nmsvTree.dll
MOD - [2011/07/18 03:27:12 | 000,644,856 | ---- | M] () -- C:\Program Files (x86)\CE\nmSvc.dll
MOD - [2011/07/18 03:27:08 | 000,241,912 | ---- | M] () -- C:\Windows\SysWOW64\nmNsp.dll
MOD - [2011/07/18 03:27:06 | 000,291,064 | ---- | M] () -- C:\Program Files (x86)\CE\nmFlt.exe
MOD - [2011/07/18 03:27:02 | 000,182,520 | ---- | M] () -- C:\Windows\SysWOW64\CESpy.dll
MOD - [2011/07/18 03:19:12 | 000,120,320 | ---- | M] () -- C:\Program Files (x86)\CE\zlib.dll
========== Win32 Services (SafeList) ========== SRV:
64bit: - File not found [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe /McCoreSvc -- (McAfee SiteAdvisor Service)
SRV:
64bit: - [2011/07/18 03:17:56 | 000,290,816 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\authServer.exe -- (Auth Service)
SRV:
64bit: - [2009/03/31 08:00:18 | 000,268,288 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_15f4e438\STacSV64.exe -- (STacSV)
SRV:
64bit: - [2009/03/31 08:00:02 | 000,089,600 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_15f4e438\AESTSr64.exe -- (AESTFilters)
SRV:
64bit: - [2008/01/20 19:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:
64bit: - [2006/11/02 04:16:05 | 000,046,592 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\rundll32.exe -- (yksvc)
SRV - [2012/07/27 12:37:14 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/19 10:03:32 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/11/12 12:21:58 | 006,141,792 | ---- | M] (LeapFrog Enterprises, Inc.) [Auto | Running] -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe -- (LeapFrog Connect Device Service)
SRV - [2011/07/18 03:17:56 | 000,290,816 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\authServer.exe -- (Auth Service)
SRV - [2011/05/25 15:14:34 | 000,053,248 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper)
SRV - [2010/12/08 13:12:10 | 000,147,336 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\LogMeIn\x64\ramaint.exe -- (LMIMaint)
SRV - [2010/12/08 13:12:04 | 000,373,640 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2010/11/08 12:04:20 | 000,407,424 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe -- (LogMeIn)
SRV - [2010/03/25 05:45:38 | 000,031,144 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/05/21 22:35:32 | 000,923,136 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2008/07/27 11:03:13 | 000,069,632 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/05/07 15:41:14 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
========== Driver Services (SafeList) ========== DRV:
64bit: - [2012/07/03 13:46:44 | 000,024,904 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:
64bit: - [2011/11/12 12:18:20 | 000,024,576 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\FlyUsb.sys -- (FlyUsb)
DRV:
64bit: - [2010/12/08 13:12:30 | 000,087,456 | ---- | M] () [File_System | Disabled | Stopped] -- C:\Windows\SysNative\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV:
64bit: - [2010/09/17 15:40:06 | 000,072,216 | ---- | M] () [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV:
64bit: - [2010/09/17 15:39:58 | 000,011,552 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\lmimirr.sys -- (lmimirr)
DRV:
64bit: - [2009/11/04 15:54:06 | 000,049,480 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfesmfk.sys -- (mfesmfk)
DRV:
64bit: - [2009/11/04 15:47:38 | 000,040,904 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdk.sys -- (mferkdk)
DRV:
64bit: - [2009/07/16 11:32:26 | 000,176,144 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\Mpfp.sys -- (MPFP)
DRV:
64bit: - [2009/03/31 09:53:54 | 000,069,120 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RTSTOR64.SYS -- (RTSTOR)
DRV:
64bit: - [2009/03/31 09:48:56 | 010,275,296 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys -- (igfx)
DRV:
64bit: - [2009/03/31 08:00:28 | 000,477,696 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\stwrt64.sys -- (STHDA)
DRV:
64bit: - [2009/03/31 07:19:00 | 000,225,328 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Apfiltr.sys -- (ApfiltrService)
DRV:
64bit: - [2009/03/19 16:02:00 | 000,311,296 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\OA009Vid.sys -- (OA009Vid)
DRV:
64bit: - [2009/03/06 06:33:58 | 000,159,840 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\OA009Ufd.sys -- (OA009Ufd)
DRV:
64bit: - [2008/12/30 19:00:22 | 000,172,032 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CtClsFlt.sys -- (CtClsFlt)
DRV:
64bit: - [2008/12/21 10:26:28 | 004,735,488 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\NETw5v64.sys -- (NETw5v64)
DRV:
64bit: - [2008/12/19 19:24:48 | 000,041,032 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfebopk.sys -- (mfebopk)
DRV:
64bit: - [2008/08/31 11:19:24 | 000,392,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\yk60x64.sys -- (yukonx64)
DRV:
64bit: - [2008/08/31 11:15:58 | 000,395,288 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iastor.sys -- (iaStor)
DRV:
64bit: - [2008/08/21 23:50:32 | 000,019,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\motccgp.sys -- (motccgp)
DRV:
64bit: - [2008/08/21 23:50:02 | 000,009,216 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\motccgpfl.sys -- (motccgpfl)
DRV:
64bit: - [2008/05/06 17:06:00 | 000,014,464 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wdcsam64.sys -- (WDC_SAM)
DRV:
64bit: - [2008/01/20 19:51:07 | 000,016,384 | ---- | M] () [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:
64bit: - [2008/01/20 19:47:25 | 000,012,288 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\serscan.sys -- (StillCam)
DRV:
64bit: - [2008/01/20 19:46:55 | 000,317,952 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\e1e6032e.sys -- (e1express)
DRV:
64bit: - [2008/01/20 19:46:52 | 000,019,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\usb8023x.sys -- (usb_rndisx)
DRV:
64bit: - [2007/11/14 01:00:00 | 000,053,488 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:
64bit: - [2007/06/20 19:57:40 | 000,029,184 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\motport.sys -- (motport)
DRV:
64bit: - [2007/06/20 19:57:36 | 000,029,184 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\motmodem.sys -- (motmodem)
DRV:
64bit: - [2006/11/02 00:48:50 | 002,488,320 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (R300)
DRV - [2010/09/17 15:40:06 | 000,015,928 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\rainfo.sys -- (LMIInfo)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:
64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:
64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:
64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://search.live.c...ferrer:source?}IE:
64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.co...g}&sourceid=ie7IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.yahoo.comIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.comIE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://search.live.c...ferrer:source?}IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.co...g}&sourceid=ie7 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://search.live.c...ferrer:source?}IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.co...g}&sourceid=ie7IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.order.1: "Yahoo"
FF - prefs.js..browser.search.order.2: ""
FF - prefs.js..browser.search.param.yahoo-fr: "w3i&type=W3i_DS,157,0_0,Search,20111149,6902,0,24,0"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "yahoo.com"
FF:
64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_268.dll File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nosltd.com/getPlus+®,version=1.6.2.103: C:\Program Files (x86)\NOS\bin\np_gp.dll (NOS Microsystems Ltd.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2012/03/11 20:58:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/07/19 10:03:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/11/10 17:25:24 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/07/19 10:03:32 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/11/10 17:25:24 | 000,000,000 | ---D | M]
[2010/01/08 12:26:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Doug\AppData\Roaming\Mozilla\Extensions
[2012/05/23 05:49:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Doug\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxkw9l.default\extensions
[2010/06/29 14:23:16 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Doug\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxkw9l.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/06/19 17:49:33 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\Doug\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxkw9l.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2012/05/23 05:49:41 | 000,000,000 | ---D | M] (LogMeIn, Inc. Remote Access Plugin) -- C:\Users\Doug\AppData\Roaming\Mozilla\Firefox\Profiles\gpgxkw9l.default\extensions\
[email protected][2011/11/10 17:25:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/07/19 10:03:32 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/04/14 14:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\mozilla firefox\components\Scriptff.dll
[2011/03/18 11:32:12 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npCouponPrinter.dll
[2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011/03/18 11:32:14 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npMozCouponPrinter.dll
[2012/06/19 18:16:37 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2010/08/23 16:49:55 | 000,002,024 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2012/06/19 18:16:37 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
O1 HOSTS File: ([2006/09/18 14:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:
64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll File not found
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3:
64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O4:
64bit: - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:
64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe ()
O4:
64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:
64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe ()
O4:
64bit: - HKLM..\Run: [LogMeIn GUI] C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe (LogMeIn, Inc.)
O4:
64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe ()
O4:
64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Monitor] C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe (LeapFrog Enterprises, Inc.)
O4 - HKLM..\Run: [NMSVC] C:\Program Files (x86)\CE\nmSvc.exe ()
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O10:
64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Windows\SysNative\nmNsp.dll ()
O10:
64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - CCESpy.dll File not found
O10:
64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - CCESpy.dll File not found
O10:
64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - CCESpy.dll File not found
O10:
64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - CCESpy.dll File not found
O10:
64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - CCESpy.dll File not found
O10:
64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - CCESpy.dll File not found
O10:
64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - CCESpy.dll File not found
O10:
64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - CCESpy.dll File not found
O10:
64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - CCESpy.dll File not found
O10:
64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - CCESpy.dll File not found
O10:
64bit: - Protocol_Catalog9\Catalog_Entries64\000000000021 - CCESpy.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\nmNsp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - %SystemRoot%\SysWOW64\nmNsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - %SystemRoot%\SysWOW64\nmNsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - %SystemRoot%\SysWOW64\nmNsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - %SystemRoot%\SysWOW64\nmNsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - %SystemRoot%\SysWOW64\nmNsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - %SystemRoot%\SysWOW64\nmNsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - %SystemRoot%\SysWOW64\nmNsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - %SystemRoot%\SysWOW64\nmNsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - %SystemRoot%\SysWOW64\nmNsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - %SystemRoot%\SysWOW64\nmNsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - %SystemRoot%\SysWOW64\nmNsp.dll File not found
O13
64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:
64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16:
64bit: - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16:
64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}
http://appldnld.appl...ex/qtplugin.cab (QuickTime Plugin Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000}
http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.ad...Plus/1.6/gp.cab (get_atlcom Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{84722BE2-2DF7-4342-8A0B-614951F105E7}: DhcpNameServer = 192.168.1.1
O18:
64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:
64bit: - Protocol\Handler\livecall - No CLSID value found
O18:
64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:
64bit: - Protocol\Handler\msnim - No CLSID value found
O18:
64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:
64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O20:
64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe ()
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:
64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll ()
O24 - Desktop WallPaper: C:\Users\Doug\Pictures\Personnal Pictures\2011-11-07\022.JPG
O24 - Desktop BackupWallPaper: C:\Users\Doug\Pictures\Personnal Pictures\2011-11-07\022.JPG
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/04/30 15:01:00 | 000,000,053 | -HS- | M] () - E:\AUTORUN.INF -- [ NTFS ]
O33 - MountPoints2\{123537dd-36b6-11e0-b7e3-00256443b61a}\Shell - "" = AutoRun
O33 - MountPoints2\{123537dd-36b6-11e0-b7e3-00256443b61a}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\{7cca3723-4ffc-11df-b443-00256443b61a}\Shell\AutoRun\command - "" = D:\setupSNK.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:
64bit: - HKLM\..comfile [open] -- "%1" %*
O35:
64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:
64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:
64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
NetSvcs:
64bit: BITS - C:\Windows\SysNative\svchost.exe ()
MsConfig:64bit - State: "startup" - Reg Error: Key error.
SafeBootMin:
64bit: Base - Driver Group
SafeBootMin:
64bit: Boot Bus Extender - Driver Group
SafeBootMin:
64bit: Boot file system - Driver Group
SafeBootMin:
64bit: File system - Driver Group
SafeBootMin:
64bit: Filter - Driver Group
SafeBootMin:
64bit: HelpSvc - Service
SafeBootMin:
64bit: MCODS - Reg Error: Value error.
SafeBootMin:
64bit: PCI Configuration - Driver Group
SafeBootMin:
64bit: PEVSystemStart - Service
SafeBootMin:
64bit: PNP Filter - Driver Group
SafeBootMin:
64bit: Primary disk - Driver Group
SafeBootMin:
64bit: procexp90.Sys - Driver
SafeBootMin:
64bit: sacsvr - Service
SafeBootMin:
64bit: SCSI Class - Driver Group
SafeBootMin:
64bit: System Bus Extender - Driver Group
SafeBootMin:
64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:
64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:
64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:
64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:
64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:
64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:
64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:
64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:
64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:
64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:
64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:
64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:
64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:
64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:
64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:
64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:
64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:
64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: MCODS - Reg Error: Value error.
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PEVSystemStart - Service
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: procexp90.Sys - Driver
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet:
64bit: Base - Driver Group
SafeBootNet:
64bit: Boot Bus Extender - Driver Group
SafeBootNet:
64bit: Boot file system - Driver Group
SafeBootNet:
64bit: File system - Driver Group
SafeBootNet:
64bit: Filter - Driver Group
SafeBootNet:
64bit: HelpSvc - Service
SafeBootNet:
64bit: MCODS - Reg Error: Value error.
SafeBootNet:
64bit: Messenger - Service
SafeBootNet:
64bit: MpfService - Service
SafeBootNet:
64bit: MPSSvc - Service
SafeBootNet:
64bit: NDIS Wrapper - Driver Group
SafeBootNet:
64bit: NetBIOSGroup - Driver Group
SafeBootNet:
64bit: NetDDEGroup - Driver Group
SafeBootNet:
64bit: Network - Driver Group
SafeBootNet:
64bit: NetworkProvider - Driver Group
SafeBootNet:
64bit: PCI Configuration - Driver Group
SafeBootNet:
64bit: PEVSystemStart - Service
SafeBootNet:
64bit: PNP Filter - Driver Group
SafeBootNet:
64bit: PNP_TDI - Driver Group
SafeBootNet:
64bit: Primary disk - Driver Group
SafeBootNet:
64bit: procexp90.Sys - Driver
SafeBootNet:
64bit: rdsessmgr - Service
SafeBootNet:
64bit: sacsvr - Service
SafeBootNet:
64bit: SCSI Class - Driver Group
SafeBootNet:
64bit: Streams Drivers - Driver Group
SafeBootNet:
64bit: System Bus Extender - Driver Group
SafeBootNet:
64bit: TDI - Driver Group
SafeBootNet:
64bit: TurboMeeting - Service
SafeBootNet:
64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:
64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:
64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:
64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:
64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:
64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:
64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:
64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:
64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:
64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:
64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:
64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:
64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:
64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:
64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:
64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:
64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:
64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:
64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:
64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:
64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:
64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:
64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: MCODS - Reg Error: Value error.
SafeBootNet: Messenger - Service
SafeBootNet: MpfService - Service
SafeBootNet: MPSSvc - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PEVSystemStart - Service
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: procexp90.Sys - Driver
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: TurboMeeting - Service
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
ActiveX:
64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX:
64bit: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX:
64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX:
64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:
64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:
64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:
64bit: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX:
64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:
64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:
64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:
64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:
64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:
64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:
64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:
64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:
64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:
64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX:
64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:
64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:
64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:
64bit: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX:
64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:
64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:
64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:
64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:
64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX:
64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX:
64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
Drivers32:
64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm ()
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ========== [2012/08/02 06:43:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/08/02 06:43:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/08/02 06:41:47 | 010,652,120 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Doug\Desktop\mbam-setup-1.62.0.1300.exe
[2012/08/02 06:25:36 | 002,136,664 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Doug\Desktop\tdsskiller.exe
[2012/08/01 21:35:25 | 004,722,680 | ---- | C] (Swearware) -- C:\Users\Doug\Desktop\ComboFix(1).exe
[2012/08/01 20:58:11 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\Doug\Desktop\aswMBR.exe
[2012/08/01 18:05:26 | 000,597,504 | ---- | C] (OldTimer Tools) -- C:\Users\Doug\Desktop\OTL(1).exe
[2012/08/01 17:24:11 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/08/01 17:24:08 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012/08/01 17:24:06 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW
[2012/08/01 14:08:21 | 000,000,000 | ---D | C] -- C:\Users\Doug\Desktop\RK_Quarantine
[2012/08/01 13:28:05 | 000,000,000 | ---D | C] -- C:\ProgramData\0C1CFB130008337F004639176C44B161
[2012/07/29 06:57:50 | 000,000,000 | ---D | C] -- C:\Users\Doug\Documents\Rainbow Franchise All
[2012/07/29 06:45:56 | 000,000,000 | ---D | C] -- C:\Users\Doug\Documents\A-Resumes
========== Files - Modified Within 30 Days ========== [2012/08/02 07:37:15 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/08/02 07:32:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/08/02 07:28:51 | 000,061,440 | ---- | M] ( ) -- C:\Users\Doug\Desktop\VEW.exe
[2012/08/02 07:12:59 | 000,000,400 | ---- | M] () -- C:\Windows\tasks\FreeFileViewerUpdateChecker.job
[2012/08/02 06:55:34 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/02 06:55:34 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/02 06:55:33 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/08/02 06:55:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/08/02 06:55:24 | 4253,405,184 | -HS- | M] () -- C:\hiberfil.sys
[2012/08/02 06:43:21 | 000,000,950 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/08/02 06:42:02 | 010,652,120 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Doug\Desktop\mbam-setup-1.62.0.1300.exe
[2012/08/02 06:25:40 | 002,136,664 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Doug\Desktop\tdsskiller.exe
[2012/08/01 21:35:38 | 004,722,680 | ---- | M] (Swearware) -- C:\Users\Doug\Desktop\ComboFix(1).exe
[2012/08/01 21:26:30 | 000,000,512 | ---- | M] () -- C:\Users\Doug\Desktop\MBR.dat
[2012/08/01 20:58:40 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\Doug\Desktop\aswMBR.exe
[2012/08/01 20:55:29 | 000,006,080 | ---- | M] () -- C:\Users\Doug\AppData\Local\d3d9caps.dat
[2012/08/01 20:53:41 | 000,274,226 | ---- | M] () -- C:\Users\Doug\Desktop\winsock2.reg
[2012/08/01 19:42:12 | 000,862,414 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/08/01 19:42:12 | 000,717,626 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/08/01 19:42:12 | 000,147,038 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/08/01 18:05:28 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\Doug\Desktop\OTL(1).exe
[2012/07/27 14:03:10 | 000,216,828 | ---- | M] () -- C:\Users\Doug\Desktop\Douglas Dewing Resume.pdf
[2012/07/27 12:37:14 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/07/27 12:37:14 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/07/18 18:23:11 | 000,000,732 | ---- | M] () -- C:\Users\Doug\AppData\Local\d3d9caps64.dat
[2012/07/03 13:46:44 | 000,024,904 | ---- | M] () -- C:\Windows\SysNative\drivers\mbam.sys
========== Files Created - No Company Name ========== [2012/08/02 07:28:51 | 000,061,440 | ---- | C] ( ) -- C:\Users\Doug\Desktop\VEW.exe
[2012/08/02 06:43:21 | 000,000,950 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/08/02 06:43:20 | 000,024,904 | ---- | C] () -- C:\Windows\SysNative\drivers\mbam.sys
[2012/08/01 21:21:19 | 000,000,512 | ---- | C] () -- C:\Users\Doug\Desktop\MBR.dat
[2012/08/01 20:53:41 | 000,274,226 | ---- | C] () -- C:\Users\Doug\Desktop\winsock2.reg
[2012/07/27 14:03:09 | 000,216,828 | ---- | C] () -- C:\Users\Doug\Desktop\Douglas Dewing Resume.pdf
[2012/03/22 09:05:56 | 000,000,008 | ---- | C] () -- C:\Users\Doug\AppData\Roaming\usb.dat
[2012/02/01 13:29:24 | 000,207,259 | ---- | C] () -- C:\Windows\hpwins28.dat.temp
[2012/02/01 12:43:46 | 000,000,418 | ---- | C] () -- C:\Windows\hpwmdl28.dat.temp
[2012/02/01 12:23:12 | 000,207,238 | ---- | C] () -- C:\Windows\hpwins28.dat
[2011/07/19 09:50:11 | 000,241,912 | ---- | C] () -- C:\Windows\SysWow64\nmNsp.dll
[2011/07/19 09:50:11 | 000,182,520 | ---- | C] () -- C:\Windows\SysWow64\CESpy.dll
[2011/07/19 09:50:00 | 000,290,816 | ---- | C] () -- C:\Windows\SysWow64\authServer.exe
[2011/07/01 17:55:51 | 000,000,732 | ---- | C] () -- C:\Users\Doug\AppData\Local\d3d9caps64.dat
[2010/03/03 11:40:34 | 000,026,311 | ---- | C] () -- C:\Users\Doug\AppData\Roaming\UserTile.png
[2010/02/21 19:47:21 | 000,061,224 | ---- | C] () -- C:\Users\Doug\GoToAssistDownloadHelper.exe
[2009/12/01 02:42:49 | 000,006,080 | ---- | C] () -- C:\Users\Doug\AppData\Local\d3d9caps.dat
[2009/11/27 18:29:17 | 000,007,680 | ---- | C] () -- C:\Users\Doug\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== Custom Scans ========== ========== Drive Information ========== Physical Drives
---------------
Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: SAMSUNG HM320II
Partitions: 3
Status: OK
Status Info: 0
Partitions
---------------
DeviceID: Disk #0, Partition #0
PartitionType: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 0.00GB
Starting Offset: 32256
Hidden sectors: 0
DeviceID: Disk #0, Partition #1
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 15.00GB
Starting Offset: 41943040
Hidden sectors: 0
DeviceID: Disk #0, Partition #2
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 283.00GB
Starting Offset: 15770583040
Hidden sectors: 0
< %SYSTEMDRIVE%\*.exe > < %systemroot%\assembly\GAC_32\*.ini > < %systemroot%\assembly\GAC_64\*.ini > < %SYSTEMDRIVE%\*.exe > < %ALLUSERSPROFILE%\Application Data\*.exe > < %APPDATA%\*. >[2011/11/19 08:42:18 | 000,000,000 | ---D | M] -- C:\Users\Doug\AppData\Roaming\33C9A
[2011/11/18 14:31:56 | 000,000,000 | ---D | M] -- C:\Users\Doug\AppData\Roaming\aCwkUVrlOtPySiD
[2011/06/30 12:09:57 | 000,000,000 | ---D | M] -- C:\Users\Doug\AppData\Roaming\Adobe
[2010/04/25 19:23:33 | 000,000,000 | ---D | M] -- C:\Users\Doug\AppData\Roaming\Amazon
[2012/06/21 05:29:36 | 000,000,000 | ---D | M] -- C:\Users\Doug\AppData\Roaming\Apple Computer
[2011/11/28 08:13:51 | 000,000,000 | ---D | M] -- C:\Users\Doug\AppData\Roaming\CE
[2011/11/18 14:31:51 | 000,000,000 | ---D | M] -- C:\Users\Doug\AppData\Roaming\CibDonGHs7E8Tq
[2009/11/27 18:30:38 | 000,000,000 | ---D | M] -- C:\Users\Doug\AppData\Roaming\Creative
[2009/12/06 15:49:21 | 000,000,000 | ---D | M] -- C:\Users\Doug\AppData\Roaming\CyberLink
[2009/11/27 18:16:45 | 000,000,000 | ---D | M] -- C:\Users\Doug\AppData\Roaming\Dell
[2011/11/18 15:44:09 | 000,000,000 | ---D | M] -- C:\Users\Doug\AppData\Roaming\DxA0ucS2iDpGaHs
[2011/11/18 16:50:40 | 000,000,000 | ---D | M] -- C:\Users\Doug\AppData\Roaming\euvS2ibF3n5Q6W
[2012/02/16 13:26:10 | 000,000,000 | ---D | M] -- C:\Users\Doug\AppData\Roaming\F8333
[2011/04/14 12:31:31 | 000,000,000 | ---D | M] -- C:\Users\Doug\AppData\Roaming\FLIR Systems
[2012/03/22 09:08:40 | 000,000,000 | ---D | M] -- C:\Users\Doug\AppData\Roaming\FreeFileViewer
[2010/03/29 15:16:03 | 000,000,000 | ---D | M] -- C:\Users\Doug\AppData\Roaming\Google
[2012/02/01 13:51:46 | 000,000,000 | ---D | M] -- C:\Users\Doug\AppData\Roaming\HP
[2009/11/27 18:15:13 | 000,000,000 | ---D | M] -- C:\Users\Doug\AppData\Roaming\Identities
[2009/11/29 19:15:24 | 000,000,000 | ---D | M] -- C:\Users\Doug\AppData\Roaming\Macromedia
[2011/04/22 16:50:33 | 000,000,000 | ---D | M] -- C:\Users\Doug\AppData\Roaming\Malwarebytes
[2006/11/02 08:07:25 | 000,000,000 | ---D | M] -- C:\Users\Doug\AppData\Roaming\Media Center Programs
[2012/06/13 17:23:14 | 000,000,000 | --SD | M] -- C:\Users\Doug\AppData\Roaming\Microsoft
[2010/01/08 12:26:21 | 000,000,000 | ---D | M] -- C:\Users\Doug\AppData\Roaming\Mozilla
[2011/11/18 16:50:44 | 000,000,000 | ---D | M] -- C:\Users\Doug\AppData\Roaming\nmH5sWdEL
[2011/11/19 06:29:59 | 000,000,000 | ---D | M] -- C:\Users\Doug\AppData\Roaming\offRRZ99hTwjUe
[2010/03/03 11:40:34 | 000,000,000 | ---D | M] -- C:\Users\Doug\AppData\Roaming\PeerNetworking
[2011/11/18 17:34:39 | 000,000,000 | ---D | M] -- C:\Users\Doug\AppData\Roaming\PL9hTXqjUeIrOyA
[2011/11/18 14:18:19 | 000,000,000 | ---D | M] -- C:\Users\Doug\AppData\Roaming\QrllONtxx0uc1b
[2009/11/27 18:31:53 | 000,000,000 | ---D | M] -- C:\Users\Doug\AppData\Roaming\Reallusion
[2011/11/18 18:22:05 | 000,000,000 | ---D | M] -- C:\Users\Doug\AppData\Roaming\rivD3onF4m5W7E8
[2011/04/14 12:24:02 | 000,000,000 | ---D | M] -- C:\Users\Doug\AppData\Roaming\ThermaCAM Connect 3
[2011/11/18 17:34:38 | 000,000,000 | ---D | M] -- C:\Users\Doug\AppData\Roaming\wG5aQJ6dW8
[2011/11/18 14:18:12 | 000,000,000 | ---D | M] -- C:\Users\Doug\AppData\Roaming\XzPPNyycA1uv2
[2011/11/18 14:18:19 | 000,000,000 | ---D | M] -- C:\Users\Doug\AppData\Roaming\y2iibDp4aQHsWE9
[2009/12/13 11:19:21 | 000,000,000 | ---D | M] -- C:\Users\Doug\AppData\Roaming\Yahoo!
[2011/11/18 18:22:04 | 000,000,000 | ---D | M] -- C:\Users\Doug\AppData\Roaming\yELgTZqhYVlBx0c
[2011/11/18 14:18:13 | 000,000,000 | ---D | M] -- C:\Users\Doug\AppData\Roaming\ynGG55aQH6dWKf
[2011/11/18 15:44:10 | 000,000,000 | ---D | M] -- C:\Users\Doug\AppData\Roaming\YZqjYCwkIr
< MD5 for: ATAPI.SYS >[2008/01/20 19:46:50 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=1898FAE8E07D97F2F6C2D5326C633FAC -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_3956c39dd9e73fd2\atapi.sys
[2009/04/24 20:26:24 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=5EB9EF6EEC5D873E94992095A1719BF6 -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6001.22134_none_39c3f1ccf31998cb\atapi.sys
[2009/04/11 00:15:00 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows\SoftwareDistribution\Download\61da130e21aad3387c2fa3ca1d469de3\amd64_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_3b423ca9d7090b1e\atapi.sys
[2009/04/24 20:26:24 | 000,022,584 | ---- | M] () MD5=F988BB0690CD660318037908E9B8DBF7 -- C:\Windows\SysNative\drivers\atapi.sys
[2009/04/24 20:26:24 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=F988BB0690CD660318037908E9B8DBF7 -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6001.18034_none_393a5501d9fbf901\atapi.sys
< MD5 for: CSRSS.EXE >[2008/01/20 19:49:57 | 000,007,680 | ---- | M] () MD5=B4ABE68596B173FF2AB2076BC7C35EB4 -- C:\Windows\SysNative\csrss.exe
[2008/01/20 19:49:57 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=B4ABE68596B173FF2AB2076BC7C35EB4 -- C:\Windows\winsxs\amd64_microsoft-windows-csrss_31bf3856ad364e35_6.0.6001.18000_none_b5027f5b9c731f82\csrss.exe
< MD5 for: EXPLORER.EXE >[2009/04/24 20:53:49 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_b5f700fe698beb14\explorer.exe
[2011/01/16 16:55:21 | 000,255,488 | ---- | M] () MD5=3C33B26F2F7FA61D882515F2D6078691 -- C:\Users\Doug\AppData\Local\Temp\RarSFX10\procs\explorer.exe
[2011/01/16 17:55:21 | 000,255,488 | ---- | M] () MD5=3C33B26F2F7FA61D882515F2D6078691 -- C:\Users\Doug\AppData\Local\Temp\RarSFX5\procs\explorer.exe
[2011/01/16 16:55:21 | 000,255,488 | ---- | M] () MD5=3C33B26F2F7FA61D882515F2D6078691 -- C:\Users\Doug\AppData\Local\Temp\RarSFX9\procs\explorer.exe
[2009/04/24 20:53:48 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\SysWOW64\explorer.exe
[2009/04/24 20:53:48 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_b7eb106e66a7ac19\explorer.exe
[2009/04/24 20:53:48 | 003,087,360 | ---- | M] (Microsoft Corporation) MD5=50514057C28A74BAC2BD04B7B990D615 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_aba256ac352b2919\explorer.exe
[2009/04/24 20:53:47 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_b8583e9d7fda0512\explorer.exe
[2009/04/11 00:10:17 | 003,079,168 | ---- | M] (Microsoft Corporation) MD5=6B08E54A451B3F95E4109DBA7E594270 -- C:\Windows\SoftwareDistribution\Download\61da130e21aad3387c2fa3ca1d469de3\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_afbebba22f3bab41\explorer.exe
[2009/04/24 20:53:48 | 003,086,848 | ---- | M] (Microsoft Corporation) MD5=72B9990E45C25AA3C75C4FB50A9D6CE0 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_ac5266dd4e2b0a41\explorer.exe
[2005/08/16 02:54:58 | 000,001,536 | ---- | M] () MD5=ABC6379205DE2618851C4FCBF72112EB -- C:\Users\Doug\AppData\Local\Temp\RarSFX10\h\explorer.exe
[2005/08/16 03:54:58 | 000,001,536 | ---- | M] () MD5=ABC6379205DE2618851C4FCBF72112EB -- C:\Users\Doug\AppData\Local\Temp\RarSFX5\h\explorer.exe
[2005/08/16 02:54:58 | 000,001,536 | ---- | M] () MD5=ABC6379205DE2618851C4FCBF72112EB -- C:\Users\Doug\AppData\Local\Temp\RarSFX9\h\explorer.exe
[2009/04/24 20:53:47 | 003,080,704 | ---- | M] (Microsoft Corporation) MD5=BBD8E74F23D7605CB0CDB57A1B25D826 -- C:\Windows\explorer.exe
[2009/04/24 20:53:47 | 003,080,704 | ---- | M] (Microsoft Corporation) MD5=BBD8E74F23D7605CB0CDB57A1B25D826 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_ad96661c3246ea1e\explorer.exe
[2009/04/10 23:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\SoftwareDistribution\Download\61da130e21aad3387c2fa3ca1d469de3\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_ba1365f4639c6d3c\explorer.exe
[2009/04/24 20:53:47 | 003,081,216 | ---- | M] (Microsoft Corporation) MD5=E404A65EF890140410E9F3D405841C95 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_ae03944b4b794317\explorer.exe
[2009/04/24 20:53:48 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_b6a7112f828bcc3c\explorer.exe
[2008/01/20 19:48:44 | 003,080,704 | ---- | M] (Microsoft Corporation) MD5=F6D765FB6B457542D954682F50C26E4F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_add342963219dff5\explorer.exe
[2008/01/20 19:49:23 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_b827ece8667aa1f0\explorer.exe
< MD5 for: MSWSOCK.DLL >[2008/01/20 19:50:56 | 000,304,128 | ---- | M] () MD5=66306D7E90650EBE667811C1AF010BAC -- C:\Windows\SysNative\mswsock.dll
[2008/01/20 19:50:56 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=66306D7E90650EBE667811C1AF010BAC -- C:\Windows\winsxs\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6001.18000_none_1471f289e5a92fc4\mswsock.dll
[2009/04/10 23:28:22 | 000,223,232 | ---- | M] (Microsoft Corporation) MD5=8617350C9B590B63E620881092751BCB -- C:\Windows\SoftwareDistribution\Download\61da130e21aad3387c2fa3ca1d469de3\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6002.18005_none_ba3ed0122a6d89da\mswsock.dll
[2008/01/20 19:48:39 | 000,223,232 | ---- | M] (Microsoft Corporation) MD5=89FD0595EEA4E505CABEFCF7008F2612 -- C:\Windows\SysWOW64\mswsock.dll
[2008/01/20 19:48:39 | 000,223,232 | ---- | M] (Microsoft Corporation) MD5=89FD0595EEA4E505CABEFCF7008F2612 -- C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6001.18000_none_b85357062d4bbe8e\mswsock.dll
[2009/04/11 00:11:16 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=BB08D93011B82883EC33C7707A9627BE -- C:\Windows\SoftwareDistribution\Download\61da130e21aad3387c2fa3ca1d469de3\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6002.18005_none_165d6b95e2cafb10\mswsock.dll
< MD5 for: NAPINSP.DLL >[2008/01/20 19:49:00 | 000,062,976 | ---- | M] () MD5=062972C53BDC6819CE0BAAAA5382F758 -- C:\Windows\SysNative\NapiNSP.dll
[2008/01/20 19:49:00 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=062972C53BDC6819CE0BAAAA5382F758 -- C:\Windows\winsxs\amd64_microsoft-windows-n..ider-infrastructure_31bf3856ad364e35_6.0.6001.18000_none_083bdc4c478e57f6\NapiNSP.dll
[2008/01/20 19:49:49 | 000,050,176 | ---- | M] (Microsoft Corporation) MD5=FC62A635063B762E1C3C60EA77279378 -- C:\Windows\SysWOW64\NapiNSP.dll
[2008/01/20 19:49:49 | 000,050,176 | ---- | M] (Microsoft Corporation) MD5=FC62A635063B762E1C3C60EA77279378 -- C:\Windows\winsxs\x86_microsoft-windows-n..ider-infrastructure_31bf3856ad364e35_6.0.6001.18000_none_ac1d40c88f30e6c0\NapiNSP.dll
< MD5 for: NLAAPI.DLL >[2008/01/20 19:50:27 | 000,061,440 | ---- | M] () MD5=C5EDECA7546B009484B23FAD0E9724C1 -- C:\Windows\SysNative\nlaapi.dll
[2008/01/20 19:50:27 | 000,061,440 | ---- | M] (Microsoft Corporation) MD5=C5EDECA7546B009484B23FAD0E9724C1 -- C:\Windows\winsxs\amd64_microsoft-windows-nlasvc_31bf3856ad364e35_6.0.6001.18000_none_c3a4914ac347b69b\nlaapi.dll
[2008/01/20 19:51:08 | 000,048,128 | ---- | M] (Microsoft Corporation) MD5=D1A84F7D4CAFCFE2A32149FF418056E5 -- C:\Windows\SysWOW64\nlaapi.dll
[2008/01/20 19:51:08 | 000,048,128 | ---- | M] (Microsoft Corporation) MD5=D1A84F7D4CAFCFE2A32149FF418056E5 -- C:\Windows\winsxs\wow64_microsoft-windows-nlasvc_31bf3856ad364e35_6.0.6001.18000_none_cdf93b9cf7a87896\nlaapi.dll
< MD5 for: PNRPNSP.DLL >[2008/01/20 19:52:02 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=690D41DF1D555F96D4898A0F54EBA065 -- C:\Windows\SysWOW64\pnrpnsp.dll
[2008/01/20 19:52:02 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=690D41DF1D555F96D4898A0F54EBA065 -- C:\Windows\winsxs\wow64_microsoft-windows-peertopeerpnrp_31bf3856ad364e35_6.0.6001.18000_none_d7f25b890f32c83a\pnrpnsp.dll
[2008/01/20 19:52:02 | 000,078,848 | ---- | M] () MD5=E1BAEEE7949ED5019259E69393367400 -- C:\Windows\SysNative\pnrpnsp.dll
[2008/01/20 19:52:02 | 000,078,848 | ---- | M] (Microsoft Corporation) MD5=E1BAEEE7949ED5019259E69393367400 -- C:\Windows\winsxs\amd64_microsoft-windows-peertopeerpnrp_31bf3856ad364e35_6.0.6001.18000_none_cd9db136dad2063f\pnrpnsp.dll
< MD5 for: SERVICES.EXE >[2008/01/20 19:50:34 | 000,279,040 | ---- | M] (Microsoft Corporation) MD5=2B336AB6286D6C81FA02CBAB914E3C6C -- C:\Windows\SysWOW64\services.exe
[2008/01/20 19:50:34 | 000,279,040 | ---- | M] (Microsoft Corporation) MD5=2B336AB6286D6C81FA02CBAB914E3C6C -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe
[2009/04/11 00:10:50 | 000,384,512 | ---- | M] (Microsoft Corporation) MD5=934E0B7D77FF78C18D9F8891221B6DE3 -- C:\Windows\SoftwareDistribution\Download\61da130e21aad3387c2fa3ca1d469de3\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_2d69d4f782c83d8c\services.exe
[2008/01/20 19:49:44 | 000,384,512 | ---- | M] () MD5=BA539D2CE99C05A180EC518EA2040D6A -- C:\Windows\SysNative\services.exe
[2009/04/10 23:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\SoftwareDistribution\Download\61da130e21aad3387c2fa3ca1d469de3\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe
[2008/01/20 19:49:44 | 000,384,512 | ---- | M] (Microsoft Corporation) MD5=DFAC660F0F139276CC9299812DE42719 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_2b7e5beb85a67240\services.exe
< MD5 for: SVCHOST.EXE >[2008/01/20 19:48:05 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\SysWOW64\svchost.exe
[2008/01/20 19:48:05 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
[2012/07/03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2008/01/20 19:50:24 | 000,027,648 | ---- | M] () MD5=CDA9F1373805AF88F6FA4F2064BBA24D -- C:\Windows\SysNative\svchost.exe
[2008/01/20 19:50:24 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=CDA9F1373805AF88F6FA4F2064BBA24D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_11d9f524bdab2f1b\svchost.exe
< MD5 for: USERINIT.EXE >[2008/01/20 19:50:36 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\SysWOW64\userinit.exe
[2008/01/20 19:50:36 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2008/01/20 19:49:46 | 000,028,160 | ---- | M] () MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\SysNative\userinit.exe
[2008/01/20 19:49:46 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_384755998a0d6941\userinit.exe
[2009/05/26 20:47:22 | 000,031,232 | ---- | M] (NirSoft) MD5=AC6094297CD882B8626466CDEB64F19F -- C:\Users\Doug\AppData\Local\Temp\RarSFX5\userinit.exe
< MD5 for: WINLOGON.EXE >[2009/04/11 00:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\SoftwareDistribution\Download\61da130e21aad3387c2fa3ca1d469de3\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_cdcd15a68a70b877\winlogon.exe
[2008/01/20 19:49:47 | 000,406,016 | ---- | M] () MD5=856491FCED98093D824B9EB2892F564A -- C:\Windows\SysNative\winlogon.exe
[2008/01/20 19:49:47 | 000,406,016 | ---- | M] (Microsoft Corporation) MD5=856491FCED98093D824B9EB2892F564A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_cbe19c9a8d4eed2b\winlogon.exe
[2009/04/10 23:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SoftwareDistribution\Download\61da130e21aad3387c2fa3ca1d469de3\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2012/07/03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009/05/26 20:47:22 | 000,031,232 | ---- | M] (NirSoft) MD5=AC6094297CD882B8626466CDEB64F19F -- C:\Users\Doug\AppData\Local\Temp\RarSFX5\winlogon.exe
[2008/01/20 19:50:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\SysWOW64\winlogon.exe
[2008/01/20 19:50:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< MD5 for: WINRNR.DLL >[2008/01/20 19:48:07 | 000,027,648 | ---- | M] () MD5=8449D81B9FB1CCADEC3E64F30E1076C7 -- C:\Windows\SysNative\winrnr.dll
[2008/01/20 19:48:07 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=8449D81B9FB1CCADEC3E64F30E1076C7 -- C:\Windows\winsxs\amd64_microsoft-windows-dns-client-winrnr_31bf3856ad364e35_6.0.6001.18000_none_b56cee730873a8a0\winrnr.dll
[2008/01/20 19:48:07 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=8449D81B9FB1CCADEC3E64F30E1076C7 -- C:\Windows\winsxs\amd64_microsoft-windows-dns-client-winrnr_31bf3856ad364e35_6.0.6002.18005_none_b758677f059573ec\winrnr.dll
[2009/04/10 23:28:25 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=C411C80F90D6732380352B98B37BBD53 -- C:\Windows\SoftwareDistribution\Download\61da130e21aad3387c2fa3ca1d469de3\x86_microsoft-windows-dns-client-winrnr_31bf3856ad364e35_6.0.6002.18005_none_5b39cbfb4d3802b6\winrnr.dll
[2006/11/02 02:46:14 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=FF78B8E67EDCE9FEED651D7858D77A04 -- C:\Windows\SysWOW64\winrnr.dll
[2006/11/02 02:46:14 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=FF78B8E67EDCE9FEED651D7858D77A04 -- C:\Windows\winsxs\x86_microsoft-windows-dns-client-winrnr_31bf3856ad364e35_6.0.6001.18000_none_594e52ef5016376a\winrnr.dll
< MD5 for: WSHELPER.DLL >[2006/11/02 02:46:14 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=20614C9F12A3A09A5015C9EBBD4419D2 -- C:\Windows\SysWOW64\wshelper.dll
[2006/11/02 02:46:14 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=20614C9F12A3A09A5015C9EBBD4419D2 -- C:\Windows\winsxs\wow64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.0.6001.18000_none_6af84843e4192e9a\wshelper.dll
[2006/11/02 04:19:11 | 000,018,944 | ---- | M] () MD5=20AEE159BD1CE0664796EDF48AF201B8 -- C:\Windows\SysNative\wshelper.dll
[2006/11/02 04:19:11 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=20AEE159BD1CE0664796EDF48AF201B8 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.0.6001.18000_none_60a39df1afb86c9f\wshelper.dll
< %systemroot%\*. /mp /s > < hklm\software\clients\startmenuinternet|command /rs >HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/07/19 10:03:31 | 000,865,776 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/07/19 10:03:31 | 000,865,776 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/07/19 10:03:31 | 000,865,776 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files (x86)\Mozilla Firefox\firefox.exe [2012/07/19 10:03:32 | 000,913,888 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -preferences [2012/07/19 10:03:32 | 000,913,888 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -safe-mode [2012/07/19 10:03:32 | 000,913,888 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\SysWOW64\ie4uinit.exe" -hide [2008/01/20 19:49:18 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\SysWOW64\ie4uinit.exe" -show [2008/01/20 19:49:18 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\SysWOW64\ie4uinit.exe" -reinstall [2008/01/20 19:49:18 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files (x86)\Internet Explorer\iexplore.exe [2011/04/21 08:02:30 | 000,634,648 | ---- | M] (Microsoft Corporation)
< hklm\software\clients\startmenuinternet|command /64 /rs >64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2008/01/20 19:48:18 | 000,084,992 | ---- | M] ()
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2008/01/20 19:48:18 | 000,084,992 | ---- | M] ()
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2008/01/20 19:48:18 | 000,084,992 | ---- | M] ()
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE [2011/04/21 08:02:30 | 000,634,648 | ---- | M] (Microsoft Corporation)
< %systemroot%\system32\*.dll /lockedfiles > < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\system32\drivers\*.sys /lockedfiles > ========== Alternate Data Streams ========== @Alternate Data Stream - 6916 bytes -> C:\Users\Doug\Desktop\Seattle Remodeling LOGO2009.png:Q30lsldxJoudresxAaaqpcawXc
< End of report >
Vino's Event Viewer v01c run on Windows Vista in English
Report run at 02/08/2012 7:34:04 AM
Note: All dates below are in the format dd/mm/yyyy
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 02/08/2012 1:56:01 PM
Type: Error Category: 0
Event: 35 Source: SideBySide
Activation context generation failed for "C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.Exe".Error in manifest or policy file "C:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL" on line 8. Component identity found in manifest does not match the identity of the component requested. Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Please use sxstrace.exe for detailed diagnosis.
Log: 'Application' Date/Time: 02/08/2012 1:57:08 PM
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 02/08/2012 1:55:32 PM
Type: Warning Category: 0
Event: 0 Source: LeapFrog Connect Device Service
The event description cannot be found.
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-01 20:59:22
-----------------------------
20:59:22.095 OS Version: Windows x64 6.0.6001 Service Pack 1
20:59:22.095 Number of processors: 2 586 0x170A
20:59:22.096 ComputerName: DOUGLT UserName: Doug
20:59:23.787 Initialize success
21:00:31.496 AVAST engine defs: 12080101
21:01:37.558 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
21:01:37.562 Disk 0 Vendor: SAMSUNG_ 2AC1 Size: 305245MB BusType: 3
21:01:37.580 Disk 0 MBR read successfully
21:01:37.584 Disk 0 MBR scan
21:01:37.591 Disk 0 Windows VISTA default MBR code
21:01:37.599 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
21:01:37.615 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 15000 MB offset 81920
21:01:37.630 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 290204 MB offset 30801920
21:01:37.660 Disk 0 scanning C:\Windows\system32\drivers
21:01:47.582 Service scanning
21:02:19.307 Modules scanning
21:02:19.318 Disk 0 trace - called modules:
21:02:19.355 ntoskrnl.exe CLASSPNP.SYS disk.sys iastor.sys hal.dll
21:02:19.712 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80048ff2c0]
21:02:19.719 3 CLASSPNP.SYS[fffffa6000d37b3a] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004580050]
21:02:21.343 AVAST engine scan C:\Windows
21:02:24.775 AVAST engine scan C:\Windows\system32
21:06:34.140 AVAST engine scan C:\Windows\system32\drivers
21:07:11.342 AVAST engine scan C:\Users\Doug
21:21:19.604 Disk 0 MBR has been saved successfully to "C:\Users\Doug\Desktop\MBR.dat"
21:21:19.620 The log file has been saved successfully to "C:\Users\Doug\Desktop\aswMBR.txt"
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-01 20:59:22
-----------------------------
20:59:22.095 OS Version: Windows x64 6.0.6001 Service Pack 1
20:59:22.095 Number of processors: 2 586 0x170A
20:59:22.096 ComputerName: DOUGLT UserName: Doug
20:59:23.787 Initialize success
21:00:31.496 AVAST engine defs: 12080101
21:01:37.558 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
21:01:37.562 Disk 0 Vendor: SAMSUNG_ 2AC1 Size: 305245MB BusType: 3
21:01:37.580 Disk 0 MBR read successfully
21:01:37.584 Disk 0 MBR scan
21:01:37.591 Disk 0 Windows VISTA default MBR code
21:01:37.599 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
21:01:37.615 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 15000 MB offset 81920
21:01:37.630 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 290204 MB offset 30801920
21:01:37.660 Disk 0 scanning C:\Windows\system32\drivers
21:01:47.582 Service scanning
21:02:19.307 Modules scanning
21:02:19.318 Disk 0 trace - called modules:
21:02:19.355 ntoskrnl.exe CLASSPNP.SYS disk.sys iastor.sys hal.dll
21:02:19.712 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80048ff2c0]
21:02:19.719 3 CLASSPNP.SYS[fffffa6000d37b3a] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004580050]
21:02:21.343 AVAST engine scan C:\Windows
21:02:24.775 AVAST engine scan C:\Windows\system32
21:06:34.140 AVAST engine scan C:\Windows\system32\drivers
21:07:11.342 AVAST engine scan C:\Users\Doug
21:21:19.604 Disk 0 MBR has been saved successfully to "C:\Users\Doug\Desktop\MBR.dat"
21:21:19.620 The log file has been saved successfully to "C:\Users\Doug\Desktop\aswMBR.txt"
21:21:22.764 AVAST engine scan C:\ProgramData
21:24:41.350 Scan finished successfully
21:26:30.635 Disk 0 MBR has been saved successfully to "C:\Users\Doug\Desktop\MBR.dat"
21:26:30.667 The log file has been saved successfully to "C:\Users\Doug\Desktop\aswMBR.txt"
06:26:18.0790 3044 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
06:26:19.0304 3044 ============================================================
06:26:19.0304 3044 Current date / time: 2012/08/02 06:26:19.0304
06:26:19.0304 3044 SystemInfo:
06:26:19.0304 3044
06:26:19.0304 3044 OS Version: 6.0.6001 ServicePack: 1.0
06:26:19.0304 3044 Product type: Workstation
06:26:19.0304 3044 ComputerName: DOUGLT
06:26:19.0304 3044 UserName: Doug
06:26:19.0304 3044 Windows directory: C:\Windows
06:26:19.0304 3044 System windows directory: C:\Windows
06:26:19.0304 3044 Running under WOW64
06:26:19.0304 3044 Processor architecture: Intel x64
06:26:19.0304 3044 Number of processors: 2
06:26:19.0304 3044 Page size: 0x1000
06:26:19.0304 3044 Boot type: Normal boot
06:26:19.0304 3044 ============================================================
06:26:19.0726 3044 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
06:26:19.0741 3044 ============================================================
06:26:19.0741 3044 \Device\Harddisk0\DR0:
06:26:19.0741 3044 MBR partitions:
06:26:19.0741 3044 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
06:26:19.0741 3044 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x236CE2B0
06:26:19.0741 3044 ============================================================
06:26:19.0804 3044 C: <-> \Device\Harddisk0\DR0\Partition1
06:26:19.0835 3044 E: <-> \Device\Harddisk0\DR0\Partition0
06:26:19.0835 3044 ============================================================
06:26:19.0835 3044 Initialize success
06:26:19.0835 3044 ============================================================
06:26:34.0936 3624 ============================================================
06:26:34.0936 3624 Scan started
06:26:34.0936 3624 Mode: Manual;
06:26:34.0936 3624 ============================================================
06:26:35.0341 3624 ACPI (af3a1aa81f875169dd9e55b1320057d6) C:\Windows\system32\drivers\acpi.sys
06:26:35.0341 3624 ACPI - ok
06:26:35.0528 3624 AdobeFlashPlayerUpdateSvc (6c40d5ed8951ab7b90d08af655224ee4) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
06:26:35.0528 3624 AdobeFlashPlayerUpdateSvc - ok
06:26:35.0606 3624 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys
06:26:35.0606 3624 adp94xx - ok
06:26:35.0669 3624 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys
06:26:35.0669 3624 adpahci - ok
06:26:35.0700 3624 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys
06:26:35.0700 3624 adpu160m - ok
06:26:35.0731 3624 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys
06:26:35.0731 3624 adpu320 - ok
06:26:35.0778 3624 AeLookupSvc (0f421175574bfe0bf2f4d8e910a253bb) C:\Windows\System32\aelupsvc.dll
06:26:35.0778 3624 AeLookupSvc - ok
06:26:35.0872 3624 AESTFilters (a6fb9db8f1a86861d955fd6975977ae0) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\AESTSr64.exe
06:26:35.0872 3624 AESTFilters - ok
06:26:35.0981 3624 AFD (9bb97042fa331a0fb4bdd98b9280a50a) C:\Windows\system32\drivers\afd.sys
06:26:35.0981 3624 AFD - ok
06:26:36.0028 3624 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys
06:26:36.0028 3624 agp440 - ok
06:26:36.0074 3624 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys
06:26:36.0090 3624 aic78xx - ok
06:26:36.0106 3624 ALG (5922f4f59b7868f3d74bbbbeb7b825a3) C:\Windows\System32\alg.exe
06:26:36.0106 3624 ALG - ok
06:26:36.0137 3624 aliide (9544c2c55541c0c6bfd7b489d0e7d430) C:\Windows\system32\drivers\aliide.sys
06:26:36.0137 3624 aliide - ok
06:26:36.0152 3624 amdide (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys
06:26:36.0168 3624 amdide - ok
06:26:36.0199 3624 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys
06:26:36.0215 3624 AmdK8 - ok
06:26:36.0277 3624 ApfiltrService (1412e9a88fe1f7e35ce6058a2ef03664) C:\Windows\system32\DRIVERS\Apfiltr.sys
06:26:36.0277 3624 ApfiltrService - ok
06:26:36.0324 3624 Appinfo (9c37b3fd5615477cb9a0cd116cf43f5c) C:\Windows\System32\appinfo.dll
06:26:36.0324 3624 Appinfo - ok
06:26:36.0371 3624 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys
06:26:36.0371 3624 arc - ok
06:26:36.0418 3624 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys
06:26:36.0418 3624 arcsas - ok
06:26:36.0449 3624 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys
06:26:36.0449 3624 AsyncMac - ok
06:26:36.0480 3624 atapi (f988bb0690cd660318037908e9b8dbf7) C:\Windows\system32\drivers\atapi.sys
06:26:36.0480 3624 atapi - ok
06:26:36.0558 3624 AudioEndpointBuilder (2a54b6a48ab6d2166271b05e9469326e) C:\Windows\System32\Audiosrv.dll
06:26:36.0558 3624 AudioEndpointBuilder - ok
06:26:36.0574 3624 AudioSrv (2a54b6a48ab6d2166271b05e9469326e) C:\Windows\System32\Audiosrv.dll
06:26:36.0574 3624 AudioSrv - ok
06:26:36.0636 3624 Auth Service (5fe758836d6654f818b478ce6934f66b) C:\Windows\system32\authServer.exe
06:26:36.0652 3624 Auth Service - ok
06:26:36.0761 3624 BcmSqlStartupSvc (2e552b658273b90251e0441631de2ca3) C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
06:26:36.0761 3624 BcmSqlStartupSvc - ok
06:26:36.0839 3624 BFE (bc4737aaffa5964e4f8827c9b8c0eb8e) C:\Windows\System32\bfe.dll
06:26:36.0854 3624 BFE - ok
06:26:36.0886 3624 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys
06:26:36.0886 3624 blbdrive - ok
06:26:36.0948 3624 bowser (f0f035fcec3554cc1b70c5611bd87951) C:\Windows\system32\DRIVERS\bowser.sys
06:26:36.0948 3624 bowser - ok
06:26:36.0979 3624 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys
06:26:36.0979 3624 BrFiltLo - ok
06:26:37.0010 3624 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys
06:26:37.0010 3624 BrFiltUp - ok
06:26:37.0042 3624 Browser (a1b39de453433b115b4ea69ee0343816) C:\Windows\System32\browser.dll
06:26:37.0042 3624 Browser - ok
06:26:37.0073 3624 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys
06:26:37.0073 3624 Brserid - ok
06:26:37.0104 3624 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys
06:26:37.0104 3624 BrSerWdm - ok
06:26:37.0104 3624 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys
06:26:37.0104 3624 BrUsbMdm - ok
06:26:37.0120 3624 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys
06:26:37.0120 3624 BrUsbSer - ok
06:26:37.0151 3624 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys
06:26:37.0151 3624 BTHMODEM - ok
06:26:37.0182 3624 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys
06:26:37.0198 3624 cdfs - ok
06:26:37.0198 3624 cdrom (3b2fb35363423ed60c8fbf15fc8680bd) C:\Windows\system32\DRIVERS\cdrom.sys
06:26:37.0198 3624 cdrom - ok
06:26:37.0260 3624 CertPropSvc (edfffc8b6afb609bf33dbe0a900426b6) C:\Windows\System32\certprop.dll
06:26:37.0260 3624 CertPropSvc - ok
06:26:37.0276 3624 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\drivers\circlass.sys
06:26:37.0276 3624 circlass - ok
06:26:37.0322 3624 CLFS (c12c4ee07843b595036da0baa6317936) C:\Windows\system32\CLFS.sys
06:26:37.0322 3624 CLFS - ok
06:26:37.0400 3624 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
06:26:37.0400 3624 clr_optimization_v2.0.50727_32 - ok
06:26:37.0478 3624 clr_optimization_v2.0.50727_64 (fa58b51ed71c9133e141164eaa7c54eb) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
06:26:37.0478 3624 clr_optimization_v2.0.50727_64 - ok
06:26:37.0556 3624 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
06:26:37.0572 3624 clr_optimization_v4.0.30319_32 - ok
06:26:37.0603 3624 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
06:26:37.0603 3624 clr_optimization_v4.0.30319_64 - ok
06:26:37.0666 3624 CmBatt (b52d9a14ce4101577900a364ba86f3df) C:\Windows\system32\DRIVERS\CmBatt.sys
06:26:37.0666 3624 CmBatt - ok
06:26:37.0681 3624 cmdide (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys
06:26:37.0681 3624 cmdide - ok
06:26:37.0712 3624 Compbatt (34a6aa82aa36c87fc8816f2097efa345) C:\Windows\system32\DRIVERS\compbatt.sys
06:26:37.0712 3624 Compbatt - ok
06:26:37.0728 3624 COMSysApp - ok
06:26:37.0853 3624 cpuz132 - ok
06:26:37.0853 3624 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys
06:26:37.0868 3624 crcdisk - ok
06:26:37.0915 3624 CryptSvc (4374f784121d8b3bb466b03f5e5ebd33) C:\Windows\system32\cryptsvc.dll
06:26:37.0915 3624 CryptSvc - ok
06:26:37.0978 3624 CtClsFlt (fc1f55ba03832fbb0daf965f746c47bb) C:\Windows\system32\DRIVERS\CtClsFlt.sys
06:26:37.0978 3624 CtClsFlt - ok
06:26:38.0056 3624 DcomLaunch (52cdade8289ff21f1f2215ff51a5f36c) C:\Windows\system32\rpcss.dll
06:26:38.0071 3624 DcomLaunch - ok
06:26:38.0134 3624 DfsC (3725c43c9e90731eca651d506cc599a3) C:\Windows\system32\Drivers\dfsc.sys
06:26:38.0134 3624 DfsC - ok
06:26:38.0368 3624 DFSR (1781f99840979ee7b126c9073c377fd0) C:\Windows\system32\DFSR.exe
06:26:38.0414 3624 DFSR - ok
06:26:38.0555 3624 Dhcp (fdaa0edfcfb70cd529589ad654651b40) C:\Windows\System32\dhcpcsvc.dll
06:26:38.0555 3624 Dhcp - ok
06:26:38.0617 3624 disk (2dc415fc05fb8a079f896cbbacb19324) C:\Windows\system32\drivers\disk.sys
06:26:38.0617 3624 disk - ok
06:26:38.0680 3624 Dnscache (daf05293c1264e251d3a25e7e24b2ddf) C:\Windows\System32\dnsrslvr.dll
06:26:38.0680 3624 Dnscache - ok
06:26:38.0726 3624 dot3svc (cc661867677627f2911c2a4970dee0f1) C:\Windows\System32\dot3svc.dll
06:26:38.0726 3624 dot3svc - ok
06:26:38.0773 3624 Dot4 (74c02b1717740c3b8039539e23e4b53f) C:\Windows\system32\DRIVERS\Dot4.sys
06:26:38.0773 3624 Dot4 - ok
06:26:38.0804 3624 Dot4Print (08321d1860235bf42cf2854234337aea) C:\Windows\system32\DRIVERS\Dot4Prt.sys
06:26:38.0804 3624 Dot4Print - ok
06:26:38.0820 3624 dot4usb (4adccf0124f2b6911d3786a5d0e779e5) C:\Windows\system32\DRIVERS\dot4usb.sys
06:26:38.0820 3624 dot4usb - ok
06:26:38.0836 3624 DPS (1583b39790db3eaec7edb0cb0140c708) C:\Windows\system32\dps.dll
06:26:38.0836 3624 DPS - ok
06:26:38.0882 3624 drmkaud (97dc2a789c1be458976507846a1a8ced) C:\Windows\system32\drivers\drmkaud.sys
06:26:38.0882 3624 drmkaud - ok
06:26:38.0960 3624 DXGKrnl (412964040ce920ff83aff6b5b551bf99) C:\Windows\System32\drivers\dxgkrnl.sys
06:26:38.0976 3624 DXGKrnl - ok
06:26:39.0038 3624 e1express (17d40652ef3e55eeae187a89df40965a) C:\Windows\system32\DRIVERS\e1e6032e.sys
06:26:39.0054 3624 e1express - ok
06:26:39.0085 3624 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys
06:26:39.0085 3624 E1G60 - ok
06:26:39.0116 3624 EapHost (c2303883fd9be49dc36a6400643002ea) C:\Windows\System32\eapsvc.dll
06:26:39.0132 3624 EapHost - ok
06:26:39.0163 3624 Ecache (7343d950a34a95dcb7441642e3e6beef) C:\Windows\system32\drivers\ecache.sys
06:26:39.0179 3624 Ecache - ok
06:26:39.0241 3624 ehRecvr (14ce384d2e27b64c256bda4dc39c312d) C:\Windows\ehome\ehRecvr.exe
06:26:39.0257 3624 ehRecvr - ok
06:26:39.0272 3624 ehSched (b93159c1313d66fdfbbe876f5189cd52) C:\Windows\ehome\ehsched.exe
06:26:39.0288 3624 ehSched - ok
06:26:39.0304 3624 ehstart (f5ee2527d74449868e3c3227a59bcd28) C:\Windows\ehome\ehstart.dll
06:26:39.0304 3624 ehstart - ok
06:26:39.0366 3624 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys
06:26:39.0366 3624 elxstor - ok
06:26:39.0428 3624 EMDMgmt (e4eb76d0a8fc43db7f36302e1f33791f) C:\Windows\system32\emdmgmt.dll
06:26:39.0444 3624 EMDMgmt - ok
06:26:39.0460 3624 ErrDev (991fab6aa066e1214efb5b496fb7959a) C:\Windows\system32\drivers\errdev.sys
06:26:39.0460 3624 ErrDev - ok
06:26:39.0522 3624 EventSystem (6b1a97bf9fefbdc83f3c7c7d0f826c66) C:\Windows\system32\es.dll
06:26:39.0522 3624 EventSystem - ok
06:26:39.0553 3624 exfat (2a546b9a84658b0554b1ec35cd9adaf5) C:\Windows\system32\drivers\exfat.sys
06:26:39.0553 3624 exfat - ok
06:26:39.0584 3624 fastfat (fe731d345ed9eeabbc72a59b35941834) C:\Windows\system32\drivers\fastfat.sys
06:26:39.0584 3624 fastfat - ok
06:26:39.0616 3624 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys
06:26:39.0616 3624 fdc - ok
06:26:39.0647 3624 fdPHost (bb9267acacd8b7533dd936c34a0cba5e) C:\Windows\system32\fdPHost.dll
06:26:39.0647 3624 fdPHost - ok
06:26:39.0662 3624 FDResPub (300c80931eabbe1db7591c516efe8d0f) C:\Windows\system32\fdrespub.dll
06:26:39.0662 3624 FDResPub - ok
06:26:39.0678 3624 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys
06:26:39.0678 3624 FileInfo - ok
06:26:39.0709 3624 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys
06:26:39.0709 3624 Filetrace - ok
06:26:39.0725 3624 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
06:26:39.0725 3624 flpydisk - ok
06:26:39.0740 3624 FltMgr (7dacf1a3a4219575070c6dc7c957428a) C:\Windows\system32\drivers\fltmgr.sys
06:26:39.0756 3624 FltMgr - ok
06:26:39.0803 3624 FlyUsb (6cd6bb45bd3e0eef6ce496bf52854ff1) C:\Windows\system32\DRIVERS\FlyUsb.sys
06:26:39.0803 3624 FlyUsb - ok
06:26:39.0912 3624 FontCache3.0.0.0 (73d0f1d32edae3dcc4e84468bf910add) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
06:26:39.0912 3624 FontCache3.0.0.0 - ok
06:26:39.0943 3624 Fs_Rec (29d99e860a1ca0a03c6a733fdd0da703) C:\Windows\system32\drivers\Fs_Rec.sys
06:26:39.0943 3624 Fs_Rec - ok
06:26:39.0974 3624 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys
06:26:39.0974 3624 gagp30kx - ok
06:26:40.0052 3624 gpsvc (9e5b254d58232ec8921ec3c5a94c81ed) C:\Windows\System32\gpsvc.dll
06:26:40.0068 3624 gpsvc - ok
06:26:40.0193 3624 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
06:26:40.0208 3624 gupdate - ok
06:26:40.0255 3624 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
06:26:40.0255 3624 gupdatem - ok
06:26:40.0286 3624 HDAudBus (0c0d0f8a3ff09ecc81963d09ec6a0a84) C:\Windows\system32\DRIVERS\HDAudBus.sys
06:26:40.0286 3624 HDAudBus - ok
06:26:40.0302 3624 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys
06:26:40.0302 3624 HidBth - ok
06:26:40.0333 3624 HidIr (4e77a77e2c986e8f88f996bb3e1ad829) C:\Windows\system32\drivers\hidir.sys
06:26:40.0333 3624 HidIr - ok
06:26:40.0364 3624 hidserv (77e34697087cfdbcfd9e0009704fb5af) C:\Windows\System32\hidserv.dll
06:26:40.0364 3624 hidserv - ok
06:26:40.0380 3624 HidUsb (128e2da8483fdd4dd0c7b3f9abd6f323) C:\Windows\system32\DRIVERS\hidusb.sys
06:26:40.0380 3624 HidUsb - ok
06:26:40.0427 3624 hkmsvc (b12f367ea39c0795fd57e31242ce1a5a) C:\Windows\system32\kmsvc.dll
06:26:40.0427 3624 hkmsvc - ok
06:26:40.0458 3624 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys
06:26:40.0458 3624 HpCISSs - ok
06:26:40.0583 3624 hpqcxs08 (0a3c6aa4a9fc38c20ba4eac2c3351c05) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
06:26:40.0583 3624 hpqcxs08 - ok
06:26:40.0614 3624 hpqddsvc (f3f72a2a86c22610bca5439fa789dd52) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
06:26:40.0614 3624 hpqddsvc - ok
06:26:40.0723 3624 HPSLPSVC (d972f48d0ce396759b788693cd665926) C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
06:26:40.0739 3624 HPSLPSVC - ok
06:26:40.0910 3624 HTTP (e690736da6c543f5d99c8fa27bea31db) C:\Windows\system32\drivers\HTTP.sys
06:26:40.0910 3624 HTTP - ok
06:26:40.0942 3624 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys
06:26:40.0942 3624 i2omp - ok
06:26:40.0973 3624 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys
06:26:40.0973 3624 i8042prt - ok
06:26:41.0098 3624 IAANTMON (7b96206e4bdd2fe582f0dbc46f5f410e) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
06:26:41.0098 3624 IAANTMON - ok
06:26:41.0160 3624 iaStor (07fb761600eff44af02c35b8b57e5863) C:\Windows\system32\drivers\iastor.sys
06:26:41.0160 3624 iaStor - ok
06:26:41.0207 3624 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys
06:26:41.0207 3624 iaStorV - ok
06:26:41.0363 3624 idsvc (76ea63cdb2d88dae7209691d089bef1d) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
06:26:41.0378 3624 idsvc - ok
06:26:42.0049 3624 igfx (f7ab8285bbecfaa5ed4050ccb89e073d) C:\Windows\system32\DRIVERS\igdkmd64.sys
06:26:42.0268 3624 igfx - ok
06:26:42.0408 3624 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys
06:26:42.0408 3624 iirsp - ok
06:26:42.0502 3624 IKEEXT (3a3b232140c33376e134e7b61a0eaa44) C:\Windows\System32\ikeext.dll
06:26:42.0502 3624 IKEEXT - ok
06:26:42.0533 3624 intelide (df797a12176f11b2d301c5b234bb200e) C:\Windows\system32\drivers\intelide.sys
06:26:42.0533 3624 intelide - ok
06:26:42.0564 3624 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys
06:26:42.0564 3624 intelppm - ok
06:26:42.0580 3624 IPBusEnum (5624bc1bc5eeb49c0ab76a8114f05ea3) C:\Windows\system32\ipbusenum.dll
06:26:42.0580 3624 IPBusEnum - ok
06:26:42.0611 3624 IpFilterDriver (99b821f5bebd6a3cc3fe564f802ae0fd) C:\Windows\system32\DRIVERS\ipfltdrv.sys
06:26:42.0611 3624 IpFilterDriver - ok
06:26:42.0673 3624 iphlpsvc (3a0427f35e7f8c16bbc5b1be32b8de76) C:\Windows\System32\iphlpsvc.dll
06:26:42.0673 3624 iphlpsvc - ok
06:26:42.0689 3624 IpInIp - ok
06:26:42.0720 3624 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys
06:26:42.0720 3624 IPMIDRV - ok
06:26:42.0751 3624 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys
06:26:42.0767 3624 IPNAT - ok
06:26:42.0782 3624 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys
06:26:42.0782 3624 IRENUM - ok
06:26:42.0814 3624 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys
06:26:42.0814 3624 isapnp - ok
06:26:42.0860 3624 iScsiPrt (49e4ccbf74783fce5d2cc1ff6480e1f4) C:\Windows\system32\DRIVERS\msiscsi.sys
06:26:42.0860 3624 iScsiPrt - ok
06:26:42.0876 3624 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys
06:26:42.0892 3624 iteatapi - ok
06:26:42.0892 3624 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys
06:26:42.0892 3624 iteraid - ok
06:26:42.0923 3624 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys
06:26:42.0923 3624 kbdclass - ok
06:26:42.0938 3624 kbdhid (bf8783a5066cfecf45095459e8010fa7) C:\Windows\system32\DRIVERS\kbdhid.sys
06:26:42.0938 3624 kbdhid - ok
06:26:42.0970 3624 KeyIso (80f4593e92ff960e4763380d3168e498) C:\Windows\system32\lsass.exe
06:26:42.0970 3624 KeyIso - ok
06:26:43.0016 3624 KSecDD (ccdcce6224e1e207e953af826b98a9d9) C:\Windows\system32\Drivers\ksecdd.sys
06:26:43.0016 3624 KSecDD - ok
06:26:43.0032 3624 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys
06:26:43.0032 3624 ksthunk - ok
06:26:43.0094 3624 KtmRm (1faf6926f3416d3da05c5b265491bdae) C:\Windows\system32\msdtckrm.dll
06:26:43.0110 3624 KtmRm - ok
06:26:43.0157 3624 LanmanServer (3f27c9cdae606d74431e3ab39571a7f3) C:\Windows\System32\srvsvc.dll
06:26:43.0157 3624 LanmanServer - ok
06:26:43.0219 3624 LanmanWorkstation (6e25ffc6fead6544c6e9f1d23329570c) C:\Windows\System32\wkssvc.dll
06:26:43.0219 3624 LanmanWorkstation - ok
06:26:43.0656 3624 LeapFrog Connect Device Service (3c879d04bb6466e2853c3155b635cc45) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
06:26:43.0718 3624 LeapFrog Connect Device Service - ok
06:26:43.0859 3624 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys
06:26:43.0859 3624 lltdio - ok
06:26:43.0906 3624 lltdsvc (961ccbd0b1ccb5675d64976fae37d092) C:\Windows\System32\lltdsvc.dll
06:26:43.0921 3624 lltdsvc - ok
06:26:43.0937 3624 lmhosts (a47f8080cacc23c91fe823ad19aa5612) C:\Windows\System32\lmhsvc.dll
06:26:43.0937 3624 lmhosts - ok
06:26:44.0046 3624 LMIGuardianSvc (108c2e48b280a7cc38bad76165715647) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
06:26:44.0046 3624 LMIGuardianSvc - ok
06:26:44.0077 3624 LMIInfo (0317335b15ff3bda8e10197e3434cfc0) C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys
06:26:44.0077 3624 LMIInfo - ok
06:26:44.0108 3624 LMIMaint (4fa9fb8819e8e6f012853d4bbc9592a7) C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
06:26:44.0108 3624 LMIMaint - ok
06:26:44.0140 3624 lmimirr (413ecdcfad9a82804d3674c8d7eec24e) C:\Windows\system32\DRIVERS\lmimirr.sys
06:26:44.0140 3624 lmimirr - ok
06:26:44.0140 3624 LMIRfsClientNP - ok
06:26:44.0155 3624 LMIRfsDriver (c57d3faa50e6f395759ffb7c709bd944) C:\Windows\system32\drivers\LMIRfsDriver.sys
06:26:44.0155 3624 LMIRfsDriver - ok
06:26:44.0218 3624 LogMeIn (d3760bc17e1755091b7120cf32dbf56b) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
06:26:44.0233 3624 LogMeIn - ok
06:26:44.0280 3624 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys
06:26:44.0280 3624 LSI_FC - ok
06:26:44.0296 3624 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys
06:26:44.0296 3624 LSI_SAS - ok
06:26:44.0342 3624 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys
06:26:44.0342 3624 LSI_SCSI - ok
06:26:44.0358 3624 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys
06:26:44.0374 3624 luafv - ok
06:26:44.0420 3624 MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys
06:26:44.0420 3624 MBAMProtector - ok
06:26:44.0545 3624 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
06:26:44.0561 3624 MBAMService - ok
06:26:44.0623 3624 McAfee SiteAdvisor Service - ok
06:26:44.0654 3624 Mcx2Svc (76a58df02bd4ea29f189b82d0bef17f8) C:\Windows\system32\Mcx2Svc.dll
06:26:44.0654 3624 Mcx2Svc - ok
06:26:44.0701 3624 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys
06:26:44.0717 3624 megasas - ok
06:26:44.0779 3624 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys
06:26:44.0779 3624 MegaSR - ok
06:26:44.0810 3624 mfebopk (2064b902db521a23fca30dc256c2acca) C:\Windows\system32\drivers\mfebopk.sys
06:26:44.0810 3624 mfebopk - ok
06:26:44.0842 3624 mferkdk (624d717b11e5004f68442b5740f17f21) C:\Windows\system32\drivers\mferkdk.sys
06:26:44.0842 3624 mferkdk - ok
06:26:44.0873 3624 mfesmfk (0cd9de7b96735f33f078c4ea044e8b34) C:\Windows\system32\drivers\mfesmfk.sys
06:26:44.0888 3624 mfesmfk - ok
06:26:44.0920 3624 MMCSS (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll
06:26:44.0920 3624 MMCSS - ok
06:26:44.0935 3624 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys
06:26:44.0935 3624 Modem - ok
06:26:44.0966 3624 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys
06:26:44.0966 3624 monitor - ok
06:26:44.0982 3624 motccgp (7bd101253058db30c52c6ea8d3911754) C:\Windows\system32\DRIVERS\motccgp.sys
06:26:44.0998 3624 motccgp - ok
06:26:45.0013 3624 motccgpfl (1a700e7063ca7f2b29a4e761da604dfb) C:\Windows\system32\DRIVERS\motccgpfl.sys
06:26:45.0013 3624 motccgpfl - ok
06:26:45.0060 3624 motmodem (940f4da752e28e6c4b1090d21aeb7b80) C:\Windows\system32\DRIVERS\motmodem.sys
06:26:45.0060 3624 motmodem - ok
06:26:45.0076 3624 motport (940f4da752e28e6c4b1090d21aeb7b80) C:\Windows\system32\DRIVERS\motport.sys
06:26:45.0076 3624 motport - ok
06:26:45.0091 3624 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys
06:26:45.0091 3624 mouclass - ok
06:26:45.0138 3624 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys
06:26:45.0138 3624 mouhid - ok
06:26:45.0154 3624 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys
06:26:45.0154 3624 MountMgr - ok
06:26:45.0247 3624 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
06:26:45.0263 3624 MozillaMaintenance - ok
06:26:45.0310 3624 MPFP (ae2e68527013eb4f761eccc630f7f1a3) C:\Windows\system32\Drivers\Mpfp.sys
06:26:45.0310 3624 MPFP - ok
06:26:45.0341 3624 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys
06:26:45.0356 3624 mpio - ok
06:26:45.0372 3624 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys
06:26:45.0372 3624 mpsdrv - ok
06:26:45.0388 3624 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys
06:26:45.0388 3624 Mraid35x - ok
06:26:45.0419 3624 MRxDAV (fe2706c15f8345c342820e4e4583fea0) C:\Windows\system32\drivers\mrxdav.sys
06:26:45.0419 3624 MRxDAV - ok
06:26:45.0497 3624 mrxsmb (b698eb9acc7ecd4927d99d268918f912) C:\Windows\system32\DRIVERS\mrxsmb.sys
06:26:45.0497 3624 mrxsmb - ok
06:26:45.0528 3624 mrxsmb10 (9a797e27fd28500ee13d43000c931435) C:\Windows\system32\DRIVERS\mrxsmb10.sys
06:26:45.0544 3624 mrxsmb10 - ok
06:26:45.0559 3624 mrxsmb20 (f9425d610712533107a264e2d5b2154b) C:\Windows\system32\DRIVERS\mrxsmb20.sys
06:26:45.0559 3624 mrxsmb20 - ok
06:26:45.0606 3624 msahci (730b784962d22d2c6481eae2370e7c8c) C:\Windows\system32\drivers\msahci.sys
06:26:45.0606 3624 msahci - ok
06:26:45.0622 3624 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys
06:26:45.0622 3624 msdsm - ok
06:26:45.0668 3624 MSDTC (7ec02ce772f068ed0beafa3da341a9bc) C:\Windows\System32\msdtc.exe
06:26:45.0668 3624 MSDTC - ok
06:26:45.0700 3624 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys
06:26:45.0700 3624 Msfs - ok
06:26:45.0731 3624 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys
06:26:45.0731 3624 msisadrv - ok
06:26:45.0762 3624 MSiSCSI (366b0c1f4478b519c181e37d43dcda32) C:\Windows\system32\iscsiexe.dll
06:26:45.0778 3624 MSiSCSI - ok
06:26:45.0778 3624 msiserver - ok
06:26:45.0809 3624 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys
06:26:45.0809 3624 MSKSSRV - ok
06:26:45.0824 3624 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys
06:26:45.0824 3624 MSPCLOCK - ok
06:26:45.0840 3624 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys
06:26:45.0840 3624 MSPQM - ok
06:26:45.0887 3624 MsRPC (b8e32e6103fbba9fbb1d0c11ff0d13b5) C:\Windows\system32\drivers\MsRPC.sys
06:26:45.0887 3624 MsRPC - ok
06:26:45.0918 3624 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys
06:26:45.0918 3624 mssmbios - ok
06:26:46.0012 3624 MSSQL$MSSMLBIZ - ok
06:26:46.0058 3624 MSSQL$XACTWARE - ok
06:26:46.0090 3624 MSSQLServerADHelper (1d89eb4e2a99cabd4e81225f4f4c4b25) c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe
06:26:46.0090 3624 MSSQLServerADHelper - ok
06:26:46.0183 3624 MSSQLServerADHelper100 (f1761c8fb2b25a32c6d63e36bb88c3ae) C:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
06:26:46.0183 3624 MSSQLServerADHelper100 - ok
06:26:46.0214 3624 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys
06:26:46.0214 3624 MSTEE - ok
06:26:46.0246 3624 Mup (ddf133501f68d6988a0f55dfa88637b4) C:\Windows\system32\Drivers\mup.sys
06:26:46.0261 3624 Mup - ok
06:26:46.0308 3624 napagent (c25022cdd18980846973b598900915f8) C:\Windows\system32\qagentRT.dll
06:26:46.0324 3624 napagent - ok
06:26:46.0355 3624 NativeWifiP (73b99c98fa3a2ed1566e02d6fe1913a5) C:\Windows\system32\DRIVERS\nwifi.sys
06:26:46.0370 3624 NativeWifiP - ok
06:26:46.0448 3624 NDIS (f9a3ae5c9f047d71a36a99f9abca7d02) C:\Windows\system32\drivers\ndis.sys
06:26:46.0464 3624 NDIS - ok
06:26:46.0480 3624 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys
06:26:46.0480 3624 NdisTapi - ok
06:26:46.0511 3624 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys
06:26:46.0511 3624 Ndisuio - ok
06:26:46.0558 3624 NdisWan (52e3e8e35101399be9b2938c992aa087) C:\Windows\system32\DRIVERS\ndiswan.sys
06:26:46.0573 3624 NdisWan - ok
06:26:46.0573 3624 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys
06:26:46.0589 3624 NDProxy - ok
06:26:46.0636 3624 Net Driver HPZ12 (d5ac41ae382738483faffbd7e373d49a) C:\Windows\system32\HPZinw12.dll
06:26:46.0636 3624 Net Driver HPZ12 - ok
06:26:46.0651 3624 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys
06:26:46.0651 3624 NetBIOS - ok
06:26:46.0682 3624 netbt (7a29ca243a629230799754162d80120f) C:\Windows\system32\DRIVERS\netbt.sys
06:26:46.0682 3624 netbt - ok
06:26:46.0729 3624 Netlogon (80f4593e92ff960e4763380d3168e498) C:\Windows\system32\lsass.exe
06:26:46.0729 3624 Netlogon - ok
06:26:46.0776 3624 Netman (9b63b29defc0f3115a559d2597bf5d75) C:\Windows\System32\netman.dll
06:26:46.0792 3624 Netman - ok
06:26:46.0823 3624 netprofm (7846d0136cc2b264926a73047ba7688a) C:\Windows\System32\netprofm.dll
06:26:46.0838 3624 netprofm - ok
06:26:46.0948 3624 NetTcpPortSharing (b84613b469b98e09f50a748c1d02e132) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
06:26:46.0948 3624 NetTcpPortSharing - ok
06:26:47.0260 3624 NETw5v64 (f17eda58c8c5b1a4f873b322729168ff) C:\Windows\system32\DRIVERS\NETw5v64.sys
06:26:47.0353 3624 NETw5v64 - ok
06:26:47.0494 3624 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys
06:26:47.0494 3624 nfrd960 - ok
06:26:47.0525 3624 NlaSvc (f145bf4c4668e7e312069f81ef847cfc) C:\Windows\System32\nlasvc.dll
06:26:47.0540 3624 NlaSvc - ok
06:26:47.0618 3624 nosGetPlusHelper (1acf98d80e95add298832c7a8996b48c) C:\Program Files (x86)\NOS\bin\getPlus_Helper_3004.dll
06:26:47.0618 3624 nosGetPlusHelper - ok
06:26:47.0650 3624 Npfs (b06154e2a2c91e9be5599fca53bc4cd0) C:\Windows\system32\drivers\Npfs.sys
06:26:47.0650 3624 Npfs - ok
06:26:47.0665 3624 nsi (acb62baa1c319b17752553df3026eeeb) C:\Windows\system32\nsisvc.dll
06:26:47.0665 3624 nsi - ok
06:26:47.0712 3624 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys
06:26:47.0712 3624 nsiproxy - ok
06:26:47.0806 3624 Ntfs (fe86ba5ac3b50e2ca911e9c60c07b638) C:\Windows\system32\drivers\Ntfs.sys
06:26:47.0837 3624 Ntfs - ok
06:26:47.0977 3624 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys
06:26:47.0977 3624 Null - ok
06:26:48.0008 3624 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys
06:26:48.0008 3624 nvraid - ok
06:26:48.0040 3624 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys
06:26:48.0040 3624 nvstor - ok
06:26:48.0055 3624 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys
06:26:48.0055 3624 nv_agp - ok
06:26:48.0071 3624 NwlnkFlt - ok
06:26:48.0071 3624 NwlnkFwd - ok
06:26:48.0118 3624 OA009Ufd (404b0121ae1a75d9a63b6934eb07c258) C:\Windows\system32\DRIVERS\OA009Ufd.sys
06:26:48.0118 3624 OA009Ufd - ok
06:26:48.0149 3624 OA009Vid (d460884eb05b90d06b35a1dbc31928df) C:\Windows\system32\DRIVERS\OA009Vid.sys
06:26:48.0164 3624 OA009Vid - ok
06:26:48.0196 3624 ohci1394 (7b58953e2f263421fdbb09a192712a85) C:\Windows\system32\drivers\ohci1394.sys
06:26:48.0211 3624 ohci1394 - ok
06:26:48.0305 3624 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
06:26:48.0305 3624 ose - ok
06:26:48.0710 3624 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
06:26:48.0742 3624 osppsvc - ok
06:26:48.0944 3624 p2pimsvc (430f35c5592d253f43a26b4f5a523dbf) C:\Windows\system32\p2psvc.dll
06:26:48.0960 3624 p2pimsvc - ok
06:26:48.0976 3624 p2psvc (430f35c5592d253f43a26b4f5a523dbf) C:\Windows\system32\p2psvc.dll
06:26:48.0991 3624 p2psvc - ok
06:26:49.0054 3624 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys
06:26:49.0054 3624 Parport - ok
06:26:49.0085 3624 partmgr (5ab40c36894f4c06bdab0c9a2fba282d) C:\Windows\system32\drivers\partmgr.sys
06:26:49.0085 3624 partmgr - ok
06:26:49.0132 3624 PcaSvc (9ab157b374192ff276c1628fbdba2b0e) C:\Windows\System32\pcasvc.dll
06:26:49.0132 3624 PcaSvc - ok
06:26:49.0147 3624 PCD5SRVC{048DBD20-445E8C82-05040104} - ok
06:26:49.0178 3624 pci (2a5b2a51559066ea84742909b5b2cd69) C:\Windows\system32\drivers\pci.sys
06:26:49.0178 3624 pci - ok
06:26:49.0194 3624 pciide (8d618c829034479985a9ed56106cc732) C:\Windows\system32\drivers\pciide.sys
06:26:49.0194 3624 pciide - ok
06:26:49.0241 3624 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys
06:26:49.0241 3624 pcmcia - ok
06:26:49.0303 3624 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys
06:26:49.0303 3624 PEAUTH - ok
06:26:49.0397 3624 PerfHost (0ed8727ea0172860f47258456c06caea) C:\Windows\SysWow64\perfhost.exe
06:26:49.0397 3624 PerfHost - ok
06:26:49.0522 3624 pla (e9e68c1a0f25cf4a7ac966eea74ee89e) C:\Windows\system32\pla.dll
06:26:49.0553 3624 pla - ok
06:26:49.0615 3624 PlugPlay (5aaa0c5534b05ed49919fcd9dbd11a5b) C:\Windows\system32\umpnpmgr.dll
06:26:49.0615 3624 PlugPlay - ok
06:26:49.0662 3624 Pml Driver HPZ12 (37f6046cdc630442d7dc087501ff6fc6) C:\Windows\system32\HPZipm12.dll
06:26:49.0662 3624 Pml Driver HPZ12 - ok
06:26:49.0740 3624 PNRPAutoReg (430f35c5592d253f43a26b4f5a523dbf) C:\Windows\system32\p2psvc.dll
06:26:49.0740 3624 PNRPAutoReg - ok
06:26:49.0756 3624 PNRPsvc (430f35c5592d253f43a26b4f5a523dbf) C:\Windows\system32\p2psvc.dll
06:26:49.0771 3624 PNRPsvc - ok
06:26:49.0834 3624 PolicyAgent (eef3688d5e9592cbbbed00de71dda1ef) C:\Windows\System32\ipsecsvc.dll
06:26:49.0834 3624 PolicyAgent - ok
06:26:49.0912 3624 PptpMiniport (f5739f2c6db2534c384ad5150808e8f5) C:\Windows\system32\DRIVERS\raspptp.sys
06:26:49.0927 3624 PptpMiniport - ok
06:26:49.0943 3624 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\drivers\processr.sys
06:26:49.0943 3624 Processor - ok
06:26:49.0974 3624 ProfSvc (b21fe10dad3ab59e78df7aa3fbf41e70) C:\Windows\system32\profsvc.dll
06:26:49.0990 3624 ProfSvc - ok
06:26:50.0021 3624 ProtectedStorage (80f4593e92ff960e4763380d3168e498) C:\Windows\system32\lsass.exe
06:26:50.0021 3624 ProtectedStorage - ok
06:26:50.0036 3624 PSched (0e0e205a296095fe4c631e6a4775ad6c) C:\Windows\system32\DRIVERS\pacer.sys
06:26:50.0036 3624 PSched - ok
06:26:50.0099 3624 PxHlpa64 (46851bc18322da70f3f2299a1007c479) C:\Windows\system32\Drivers\PxHlpa64.sys
06:26:50.0099 3624 PxHlpa64 - ok
06:26:50.0208 3624 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys
06:26:50.0224 3624 ql2300 - ok
06:26:50.0239 3624 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys
06:26:50.0239 3624 ql40xx - ok
06:26:50.0302 3624 QWAVE (90574842c3da781e279061a3eff91f07) C:\Windows\system32\qwave.dll
06:26:50.0302 3624 QWAVE - ok
06:26:50.0317 3624 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys
06:26:50.0317 3624 QWAVEdrv - ok
06:26:50.0520 3624 R300 (2a09a6b271d1f50adf5e33b37d460de6) C:\Windows\system32\DRIVERS\atikmdag.sys
06:26:50.0551 3624 R300 - ok
06:26:50.0692 3624 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys
06:26:50.0692 3624 RasAcd - ok
06:26:50.0723 3624 RasAuto (b2ae18f847d07f0044404ddf7cb04497) C:\Windows\System32\rasauto.dll
06:26:50.0723 3624 RasAuto - ok
06:26:50.0754 3624 Rasl2tp (3b9085f91ef00abd15a6f36570e90e12) C:\Windows\system32\DRIVERS\rasl2tp.sys
06:26:50.0754 3624 Rasl2tp - ok
06:26:50.0801 3624 RasMan (d0c346d7df0df9b4899631796f177d56) C:\Windows\System32\rasmans.dll
06:26:50.0801 3624 RasMan - ok
06:26:50.0832 3624 RasPppoe (2ce1703c27196094fb6e4c6e439f2c21) C:\Windows\system32\DRIVERS\raspppoe.sys
06:26:50.0832 3624 RasPppoe - ok
06:26:50.0848 3624 RasSstp (fcd04fa67e8b40fa0ad361dd38593942) C:\Windows\system32\DRIVERS\rassstp.sys
06:26:50.0848 3624 RasSstp - ok
06:26:50.0894 3624 rdbss (33fa5b6136d92ee0f53f021c79091300) C:\Windows\system32\DRIVERS\rdbss.sys
06:26:50.0894 3624 rdbss - ok
06:26:50.0894 3624 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys
06:26:50.0910 3624 RDPCDD - ok
06:26:50.0957 3624 rdpdr (c045d1fb111c28df0d1be8d4bda22c06) C:\Windows\system32\drivers\rdpdr.sys
06:26:50.0957 3624 rdpdr - ok
06:26:50.0957 3624 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys
06:26:50.0972 3624 RDPENCDD - ok
06:26:51.0004 3624 RDPWD (7747082f672aa2846235c9cea42e2e72) C:\Windows\system32\drivers\RDPWD.sys
06:26:51.0004 3624 RDPWD - ok
06:26:51.0035 3624 RemoteAccess (c612b9557da73f70d41f8a6fbc8e5344) C:\Windows\System32\mprdim.dll
06:26:51.0035 3624 RemoteAccess - ok
06:26:51.0097 3624 RemoteRegistry (416c611369cbe49074b89cee2f83abef) C:\Windows\system32\regsvc.dll
06:26:51.0097 3624 RemoteRegistry - ok
06:26:51.0113 3624 RpcLocator (f46c457840d4b7a4daafee739ce04102) C:\Windows\system32\locator.exe
06:26:51.0113 3624 RpcLocator - ok
06:26:51.0191 3624 RpcSs (52cdade8289ff21f1f2215ff51a5f36c) C:\Windows\system32\rpcss.dll
06:26:51.0191 3624 RpcSs - ok
06:26:51.0222 3624 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys
06:26:51.0238 3624 rspndr - ok
06:26:51.0269 3624 RTSTOR (39e74e264338934dbf11f8db79a3e116) C:\Windows\system32\drivers\RTSTOR64.SYS
06:26:51.0269 3624 RTSTOR - ok
06:26:51.0300 3624 SamSs (80f4593e92ff960e4763380d3168e498) C:\Windows\system32\lsass.exe
06:26:51.0300 3624 SamSs - ok
06:26:51.0316 3624 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys
06:26:51.0331 3624 sbp2port - ok
06:26:51.0362 3624 SCardSvr (f024d560fea06f8b56d673849eb89ae6) C:\Windows\System32\SCardSvr.dll
06:26:51.0362 3624 SCardSvr - ok
06:26:51.0456 3624 Schedule (ce75d26e0a1106129f4d156851e298ed) C:\Windows\system32\schedsvc.dll
06:26:51.0472 3624 Schedule - ok
06:26:51.0503 3624 SCPolicySvc (edfffc8b6afb609bf33dbe0a900426b6) C:\Windows\System32\certprop.dll
06:26:51.0518 3624 SCPolicySvc - ok
06:26:51.0534 3624 SDRSVC (4ff71b076a7760fe75ea5ae2d0ee0018) C:\Windows\System32\SDRSVC.dll
06:26:51.0534 3624 SDRSVC - ok
06:26:51.0565 3624 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
06:26:51.0565 3624 secdrv - ok
06:26:51.0612 3624 seclogon (5acdcbc67fcf894a1815b9f96d704490) C:\Windows\system32\seclogon.dll
06:26:51.0612 3624 seclogon - ok
06:26:51.0659 3624 SENS (90973a64b96cd647ff81c79443618eed) C:\Windows\System32\sens.dll
06:26:51.0659 3624 SENS - ok
06:26:51.0659 3624 Serenum (f71bfe7ac6c52273b7c82cbf1bb2a222) C:\Windows\system32\drivers\serenum.sys
06:26:51.0674 3624 Serenum - ok
06:26:51.0690 3624 Serial (e62fac91ee288db29a9696a9d279929c) C:\Windows\system32\drivers\serial.sys
06:26:51.0690 3624 Serial - ok
06:26:51.0706 3624 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys
06:26:51.0706 3624 sermouse - ok
06:26:51.0752 3624 SessionEnv (a8e4a4407a09f35dccc3771af590b0c4) C:\Windows\system32\sessenv.dll
06:26:51.0752 3624 SessionEnv - ok
06:26:51.0784 3624 sffdisk (14d4b4465193a87c127933978e8c4106) C:\Windows\system32\drivers\sffdisk.sys
06:26:51.0784 3624 sffdisk - ok
06:26:51.0799 3624 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys
06:26:51.0799 3624 sffp_mmc - ok
06:26:51.0815 3624 sffp_sd (35e59ebe4a01a0532ed67975161c7b82) C:\Windows\system32\drivers\sffp_sd.sys
06:26:51.0815 3624 sffp_sd - ok
06:26:51.0830 3624 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys
06:26:51.0830 3624 sfloppy - ok
06:26:51.0877 3624 ShellHWDetection (9235ec680d3db17464b39c7c7decb4dd) C:\Windows\System32\shsvcs.dll
06:26:51.0877 3624 ShellHWDetection - ok
06:26:51.0908 3624 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys
06:26:51.0908 3624 SiSRaid2 - ok
06:26:51.0940 3624 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys
06:26:51.0940 3624 SiSRaid4 - ok
06:26:52.0096 3624 slsvc (a301d2cefb4747dfe0c24425dcbe0b78) C:\Windows\system32\SLsvc.exe
06:26:52.0142 3624 slsvc - ok
06:26:52.0267 3624 SLUINotify (f5ddf7c0af85eb72cb295171f8c3cb35) C:\Windows\system32\SLUINotify.dll
06:26:52.0267 3624 SLUINotify - ok
06:26:52.0330 3624 Smb (41eb2e8e005feedcafce301983eff932) C:\Windows\system32\DRIVERS\smb.sys
06:26:52.0330 3624 Smb - ok
06:26:52.0345 3624 SNMPTRAP (f8f47f38909823b1af28d60b96340cff) C:\Windows\System32\snmptrap.exe
06:26:52.0361 3624 SNMPTRAP - ok
06:26:52.0361 3624 spldr (f9cb0672162f7f04248e2b82c1ff4617) C:\Windows\system32\drivers\spldr.sys
06:26:52.0361 3624 spldr - ok
06:26:52.0408 3624 Spooler (92e6738d25c2123be9515c0eac0776cd) C:\Windows\System32\spoolsv.exe
06:26:52.0423 3624 Spooler - ok
06:26:52.0564 3624 SQLAgent$MSSMLBIZ (a687b5b326afcfcf182c4931d1ff9771) C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\SQLAGENT.EXE
06:26:52.0579 3624 SQLAgent$MSSMLBIZ - ok
06:26:52.0657 3624 SQLBrowser (b54b48f6d92423440c264e91225c5ff1) c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
06:26:52.0657 3624 SQLBrowser - ok
06:26:52.0735 3624 SQLWriter (6d65985945b03ca59b67d0b73702fc7b) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
06:26:52.0735 3624 SQLWriter - ok
06:26:52.0829 3624 srv (a8abd7d0d907b45cf3831f4dd8644349) C:\Windows\system32\DRIVERS\srv.sys
06:26:52.0844 3624 srv - ok
06:26:52.0907 3624 srv2 (6c72eea39e1c37b436a6d1532999f9ec) C:\Windows\system32\DRIVERS\srv2.sys
06:26:52.0922 3624 srv2 - ok
06:26:52.0938 3624 srvnet (7f69bcf9e6fa3d93c82ee6b87812666d) C:\Windows\system32\DRIVERS\srvnet.sys
06:26:52.0938 3624 srvnet - ok
06:26:52.0985 3624 SSDPSRV (192c74646ec5725aef3f80d19ff75f6a) C:\Windows\System32\ssdpsrv.dll
06:26:52.0985 3624 SSDPSRV - ok
06:26:53.0032 3624 SstpSvc (2ee3fa0308e6185ba64a9a7f2e74332b) C:\Windows\system32\sstpsvc.dll
06:26:53.0032 3624 SstpSvc - ok
06:26:53.0125 3624 STacSV (c5df63ae2693c9b6b01b4a2e6c1c64ac) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\STacSV64.exe
06:26:53.0141 3624 STacSV - ok
06:26:53.0203 3624 STHDA (ba16447226abfd342e130d2f24f73d32) C:\Windows\system32\DRIVERS\stwrt64.sys
06:26:53.0203 3624 STHDA - ok
06:26:53.0250 3624 StillCam (14b4db4381e4a55f570d8bb699b791d6) C:\Windows\system32\DRIVERS\serscan.sys
06:26:53.0250 3624 StillCam - ok
06:26:53.0328 3624 stisvc (f14f7d7d68a66777fb999d5d0f21138d) C:\Windows\System32\wiaservc.dll
06:26:53.0328 3624 stisvc - ok
06:26:53.0437 3624 stllssvr (1d0063597c3666404fcf97698abeb019) C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
06:26:53.0437 3624 stllssvr - ok
06:26:53.0468 3624 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys
06:26:53.0468 3624 swenum - ok
06:26:53.0531 3624 swprv (da34d6eb4a3154c0bebaeb0a2483ef3e) C:\Windows\System32\swprv.dll
06:26:53.0546 3624 swprv - ok
06:26:53.0562 3624 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys
06:26:53.0562 3624 Symc8xx - ok
06:26:53.0624 3624 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys
06:26:53.0624 3624 Sym_hi - ok
06:26:53.0640 3624 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys
06:26:53.0640 3624 Sym_u3 - ok
06:26:53.0734 3624 SysMain (bea0d5521ed21df8f6ffeed86daede7b) C:\Windows\system32\sysmain.dll
06:26:53.0749 3624 SysMain - ok
06:26:53.0780 3624 TabletInputService (005ce42567f9113a3bccb3b20073b029) C:\Windows\System32\TabSvc.dll
06:26:53.0780 3624 TabletInputService - ok
06:26:53.0812 3624 TapiSrv (52091001caf20ae84cf47023ee21b4bb) C:\Windows\System32\tapisrv.dll
06:26:53.0812 3624 TapiSrv - ok
06:26:53.0843 3624 TBS (cdbe8d7c1e201b911cdc346d06617fb5) C:\Windows\System32\tbssvc.dll
06:26:53.0858 3624 TBS - ok
06:26:53.0968 3624 Tcpip (7d86275fb640011b372fd566c0eafa8d) C:\Windows\system32\drivers\tcpip.sys
06:26:53.0999 3624 Tcpip - ok
06:26:54.0014 3624 Tcpip6 (7d86275fb640011b372fd566c0eafa8d) C:\Windows\system32\DRIVERS\tcpip.sys
06:26:54.0030 3624 Tcpip6 - ok
06:26:54.0061 3624 tcpipreg (c29d4b3b08ad0b7e8564814e4ff6a57b) C:\Windows\system32\drivers\tcpipreg.sys
06:26:54.0061 3624 tcpipreg - ok
06:26:54.0092 3624 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys
06:26:54.0092 3624 TDPIPE - ok
06:26:54.0108 3624 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys
06:26:54.0108 3624 TDTCP - ok
06:26:54.0139 3624 tdx (8c39c72e0e853de04748c0337d9b9216) C:\Windows\system32\DRIVERS\tdx.sys
06:26:54.0139 3624 tdx - ok
06:26:54.0155 3624 TermDD (3f0ebf6ee609f2a276c0d5faf244ec90) C:\Windows\system32\DRIVERS\termdd.sys
06:26:54.0155 3624 TermDD - ok
06:26:54.0217 3624 TermService (f870a5589d6a94b426efb13689023946) C:\Windows\System32\termsrv.dll
06:26:54.0233 3624 TermService - ok
06:26:54.0264 3624 Themes (9235ec680d3db17464b39c7c7decb4dd) C:\Windows\system32\shsvcs.dll
06:26:54.0264 3624 Themes - ok
06:26:54.0311 3624 THREADORDER (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll
06:26:54.0311 3624 THREADORDER - ok
06:26:54.0342 3624 TrkWks (f4689f05af472a651a7b1b7b02d200e7) C:\Windows\System32\trkwks.dll
06:26:54.0342 3624 TrkWks - ok
06:26:54.0389 3624 TrustedInstaller (ac6ff1df22ed90bad6417ee5a4c6e2f0) C:\Windows\servicing\TrustedInstaller.exe
06:26:54.0389 3624 TrustedInstaller - ok
06:26:54.0420 3624 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys
06:26:54.0420 3624 tssecsrv - ok
06:26:54.0451 3624 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys
06:26:54.0451 3624 tunmp - ok
06:26:54.0498 3624 tunnel (2dc2c423572946e9a3131425bda73cb6) C:\Windows\system32\DRIVERS\tunnel.sys
06:26:54.0498 3624 tunnel - ok
06:26:54.0529 3624 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys
06:26:54.0529 3624 uagp35 - ok
06:26:54.0576 3624 udfs (eca6629e33f122afff18a2ab7c3eb033) C:\Windows\system32\DRIVERS\udfs.sys
06:26:54.0576 3624 udfs - ok
06:26:54.0638 3624 UI0Detect (060507c4113391394478f6953a79eedc) C:\Windows\system32\UI0Detect.exe
06:26:54.0638 3624 UI0Detect - ok
06:26:54.0670 3624 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys
06:26:54.0670 3624 uliagpkx - ok
06:26:54.0716 3624 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys
06:26:54.0716 3624 uliahci - ok
06:26:54.0748 3624 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys
06:26:54.0748 3624 UlSata - ok
06:26:54.0779 3624 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys
06:26:54.0779 3624 ulsata2 - ok
06:26:54.0794 3624 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys
06:26:54.0794 3624 umbus - ok
06:26:54.0857 3624 upnphost (7093799ff80e9deca0680d2e3535be60) C:\Windows\System32\upnphost.dll
06:26:54.0857 3624 upnphost - ok
06:26:54.0904 3624 usbaudio (471474efa0640b426e9f8aa5a5fc2673) C:\Windows\system32\drivers\usbaudio.sys
06:26:54.0919 3624 usbaudio - ok
06:26:54.0966 3624 usbccgp (ae3dea342f01249317b2bb3df0424238) C:\Windows\system32\DRIVERS\usbccgp.sys
06:26:54.0966 3624 usbccgp - ok
06:26:54.0997 3624 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys
06:26:54.0997 3624 usbcir - ok
06:26:55.0028 3624 usbehci (b89f9fe9fc1e7c9cb03acb8819eb511d) C:\Windows\system32\DRIVERS\usbehci.sys
06:26:55.0028 3624 usbehci - ok
06:26:55.0075 3624 usbhub (f2c1d8eff9c7cf84ff0235408acd3f4b) C:\Windows\system32\DRIVERS\usbhub.sys
06:26:55.0075 3624 usbhub - ok
06:26:55.0122 3624 usbohci (eba14ef0c07cec233f1529c698d0d154) C:\Windows\system32\drivers\usbohci.sys
06:26:55.0122 3624 usbohci - ok
06:26:55.0153 3624 usbprint (28b693b6d31e7b9332c1bdcefef228c1) C:\Windows\system32\DRIVERS\usbprint.sys
06:26:55.0153 3624 usbprint - ok
06:26:55.0200 3624 usbscan (ea0bf666868964fbe8cb10e50c97b9f1) C:\Windows\system32\DRIVERS\usbscan.sys
06:26:55.0200 3624 usbscan - ok
06:26:55.0231 3624 USBSTOR (586d9876a4945779c8eea926c0d16889) C:\Windows\system32\DRIVERS\USBSTOR.SYS
06:26:55.0247 3624 USBSTOR - ok
06:26:55.0262 3624 usbuhci (225e107785315874ba5c1abc7dda7bfc) C:\Windows\system32\DRIVERS\usbuhci.sys
06:26:55.0262 3624 usbuhci - ok
06:26:55.0309 3624 usbvideo (fc33099877790d51b0927b7039059855) C:\Windows\system32\Drivers\usbvideo.sys
06:26:55.0309 3624 usbvideo - ok
06:26:55.0356 3624 usb_rndisx (567d09d1c41809550ece9ed22d6d612b) C:\Windows\system32\DRIVERS\usb8023x.sys
06:26:55.0356 3624 usb_rndisx - ok
06:26:55.0387 3624 UxSms (9190f03c82547afa87367f1ceca88f3b) C:\Windows\System32\uxsms.dll
06:26:55.0387 3624 UxSms - ok
06:26:55.0434 3624 vds (c15a4a550cba7b9f1f68b72528e04ce1) C:\Windows\System32\vds.exe
06:26:55.0450 3624 vds - ok
06:26:55.0481 3624 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys
06:26:55.0481 3624 vga - ok
06:26:55.0512 3624 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys
06:26:55.0512 3624 VgaSave - ok
06:26:55.0528 3624 viaide (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys
06:26:55.0528 3624 viaide - ok
06:26:55.0559 3624 volmgr (793d9b32a1c462c91f6f70358283ac97) C:\Windows\system32\drivers\volmgr.sys
06:26:55.0559 3624 volmgr - ok
06:26:55.0590 3624 volmgrx (5aa217da5dc4ff5b9ac9ab86563b3223) C:\Windows\system32\drivers\volmgrx.sys
06:26:55.0606 3624 volmgrx - ok
06:26:55.0621 3624 volsnap (de4307412d98050239026e56a7dff3c0) C:\Windows\system32\drivers\volsnap.sys
06:26:55.0637 3624 volsnap - ok
06:26:55.0684 3624 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys
06:26:55.0699 3624 vsmraid - ok
06:26:55.0808 3624 VSS (186bd53f8a408ad20f5a056c05678629) C:\Windows\system32\vssvc.exe
06:26:55.0840 3624 VSS - ok
06:26:55.0886 3624 W32Time (ba29f34a61cb55c0dee29e787542edf4) C:\Windows\system32\w32time.dll
06:26:55.0886 3624 W32Time - ok
06:26:55.0949 3624 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys
06:26:55.0949 3624 WacomPen - ok
06:26:55.0980 3624 Wanarp (aea75207e443c8623c36b8d03596f84f) C:\Windows\system32\DRIVERS\wanarp.sys
06:26:55.0980 3624 Wanarp - ok
06:26:55.0996 3624 Wanarpv6 (aea75207e443c8623c36b8d03596f84f) C:\Windows\system32\DRIVERS\wanarp.sys
06:26:55.0996 3624 Wanarpv6 - ok
06:26:56.0058 3624 wcncsvc (055449247c490e24b968b44fe8a969eb) C:\Windows\System32\wcncsvc.dll
06:26:56.0074 3624 wcncsvc - ok
06:26:56.0089 3624 WcsPlugInService (ea4b369560e986f19d93f45a881484ac) C:\Windows\System32\WcsPlugInService.dll
06:26:56.0089 3624 WcsPlugInService - ok
06:26:56.0136 3624 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys
06:26:56.0136 3624 Wd - ok
06:26:56.0183 3624 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\Windows\system32\DRIVERS\wdcsam64.sys
06:26:56.0183 3624 WDC_SAM - ok
06:26:56.0245 3624 Wdf01000 (d02e7e4567da1e7582fbf6a91144b0df) C:\Windows\system32\drivers\Wdf01000.sys
06:26:56.0261 3624 Wdf01000 - ok
06:26:56.0276 3624 WdiServiceHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll
06:26:56.0276 3624 WdiServiceHost - ok
06:26:56.0292 3624 WdiSystemHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll
06:26:56.0292 3624 WdiSystemHost - ok
06:26:56.0339 3624 WebClient (3d4ab55f8178fd0cd3ca45cd0ec9cf5b) C:\Windows\System32\webclnt.dll
06:26:56.0354 3624 WebClient - ok
06:26:56.0401 3624 Wecsvc (8d40bc587993f876658bf9fb0f7d3462) C:\Windows\system32\wecsvc.dll
06:26:56.0401 3624 Wecsvc - ok
06:26:56.0417 3624 wercplsupport (9c980351d7e96288ea0c23ae232bd065) C:\Windows\System32\wercplsupport.dll
06:26:56.0417 3624 wercplsupport - ok
06:26:56.0448 3624 WerSvc (fc25242b3bcaf7e84d9184082274ae08) C:\Windows\System32\WerSvc.dll
06:26:56.0464 3624 WerSvc - ok
06:26:56.0510 3624 WinDefend - ok
06:26:56.0526 3624 WinHttpAutoProxySvc - ok
06:26:56.0588 3624 Winmgmt (ac98f38feab066a8f983d54ff3f4fd4c) C:\Windows\system32\wbem\WMIsvc.dll
06:26:56.0588 3624 Winmgmt - ok
06:26:56.0744 3624 WinRM (6cbb0c68f13b9c2ec1b16f5fa5e7c869) C:\Windows\system32\WsmSvc.dll
06:26:56.0776 3624 WinRM - ok
06:26:56.0932 3624 Wlansvc (0a69955261c1b54206adc9beb89517de) C:\Windows\System32\wlansvc.dll
06:26:56.0947 3624 Wlansvc - ok
06:26:57.0010 3624 WmiAcpi (7999dfb1c555efc0db69576f70027867) C:\Windows\system32\DRIVERS\wmiacpi.sys
06:26:57.0010 3624 WmiAcpi - ok
06:26:57.0088 3624 wmiApSrv (d303322dd577c3deda1251ed2e7a496c) C:\Windows\system32\wbem\WmiApSrv.exe
06:26:57.0088 3624 wmiApSrv - ok
06:26:57.0134 3624 WMPNetworkSvc - ok
06:26:57.0181 3624 WPCSvc (cbc156c913f099e6680d1df9307db7a8) C:\Windows\System32\wpcsvc.dll
06:26:57.0181 3624 WPCSvc - ok
06:26:57.0212 3624 WPDBusEnum (a27c8f92d84e2ddc151978e4692c978e) C:\Windows\system32\wpdbusenum.dll
06:26:57.0212 3624 WPDBusEnum - ok
06:26:57.0400 3624 WPFFontCache_v0400 (991e2c2cf3bc204c2bb2ee1476149e4e) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
06:26:57.0415 3624 WPFFontCache_v0400 - ok
06:26:57.0462 3624 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys
06:26:57.0462 3624 ws2ifsl - ok
06:26:57.0509 3624 wscsvc (cb8ea6d95949384925ccfca21cc6dfd8) C:\Windows\system32\wscsvc.dll
06:26:57.0509 3624 wscsvc - ok
06:26:57.0509 3624 WSearch - ok
06:26:57.0696 3624 wuauserv (fb3796754fe00f0bdc87a36f164a5f4d) C:\Windows\system32\wuaueng.dll
06:26:57.0727 3624 wuauserv - ok
06:26:57.0883 3624 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys
06:26:57.0883 3624 WUDFRd - ok
06:26:57.0914 3624 wudfsvc (6cbd51ff913c851d56ed9dc7f2a27dde) C:\Windows\System32\WUDFSvc.dll
06:26:57.0914 3624 wudfsvc - ok
06:26:57.0946 3624 yksvc - ok
06:26:57.0992 3624 yukonx64 (b681cadb266b151061e7baa82b0d77b7) C:\Windows\system32\DRIVERS\yk60x64.sys
06:26:57.0992 3624 yukonx64 - ok
06:26:58.0024 3624 MBR (0x1B8) (cdb4de4bbd714f152979da2dcbef57eb) \Device\Harddisk0\DR0
06:26:58.0585 3624 \Device\Harddisk0\DR0 - ok
06:26:58.0601 3624 Boot (0x1200) (369490361fd77503299eb2caecb2e6ed) \Device\Harddisk0\DR0\Partition0
06:26:58.0601 3624 \Device\Harddisk0\DR0\Partition0 - ok
06:26:58.0616 3624 Boot (0x1200) (40bb0420a4aab2904e919c66049fee8e) \Device\Harddisk0\DR0\Partition1
06:26:58.0616 3624 \Device\Harddisk0\DR0\Partition1 - ok
06:26:58.0616 3624 ============================================================
06:26:58.0616 3624 Scan finished
06:26:58.0616 3624 ============================================================
06:26:58.0648 0604 Detected object count: 0
06:26:58.0648 0604 Actual detected object count: 0
06:27:28.0912 5444 ============================================================
06:27:28.0912 5444 Scan started
06:27:28.0912 5444 Mode: Manual; SigCheck; TDLFS;
06:27:28.0912 5444 ============================================================
06:27:29.0099 5444 ACPI (af3a1aa81f875169dd9e55b1320057d6) C:\Windows\system32\drivers\acpi.sys
06:27:29.0270 5444 ACPI - ok
06:27:29.0426 5444 AdobeFlashPlayerUpdateSvc (6c40d5ed8951ab7b90d08af655224ee4) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
06:27:29.0442 5444 AdobeFlashPlayerUpdateSvc - ok
06:27:29.0504 5444 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys
06:27:29.0536 5444 adp94xx - ok
06:27:29.0567 5444 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys
06:27:29.0598 5444 adpahci - ok
06:27:29.0645 5444 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys
06:27:29.0660 5444 adpu160m - ok
06:27:29.0692 5444 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys
06:27:29.0707 5444 adpu320 - ok
06:27:29.0785 5444 AeLookupSvc (0f421175574bfe0bf2f4d8e910a253bb) C:\Windows\System32\aelupsvc.dll
06:27:29.0941 5444 AeLookupSvc - ok
06:27:30.0019 5444 AESTFilters (a6fb9db8f1a86861d955fd6975977ae0) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\AESTSr64.exe
06:27:30.0097 5444 AESTFilters - ok
06:27:30.0175 5444 AFD (9bb97042fa331a0fb4bdd98b9280a50a) C:\Windows\system32\drivers\afd.sys
06:27:30.0269 5444 AFD - ok
06:27:30.0300 5444 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys
06:27:30.0316 5444 agp440 - ok
06:27:30.0347 5444 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys
06:27:30.0362 5444 aic78xx - ok
06:27:30.0378 5444 ALG (5922f4f59b7868f3d74bbbbeb7b825a3) C:\Windows\System32\alg.exe
06:27:30.0456 5444 ALG - ok
06:27:30.0487 5444 aliide (9544c2c55541c0c6bfd7b489d0e7d430) C:\Windows\system32\drivers\aliide.sys
06:27:30.0487 5444 aliide - ok
06:27:30.0518 5444 amdide (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys
06:27:30.0534 5444 amdide - ok
06:27:30.0565 5444 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys
06:27:30.0643 5444 AmdK8 - ok
06:27:30.0674 5444 ApfiltrService (1412e9a88fe1f7e35ce6058a2ef03664) C:\Windows\system32\DRIVERS\Apfiltr.sys
06:27:30.0846 5444 ApfiltrService - ok
06:27:30.0877 5444 Appinfo (9c37b3fd5615477cb9a0cd116cf43f5c) C:\Windows\System32\appinfo.dll
06:27:30.0955 5444 Appinfo - ok
06:27:31.0002 5444 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys
06:27:31.0018 5444 arc - ok
06:27:31.0033 5444 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys
06:27:31.0049 5444 arcsas - ok
06:27:31.0064 5444 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys
06:27:31.0127 5444 AsyncMac - ok
06:27:31.0158 5444 atapi (f988bb0690cd660318037908e9b8dbf7) C:\Windows\system32\drivers\atapi.sys
06:27:31.0174 5444 atapi - ok
06:27:31.0220 5444 AudioEndpointBuilder (2a54b6a48ab6d2166271b05e9469326e) C:\Windows\System32\Audiosrv.dll
06:27:31.0298 5444 AudioEndpointBuilder - ok
06:27:31.0314 5444 AudioSrv (2a54b6a48ab6d2166271b05e9469326e) C:\Windows\System32\Audiosrv.dll
06:27:31.0376 5444 AudioSrv - ok
06:27:31.0439 5444 Auth Service (5fe758836d6654f818b478ce6934f66b) C:\Windows\system32\authServer.exe
06:27:31.0454 5444 Auth Service ( UnsignedFile.Multi.Generic ) - warning
06:27:31.0454 5444 Auth Service - detected UnsignedFile.Multi.Generic (1)
06:27:31.0548 5444 BcmSqlStartupSvc (2e552b658273b90251e0441631de2ca3) C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
06:27:31.0564 5444 BcmSqlStartupSvc - ok
06:27:31.0657 5444 BFE (bc4737aaffa5964e4f8827c9b8c0eb8e) C:\Windows\System32\bfe.dll
06:27:31.0751 5444 BFE - ok
06:27:31.0813 5444 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys
06:27:31.0876 5444 blbdrive - ok
06:27:31.0938 5444 bowser (f0f035fcec3554cc1b70c5611bd87951) C:\Windows\system32\DRIVERS\bowser.sys
06:27:32.0000 5444 bowser - ok
06:27:32.0016 5444 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys
06:27:32.0078 5444 BrFiltLo - ok
06:27:32.0094 5444 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys
06:27:32.0156 5444 BrFiltUp - ok
06:27:32.0172 5444 Browser (a1b39de453433b115b4ea69ee0343816) C:\Windows\System32\browser.dll
06:27:32.0266 5444 Browser - ok
06:27:32.0312 5444 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys
06:27:32.0531 5444 Brserid - ok
06:27:32.0562 5444 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys
06:27:32.0671 5444 BrSerWdm - ok
06:27:32.0702 5444 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys
06:27:32.0796 5444 BrUsbMdm - ok
06:27:32.0812 5444 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys
06:27:32.0921 5444 BrUsbSer - ok
06:27:32.0936 5444 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys
06:27:33.0046 5444 BTHMODEM - ok
06:27:33.0061 5444 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys
06:27:33.0139 5444 cdfs - ok
06:27:33.0155 5444 cdrom (3b2fb35363423ed60c8fbf15fc8680bd) C:\Windows\system32\DRIVERS\cdrom.sys
06:27:33.0233 5444 cdrom - ok
06:27:33.0264 5444 CertPropSvc (edfffc8b6afb609bf33dbe0a900426b6) C:\Windows\System32\certprop.dll
06:27:33.0342 5444 CertPropSvc - ok
06:27:33.0373 5444 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\drivers\circlass.sys
06:27:33.0451 5444 circlass - ok
06:27:33.0498 5444 CLFS (c12c4ee07843b595036da0baa6317936) C:\Windows\system32\CLFS.sys
06:27:33.0514 5444 CLFS - ok
06:27:33.0592 5444 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
06:27:33.0607 5444 clr_optimization_v2.0.50727_32 - ok
06:27:33.0716 5444 clr_optimization_v2.0.50727_64 (fa58b51ed71c9133e141164eaa7c54eb) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
06:27:33.0732 5444 clr_optimization_v2.0.50727_64 - ok
06:27:33.0779 5444 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
06:27:33.0794 5444 clr_optimization_v4.0.30319_32 - ok
06:27:33.0841 5444 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
06:27:33.0857 5444 clr_optimization_v4.0.30319_64 - ok
06:27:33.0888 5444 CmBatt (b52d9a14ce4101577900a364ba86f3df) C:\Windows\system32\DRIVERS\CmBatt.sys
06:27:33.0966 5444 CmBatt - ok
06:27:33.0997 5444 cmdide (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys
06:27:34.0013 5444 cmdide - ok
06:27:34.0028 5444 Compbatt (34a6aa82aa36c87fc8816f2097efa345) C:\Windows\system32\DRIVERS\compbatt.sys
06:27:34.0044 5444 Compbatt - ok
06:27:34.0044 5444 COMSysApp - ok
06:27:34.0153 5444 cpuz132 - ok
06:27:34.0169 5444 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys
06:27:34.0184 5444 crcdisk - ok
06:27:34.0216 5444 CryptSvc (4374f784121d8b3bb466b03f5e5ebd33) C:\Windows\system32\cryptsvc.dll
06:27:34.0309 5444 CryptSvc - ok
06:27:34.0340 5444 CtClsFlt (fc1f55ba03832fbb0daf965f746c47bb) C:\Windows\system32\DRIVERS\CtClsFlt.sys
06:27:34.0372 5444 CtClsFlt - ok
06:27:34.0450 5444 DcomLaunch (52cdade8289ff21f1f2215ff51a5f36c) C:\Windows\system32\rpcss.dll
06:27:34.0559 5444 DcomLaunch - ok
06:27:34.0621 5444 DfsC (3725c43c9e90731eca651d506cc599a3) C:\Windows\system32\Drivers\dfsc.sys
06:27:34.0684 5444 DfsC - ok
06:27:34.0996 5444 DFSR (1781f99840979ee7b126c9073c377fd0) C:\Windows\system32\DFSR.exe
06:27:35.0136 5444 DFSR - ok
06:27:35.0261 5444 Dhcp (fdaa0edfcfb70cd529589ad654651b40) C:\Windows\System32\dhcpcsvc.dll
06:27:35.0354 5444 Dhcp - ok
06:27:35.0401 5444 disk (2dc415fc05fb8a079f896cbbacb19324) C:\Windows\system32\drivers\disk.sys
06:27:35.0417 5444 disk - ok
06:27:35.0479 5444 Dnscache (daf05293c1264e251d3a25e7e24b2ddf) C:\Windows\System32\dnsrslvr.dll
06:27:35.0542 5444 Dnscache - ok
06:27:35.0588 5444 dot3svc (cc661867677627f2911c2a4970dee0f1) C:\Windows\System32\dot3svc.dll
06:27:35.0682 5444 dot3svc - ok
06:27:35.0729 5444 Dot4 (74c02b1717740c3b8039539e23e4b53f) C:\Windows\system32\DRIVERS\Dot4.sys
06:27:35.0807 5444 Dot4 - ok
06:27:35.0822 5444 Dot4Print (08321d1860235bf42cf2854234337aea) C:\Windows\system32\DRIVERS\Dot4Prt.sys
06:27:35.0885 5444 Dot4Print - ok
06:27:35.0900 5444 dot4usb (4adccf0124f2b6911d3786a5d0e779e5) C:\Windows\system32\DRIVERS\dot4usb.sys
06:27:35.0963 5444 dot4usb - ok
06:27:36.0010 5444 DPS (1583b39790db3eaec7edb0cb0140c708) C:\Windows\system32\dps.dll
06:27:36.0103 5444 DPS - ok
06:27:36.0134 5444 drmkaud (97dc2a789c1be458976507846a1a8ced) C:\Windows\system32\drivers\drmkaud.sys
06:27:36.0197 5444 drmkaud - ok
06:27:36.0290 5444 DXGKrnl (412964040ce920ff83aff6b5b551bf99) C:\Windows\System32\drivers\dxgkrnl.sys
06:27:36.0368 5444 DXGKrnl - ok
06:27:36.0431 5444 e1express (17d40652ef3e55eeae187a89df40965a) C:\Windows\system32\DRIVERS\e1e6032e.sys
06:27:36.0509 5444 e1express - ok
06:27:36.0524 5444 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys
06:27:36.0602 5444 E1G60 - ok
06:27:36.0634 5444 EapHost (c2303883fd9be49dc36a6400643002ea) C:\Windows\System32\eapsvc.dll
06:27:36.0696 5444 EapHost - ok
06:27:36.0727 5444 Ecache (7343d950a34a95dcb7441642e3e6beef) C:\Windows\system32\drivers\ecache.sys
06:27:36.0743 5444 Ecache - ok
06:27:36.0805 5444 ehRecvr (14ce384d2e27b64c256bda4dc39c312d) C:\Windows\ehome\ehRecvr.exe
06:27:36.0836 5444 ehRecvr - ok
06:27:36.0883 5444 ehSched (b93159c1313d66fdfbbe876f5189cd52) C:\Windows\ehome\ehsched.exe
06:27:36.0914 5444 ehSched - ok
06:27:36.0946 5444 ehstart (f5ee2527d74449868e3c3227a59bcd28) C:\Windows\ehome\ehstart.dll
06:27:36.0992 5444 ehstart - ok
06:27:37.0055 5444 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys
06:27:37.0070 5444 elxstor - ok
06:27:37.0133 5444 EMDMgmt (e4eb76d0a8fc43db7f36302e1f33791f) C:\Windows\system32\emdmgmt.dll
06:27:37.0226 5444 EMDMgmt - ok
06:27:37.0242 5444 ErrDev (991fab6aa066e1214efb5b496fb7959a) C:\Windows\system32\drivers\errdev.sys
06:27:37.0304 5444 ErrDev - ok
06:27:37.0367 5444 EventSystem (6b1a97bf9fefbdc83f3c7c7d0f826c66) C:\Windows\system32\es.dll
06:27:37.0429 5444 EventSystem - ok
06:27:37.0492 5444 exfat (2a546b9a84658b0554b1ec35cd9adaf5) C:\Windows\system32\drivers\exfat.sys
06:27:37.0538 5444 exfat - ok
06:27:37.0585 5444 fastfat (fe731d345ed9eeabbc72a59b35941834) C:\Windows\system32\drivers\fastfat.sys
06:27:37.0648 5444 fastfat - ok
06:27:37.0663 5444 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys
06:27:37.0741 5444 fdc - ok
06:27:37.0772 5444 fdPHost (bb9267acacd8b7533dd936c34a0cba5e) C:\Windows\system32\fdPHost.dll
06:27:37.0835 5444 fdPHost - ok
06:27:37.0850 5444 FDResPub (300c80931eabbe1db7591c516efe8d0f) C:\Windows\system32\fdrespub.dll
06:27:37.0944 5444 FDResPub - ok
06:27:37.0960 5444 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys
06:27:37.0975 5444 FileInfo - ok
06:27:38.0006 5444 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys
06:27:38.0053 5444 Filetrace - ok
06:27:38.0069 5444 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
06:27:38.0147 5444 flpydisk - ok
06:27:38.0194 5444 FltMgr (7dacf1a3a4219575070c6dc7c957428a) C:\Windows\system32\drivers\fltmgr.sys
06:27:38.0209 5444 FltMgr - ok
06:27:38.0240 5444 FlyUsb (6cd6bb45bd3e0eef6ce496bf52854ff1) C:\Windows\system32\DRIVERS\FlyUsb.sys
06:27:38.0287 5444 FlyUsb - ok
06:27:38.0350 5444 FontCache3.0.0.0 (73d0f1d32edae3dcc4e84468bf910add) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
06:27:38.0365 5444 FontCache3.0.0.0 - ok
06:27:38.0381 5444 Fs_Rec (29d99e860a1ca0a03c6a733fdd0da703) C:\Windows\system32\drivers\Fs_Rec.sys
06:27:38.0443 5444 Fs_Rec - ok
06:27:38.0474 5444 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys
06:27:38.0490 5444 gagp30kx - ok
06:27:38.0568 5444 gpsvc (9e5b254d58232ec8921ec3c5a94c81ed) C:\Windows\System32\gpsvc.dll
06:27:38.0630 5444 gpsvc - ok
06:27:38.0755 5444 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
06:27:38.0771 5444 gupdate - ok
06:27:38.0771 5444 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
06:27:38.0786 5444 gupdatem - ok
06:27:38.0818 5444 HDAudBus (0c0d0f8a3ff09ecc81963d09ec6a0a84) C:\Windows\system32\DRIVERS\HDAudBus.sys
06:27:38.0896 5444 HDAudBus - ok
06:27:38.0911 5444 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys
06:27:39.0005 5444 HidBth - ok
06:27:39.0036 5444 HidIr (4e77a77e2c986e8f88f996bb3e1ad829) C:\Windows\system32\drivers\hidir.sys
06:27:39.0130 5444 HidIr - ok
06:27:39.0161 5444 hidserv (77e34697087cfdbcfd9e0009704fb5af) C:\Windows\System32\hidserv.dll
06:27:39.0208 5444 hidserv - ok
06:27:39.0223 5444 HidUsb (128e2da8483fdd4dd0c7b3f9abd6f323) C:\Windows\system32\DRIVERS\hidusb.sys
06:27:39.0301 5444 HidUsb - ok
06:27:39.0332 5444 hkmsvc (b12f367ea39c0795fd57e31242ce1a5a) C:\Windows\system32\kmsvc.dll
06:27:39.0410 5444 hkmsvc - ok
06:27:39.0426 5444 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys
06:27:39.0442 5444 HpCISSs - ok
06:27:39.0566 5444 hpqcxs08 (0a3c6aa4a9fc38c20ba4eac2c3351c05) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
06:27:39.0598 5444 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
06:27:39.0598 5444 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
06:27:39.0644 5444 hpqddsvc (f3f72a2a86c22610bca5439fa789dd52) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
06:27:39.0660 5444 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
06:27:39.0660 5444 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
06:27:39.0754 5444 HPSLPSVC (d972f48d0ce396759b788693cd665926) C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
06:27:39.0847 5444 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
06:27:39.0847 5444 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
06:27:40.0019 5444 HTTP (e690736da6c543f5d99c8fa27bea31db) C:\Windows\system32\drivers\HTTP.sys
06:27:40.0112 5444 HTTP - ok
06:27:40.0159 5444 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys
06:27:40.0175 5444 i2omp - ok
06:27:40.0206 5444 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys
06:27:40.0268 5444 i8042prt - ok
06:27:40.0424 5444 IAANTMON (7b96206e4bdd2fe582f0dbc46f5f410e) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
06:27:40.0440 5444 IAANTMON - ok
06:27:40.0502 5444 iaStor (07fb761600eff44af02c35b8b57e5863) C:\Windows\system32\drivers\iastor.sys
06:27:40.0518 5444 iaStor - ok
06:27:40.0596 5444 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys
06:27:40.0612 5444 iaStorV - ok
06:27:40.0752 5444 idsvc (76ea63cdb2d88dae7209691d089bef1d) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
06:27:40.0799 5444 idsvc - ok
06:27:41.0430 5444 igfx (f7ab8285bbecfaa5ed4050ccb89e073d) C:\Windows\system32\DRIVERS\igdkmd64.sys
06:27:41.0778 5444 igfx - ok
06:27:41.0929 5444 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys
06:27:41.0944 5444 iirsp - ok
06:27:42.0007 5444 IKEEXT (3a3b232140c33376e134e7b61a0eaa44) C:\Windows\System32\ikeext.dll
06:27:42.0087 5444 IKEEXT - ok
06:27:42.0129 5444 intelide (df797a12176f11b2d301c5b234bb200e) C:\Windows\system32\drivers\intelide.sys
06:27:42.0143 5444 intelide - ok
06:27:42.0166 5444 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys
06:27:42.0216 5444 intelppm - ok
06:27:42.0251 5444 IPBusEnum (5624bc1bc5eeb49c0ab76a8114f05ea3) C:\Windows\system32\ipbusenum.dll
06:27:42.0305 5444 IPBusEnum - ok
06:27:42.0326 5444 IpFilterDriver (99b821f5bebd6a3cc3fe564f802ae0fd) C:\Windows\system32\DRIVERS\ipfltdrv.sys
06:27:42.0363 5444 IpFilterDriver - ok
06:27:42.0400 5444 iphlpsvc (3a0427f35e7f8c16bbc5b1be32b8de76) C:\Windows\System32\iphlpsvc.dll
06:27:42.0438 5444 iphlpsvc - ok
06:27:42.0442 5444 IpInIp - ok
06:27:42.0478 5444 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys
06:27:42.0515 5444 IPMIDRV - ok
06:27:42.0558 5444 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys
06:27:42.0606 5444 IPNAT - ok
06:27:42.0621 5444 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys
06:27:42.0674 5444 IRENUM - ok
06:27:42.0695 5444 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys
06:27:42.0704 5444 isapnp - ok
06:27:42.0756 5444 iScsiPrt (49e4ccbf74783fce5d2cc1ff6480e1f4) C:\Windows\system32\DRIVERS\msiscsi.sys
06:27:42.0769 5444 iScsiPrt - ok
06:27:42.0795 5444 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys
06:27:42.0803 5444 iteatapi - ok
06:27:42.0809 5444 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys
06:27:42.0819 5444 iteraid - ok
06:27:42.0831 5444 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys
06:27:42.0841 5444 kbdclass - ok
06:27:42.0855 5444 kbdhid (bf8783a5066cfecf45095459e8010fa7) C:\Windows\system32\DRIVERS\kbdhid.sys
06:27:42.0937 5444 kbdhid - ok
06:27:42.0972 5444 KeyIso (80f4593e92ff960e4763380d3168e498) C:\Windows\system32\lsass.exe
06:27:43.0018 5444 KeyIso - ok
06:27:43.0069 5444 KSecDD (ccdcce6224e1e207e953af826b98a9d9) C:\Windows\system32\Drivers\ksecdd.sys
06:27:43.0099 5444 KSecDD - ok
06:27:43.0139 5444 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys
06:27:43.0214 5444 ksthunk - ok
06:27:43.0278 5444 KtmRm (1faf6926f3416d3da05c5b265491bdae) C:\Windows\system32\msdtckrm.dll
06:27:43.0361 5444 KtmRm - ok
06:27:43.0414 5444 LanmanServer (3f27c9cdae606d74431e3ab39571a7f3) C:\Windows\System32\srvsvc.dll
06:27:43.0481 5444 LanmanServer - ok
06:27:43.0513 5444 LanmanWorkstation (6e25ffc6fead6544c6e9f1d23329570c) C:\Windows\System32\wkssvc.dll
06:27:43.0561 5444 LanmanWorkstation - ok
06:27:44.0012 5444 LeapFrog Connect Device Service (3c879d04bb6466e2853c3155b635cc45) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
06:27:44.0196 5444 LeapFrog Connect Device Service - ok
06:27:44.0347 5444 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys
06:27:44.0414 5444 lltdio - ok
06:27:44.0467 5444 lltdsvc (961ccbd0b1ccb5675d64976fae37d092) C:\Windows\System32\lltdsvc.dll
06:27:44.0546 5444 lltdsvc - ok
06:27:44.0568 5444 lmhosts (a47f8080cacc23c91fe823ad19aa5612) C:\Windows\System32\lmhsvc.dll
06:27:44.0648 5444 lmhosts - ok
06:27:44.0781 5444 LMIGuardianSvc (108c2e48b280a7cc38bad76165715647) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
06:27:44.0802 5444 LMIGuardianSvc - ok
06:27:44.0808 5444 LMIInfo (0317335b15ff3bda8e10197e3434cfc0) C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys
06:27:44.0819 5444 LMIInfo - ok
06:27:44.0852 5444 LMIMaint (4fa9fb8819e8e6f012853d4bbc9592a7) C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
06:27:44.0865 5444 LMIMaint - ok
06:27:44.0880 5444 lmimirr (413ecdcfad9a82804d3674c8d7eec24e) C:\Windows\system32\DRIVERS\lmimirr.sys
06:27:44.0890 5444 lmimirr - ok
06:27:44.0896 5444 LMIRfsClientNP - ok
06:27:44.0916 5444 LMIRfsDriver (c57d3faa50e6f395759ffb7c709bd944) C:\Windows\system32\drivers\LMIRfsDriver.sys
06:27:44.0928 5444 LMIRfsDriver - ok
06:27:44.0975 5444 LogMeIn (d3760bc17e1755091b7120cf32dbf56b) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
06:27:44.0995 5444 LogMeIn - ok
06:27:45.0044 5444 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys
06:27:45.0060 5444 LSI_FC - ok
06:27:45.0077 5444 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys
06:27:45.0093 5444 LSI_SAS - ok
06:27:45.0122 5444 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys
06:27:45.0138 5444 LSI_SCSI - ok
06:27:45.0162 5444 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys
06:27:45.0231 5444 luafv - ok
06:27:45.0261 5444 MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys
06:27:45.0276 5444 MBAMProtector - ok
06:27:45.0393 5444 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
06:27:45.0424 5444 MBAMService - ok
06:27:45.0473 5444 McAfee SiteAdvisor Service - ok
06:27:45.0554 5444 Mcx2Svc (76a58df02bd4ea29f189b82d0bef17f8) C:\Windows\system32\Mcx2Svc.dll
06:27:45.0590 5444 Mcx2Svc - ok
06:27:45.0623 5444 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys
06:27:45.0638 5444 megasas - ok
06:27:45.0682 5444 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys
06:27:45.0711 5444 MegaSR - ok
06:27:45.0742 5444 mfebopk (2064b902db521a23fca30dc256c2acca) C:\Windows\system32\drivers\mfebopk.sys
06:27:45.0754 5444 mfebopk - ok
06:27:45.0803 5444 mferkdk (624d717b11e5004f68442b5740f17f21) C:\Windows\system32\drivers\mferkdk.sys
06:27:45.0813 5444 mferkdk - ok
06:27:45.0859 5444 mfesmfk (0cd9de7b96735f33f078c4ea044e8b34) C:\Windows\system32\drivers\mfesmfk.sys
06:27:45.0870 5444 mfesmfk - ok
06:27:45.0895 5444 MMCSS (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll
06:27:45.0968 5444 MMCSS - ok
06:27:45.0999 5444 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys
06:27:46.0071 5444 Modem - ok
06:27:46.0105 5444 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys
06:27:46.0159 5444 monitor - ok
06:27:46.0201 5444 motccgp (7bd101253058db30c52c6ea8d3911754) C:\Windows\system32\DRIVERS\motccgp.sys
06:27:46.0242 5444 motccgp - ok
06:27:46.0264 5444 motccgpfl (1a700e7063ca7f2b29a4e761da604dfb) C:\Windows\system32\DRIVERS\motccgpfl.sys
06:27:46.0288 5444 motccgpfl - ok
06:27:46.0313 5444 motmodem (940f4da752e28e6c4b1090d21aeb7b80) C:\Windows\system32\DRIVERS\motmodem.sys
06:27:46.0360 5444 motmodem - ok
06:27:46.0376 5444 motport (940f4da752e28e6c4b1090d21aeb7b80) C:\Windows\system32\DRIVERS\motport.sys
06:27:46.0400 5444 motport - ok
06:27:46.0430 5444 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys
06:27:46.0444 5444 mouclass - ok
06:27:46.0510 5444 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys
06:27:46.0583 5444 mouhid - ok
06:27:46.0616 5444 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys
06:27:46.0633 5444 MountMgr - ok
06:27:46.0730 5444 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
06:27:46.0740 5444 MozillaMaintenance - ok
06:27:46.0772 5444 MPFP (ae2e68527013eb4f761eccc630f7f1a3) C:\Windows\system32\Drivers\Mpfp.sys
06:27:46.0781 5444 MPFP - ok
06:27:46.0825 5444 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys
06:27:46.0835 5444 mpio - ok
06:27:46.0858 5444 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys
06:27:46.0917 5444 mpsdrv - ok
06:27:46.0937 5444 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys
06:27:46.0950 5444 Mraid35x - ok
06:27:46.0976 5444 MRxDAV (fe2706c15f8345c342820e4e4583fea0) C:\Windows\system32\drivers\mrxdav.sys
06:27:47.0047 5444 MRxDAV - ok
06:27:47.0090 5444 mrxsmb (b698eb9acc7ecd4927d99d268918f912) C:\Windows\system32\DRIVERS\mrxsmb.sys
06:27:47.0149 5444 mrxsmb - ok
06:27:47.0203 5444 mrxsmb10 (9a797e27fd28500ee13d43000c931435) C:\Windows\system32\DRIVERS\mrxsmb10.sys
06:27:47.0249 5444 mrxsmb10 - ok
06:27:47.0260 5444 mrxsmb20 (f9425d610712533107a264e2d5b2154b) C:\Windows\system32\DRIVERS\mrxsmb20.sys
06:27:47.0280 5444 mrxsmb20 - ok
06:27:47.0323 5444 msahci (730b784962d22d2c6481eae2370e7c8c) C:\Windows\system32\drivers\msahci.sys
06:27:47.0338 5444 msahci - ok
06:27:47.0358 5444 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys
06:27:47.0375 5444 msdsm - ok
06:27:47.0412 5444 MSDTC (7ec02ce772f068ed0beafa3da341a9bc) C:\Windows\System32\msdtc.exe
06:27:47.0481 5444 MSDTC - ok
06:27:47.0509 5444 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys
06:27:47.0576 5444 Msfs - ok
06:27:47.0595 5444 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys
06:27:47.0610 5444 msisadrv - ok
06:27:47.0647 5444 MSiSCSI (366b0c1f4478b519c181e37d43dcda32) C:\Windows\system32\iscsiexe.dll
06:27:47.0714 5444 MSiSCSI - ok
06:27:47.0721 5444 msiserver - ok
06:27:47.0740 5444 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys
06:27:47.0813 5444 MSKSSRV - ok
06:27:47.0829 5444 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys
06:27:47.0894 5444 MSPCLOCK - ok
06:27:47.0916 5444 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys
06:27:47.0970 5444 MSPQM - ok
06:27:48.0020 5444 MsRPC (b8e32e6103fbba9fbb1d0c11ff0d13b5) C:\Windows\system32\drivers\MsRPC.sys
06:27:48.0041 5444 MsRPC - ok
06:27:48.0058 5444 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys
06:27:48.0073 5444 mssmbios - ok
06:27:48.0166 5444 MSSQL$MSSMLBIZ - ok
06:27:48.0200 5444 MSSQL$XACTWARE - ok
06:27:48.0244 5444 MSSQLServerADHelper (1d89eb4e2a99cabd4e81225f4f4c4b25) c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe
06:27:48.0256 5444 MSSQLServerADHelper - ok
06:27:48.0355 5444 MSSQLServerADHelper100 (f1761c8fb2b25a32c6d63e36bb88c3ae) C:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
06:27:48.0368 5444 MSSQLServerADHelper100 - ok
06:27:48.0394 5444 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys
06:27:48.0465 5444 MSTEE - ok
06:27:48.0508 5444 Mup (ddf133501f68d6988a0f55dfa88637b4) C:\Windows\system32\Drivers\mup.sys
06:27:48.0523 5444 Mup - ok
06:27:48.0577 5444 napagent (c25022cdd18980846973b598900915f8) C:\Windows\system32\qagentRT.dll
06:27:48.0705 5444 napagent - ok
06:27:48.0745 5444 NativeWifiP (73b99c98fa3a2ed1566e02d6fe1913a5) C:\Windows\system32\DRIVERS\nwifi.sys
06:27:48.0765 5444 NativeWifiP - ok
06:27:48.0840 5444 NDIS (f9a3ae5c9f047d71a36a99f9abca7d02) C:\Windows\system32\drivers\ndis.sys
06:27:48.0876 5444 NDIS - ok
06:27:48.0913 5444 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys
06:27:48.0963 5444 NdisTapi - ok
06:27:48.0991 5444 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys
06:27:49.0058 5444 Ndisuio - ok
06:27:49.0087 5444 NdisWan (52e3e8e35101399be9b2938c992aa087) C:\Windows\system32\DRIVERS\ndiswan.sys
06:27:49.0159 5444 NdisWan - ok
06:27:49.0168 5444 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys
06:27:49.0224 5444 NDProxy - ok
06:27:49.0254 5444 Net Driver HPZ12 (d5ac41ae382738483faffbd7e373d49a) C:\Windows\system32\HPZinw12.dll
06:27:49.0261 5444 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
06:27:49.0261 5444 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
06:27:49.0283 5444 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys
06:27:49.0338 5444 NetBIOS - ok
06:27:49.0370 5444 netbt (7a29ca243a629230799754162d80120f) C:\Windows\system32\DRIVERS\netbt.sys
06:27:49.0451 5444 netbt - ok
06:27:49.0471 5444 Netlogon (80f4593e92ff960e4763380d3168e498) C:\Windows\system32\lsass.exe
06:27:49.0490 5444 Netlogon - ok
06:27:49.0536 5444 Netman (9b63b29defc0f3115a559d2597bf5d75) C:\Windows\System32\netman.dll
06:27:49.0618 5444 Netman - ok
06:27:49.0660 5444 netprofm (7846d0136cc2b264926a73047ba7688a) C:\Windows\System32\netprofm.dll
06:27:49.0738 5444 netprofm - ok
06:27:49.0842 5444 NetTcpPortSharing (b84613b469b98e09f50a748c1d02e132) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
06:27:49.0856 5444 NetTcpPortSharing - ok
06:27:50.0167 5444 NETw5v64 (f17eda58c8c5b1a4f873b322729168ff) C:\Windows\system32\DRIVERS\NETw5v64.sys
06:27:50.0341 5444 NETw5v64 - ok
06:27:50.0499 5444 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys
06:27:50.0514 5444 nfrd960 - ok
06:27:50.0550 5444 NlaSvc (f145bf4c4668e7e312069f81ef847cfc) C:\Windows\System32\nlasvc.dll
06:27:50.0631 5444 NlaSvc - ok
06:27:50.0708 5444 nosGetPlusHelper (1acf98d80e95add298832c7a8996b48c) C:\Program Files (x86)\NOS\bin\getPlus_Helper_3004.dll
06:27:50.0720 5444 nosGetPlusHelper - ok
06:27:50.0739 5444 Npfs (b06154e2a2c91e9be5599fca53bc4cd0) C:\Windows\system32\drivers\Npfs.sys
06:27:50.0808 5444 Npfs - ok
06:27:50.0834 5444 nsi (acb62baa1c319b17752553df3026eeeb) C:\Windows\system32\nsisvc.dll
06:27:50.0905 5444 nsi - ok
06:27:50.0940 5444 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys
06:27:50.0987 5444 nsiproxy - ok
06:27:51.0097 5444 Ntfs (fe86ba5ac3b50e2ca911e9c60c07b638) C:\Windows\system32\drivers\Ntfs.sys
06:27:51.0155 5444 Ntfs - ok
06:27:51.0311 5444 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys
06:27:51.0387 5444 Null - ok
06:27:51.0413 5444 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys
06:27:51.0431 5444 nvraid - ok
06:27:51.0466 5444 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys
06:27:51.0481 5444 nvstor - ok
06:27:51.0504 5444 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys
06:27:51.0520 5444 nv_agp - ok
06:27:51.0526 5444 NwlnkFlt - ok
06:27:51.0533 5444 NwlnkFwd - ok
06:27:51.0575 5444 OA009Ufd (404b0121ae1a75d9a63b6934eb07c258) C:\Windows\system32\DRIVERS\OA009Ufd.sys
06:27:51.0610 5444 OA009Ufd - ok
06:27:51.0653 5444 OA009Vid (d460884eb05b90d06b35a1dbc31928df) C:\Windows\system32\DRIVERS\OA009Vid.sys
06:27:51.0692 5444 OA009Vid - ok
06:27:51.0735 5444 ohci1394 (7b58953e2f263421fdbb09a192712a85) C:\Windows\system32\drivers\ohci1394.sys
06:27:51.0836 5444 ohci1394 - ok
06:27:51.0928 5444 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
06:27:51.0942 5444 ose - ok
06:27:52.0334 5444 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
06:27:52.0499 5444 osppsvc - ok
06:27:52.0684 5444 p2pimsvc (430f35c5592d253f43a26b4f5a523dbf) C:\Windows\system32\p2psvc.dll
06:27:52.0763 5444 p2pimsvc - ok
06:27:52.0776 5444 p2psvc (430f35c5592d253f43a26b4f5a523dbf) C:\Windows\system32\p2psvc.dll
06:27:52.0815 5444 p2psvc - ok
06:27:52.0876 5444 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys
06:27:52.0979 5444 Parport - ok
06:27:53.0008 5444 partmgr (5ab40c36894f4c06bdab0c9a2fba282d) C:\Windows\system32\drivers\partmgr.sys
06:27:53.0023 5444 partmgr - ok
06:27:53.0058 5444 PcaSvc (9ab157b374192ff276c1628fbdba2b0e) C:\Windows\System32\pcasvc.dll
06:27:53.0099 5444 PcaSvc - ok
06:27:53.0128 5444 PCD5SRVC{048DBD20-445E8C82-05040104} - ok
06:27:53.0163 5444 pci (2a5b2a51559066ea84742909b5b2cd69) C:\Windows\system32\drivers\pci.sys
06:27:53.0182 5444 pci - ok
06:27:53.0200 5444 pciide (8d618c829034479985a9ed56106cc732) C:\Windows\system32\drivers\pciide.sys
06:27:53.0213 5444 pciide - ok
06:27:53.0245 5444 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys
06:27:53.0263 5444 pcmcia - ok
06:27:53.0327 5444 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys
06:27:53.0484 5444 PEAUTH - ok
06:27:53.0567 5444 PerfHost (0ed8727ea0172860f47258456c06caea) C:\Windows\SysWow64\perfhost.exe
06:27:53.0638 5444 PerfHost - ok
06:27:53.0773 5444 pla (e9e68c1a0f25cf4a7ac966eea74ee89e) C:\Windows\system32\pla.dll
06:27:53.0867 5444 pla - ok
06:27:53.0917 5444 PlugPlay (5aaa0c5534b05ed49919fcd9dbd11a5b) C:\Windows\system32\umpnpmgr.dll
06:27:53.0995 5444 PlugPlay - ok
06:27:54.0034 5444 Pml Driver HPZ12 (37f6046cdc630442d7dc087501ff6fc6) C:\Windows\system32\HPZipm12.dll
06:27:54.0057 5444 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
06:27:54.0057 5444 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
06:27:54.0146 5444 PNRPAutoReg (430f35c5592d253f43a26b4f5a523dbf) C:\Windows\system32\p2psvc.dll
06:27:54.0181 5444 PNRPAutoReg - ok
06:27:54.0195 5444 PNRPsvc (430f35c5592d253f43a26b4f5a523dbf) C:\Windows\system32\p2psvc.dll
06:27:54.0230 5444 PNRPsvc - ok
06:27:54.0306 5444 PolicyAgent (eef3688d5e9592cbbbed00de71dda1ef) C:\Windows\System32\ipsecsvc.dll
06:27:54.0361 5444 PolicyAgent - ok
06:27:54.0427 5444 PptpMiniport (f5739f2c6db2534c384ad5150808e8f5) C:\Windows\system32\DRIVERS\raspptp.sys
06:27:54.0495 5444 PptpMiniport - ok
06:27:54.0508 5444 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\drivers\processr.sys
06:27:54.0576 5444 Processor - ok
06:27:54.0611 5444 ProfSvc (b21fe10dad3ab59e78df7aa3fbf41e70) C:\Windows\system32\profsvc.dll
06:27:54.0684 5444 ProfSvc - ok
06:27:54.0724 5444 ProtectedStorage (80f4593e92ff960e4763380d3168e498) C:\Windows\system32\lsass.exe
06:27:54.0736 5444 ProtectedStorage - ok
06:27:54.0794 5444 PSched (0e0e205a296095fe4c631e6a4775ad6c) C:\Windows\system32\DRIVERS\pacer.sys
06:27:54.0831 5444 PSched - ok
06:27:54.0868 5444 PxHlpa64 (46851bc18322da70f3f2299a1007c479) C:\Windows\system32\Drivers\PxHlpa64.sys
06:27:54.0881 5444 PxHlpa64 - ok
06:27:54.0989 5444 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys
06:27:55.0038 5444 ql2300 - ok
06:27:55.0063 5444 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys
06:27:55.0079 5444 ql40xx - ok
06:27:55.0127 5444 QWAVE (90574842c3da781e279061a3eff91f07) C:\Windows\system32\qwave.dll
06:27:55.0170 5444 QWAVE - ok
06:27:55.0195 5444 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys
06:27:55.0216 5444 QWAVEdrv - ok
06:27:55.0385 5444 R300 (2a09a6b271d1f50adf5e33b37d460de6) C:\Windows\system32\DRIVERS\atikmdag.sys
06:27:55.0595 5444 R300 - ok
06:27:55.0733 5444 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys
06:27:55.0805 5444 RasAcd - ok
06:27:55.0848 5444 RasAuto (b2ae18f847d07f0044404ddf7cb04497) C:\Windows\System32\rasauto.dll
06:27:55.0904 5444 RasAuto - ok
06:27:55.0928 5444 Rasl2tp (3b9085f91ef00abd15a6f36570e90e12) C:\Windows\system32\DRIVERS\rasl2tp.sys
06:27:55.0980 5444 Rasl2tp - ok
06:27:56.0007 5444 RasMan (d0c346d7df0df9b4899631796f177d56) C:\Windows\System32\rasmans.dll
06:27:56.0050 5444 RasMan - ok
06:27:56.0068 5444 RasPppoe (2ce1703c27196094fb6e4c6e439f2c21) C:\Windows\system32\DRIVERS\raspppoe.sys
06:27:56.0122 5444 RasPppoe - ok
06:27:56.0131 5444 RasSstp (fcd04fa67e8b40fa0ad361dd38593942) C:\Windows\system32\DRIVERS\rassstp.sys
06:27:56.0212 5444 RasSstp - ok
06:27:56.0255 5444 rdbss (33fa5b6136d92ee0f53f021c79091300) C:\Windows\system32\DRIVERS\rdbss.sys
06:27:56.0334 5444 rdbss - ok
06:27:56.0355 5444 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys
06:27:56.0409 5444 RDPCDD - ok
06:27:56.0449 5444 rdpdr (c045d1fb111c28df0d1be8d4bda22c06) C:\Windows\system32\drivers\rdpdr.sys
06:27:56.0509 5444 rdpdr - ok
06:27:56.0515 5444 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys
06:27:56.0570 5444 RDPENCDD - ok
06:27:56.0602 5444 RDPWD (7747082f672aa2846235c9cea42e2e72) C:\Windows\system32\drivers\RDPWD.sys
06:27:56.0678 5444 RDPWD - ok
06:27:56.0714 5444 RemoteAccess (c612b9557da73f70d41f8a6fbc8e5344) C:\Windows\System32\mprdim.dll
06:27:56.0776 5444 RemoteAccess - ok
06:27:56.0824 5444 RemoteRegistry (416c611369cbe49074b89cee2f83abef) C:\Windows\system32\regsvc.dll
06:27:56.0894 5444 RemoteRegistry - ok
06:27:56.0919 5444 RpcLocator (f46c457840d4b7a4daafee739ce04102) C:\Windows\system32\locator.exe
06:27:56.0960 5444 RpcLocator - ok
06:27:57.0029 5444 RpcSs (52cdade8289ff21f1f2215ff51a5f36c) C:\Windows\system32\rpcss.dll
06:27:57.0065 5444 RpcSs - ok
06:27:57.0103 5444 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys
06:27:57.0158 5444 rspndr - ok
06:27:57.0200 5444 RTSTOR (39e74e264338934dbf11f8db79a3e116) C:\Windows\system32\drivers\RTSTOR64.SYS
06:27:57.0233 5444 RTSTOR - ok
06:27:57.0268 5444 SamSs (80f4593e92ff960e4763380d3168e498) C:\Windows\system32\lsass.exe
06:27:57.0287 5444 SamSs - ok
06:27:57.0310 5444 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys
06:27:57.0325 5444 sbp2port - ok
06:27:57.0364 5444 SCardSvr (f024d560fea06f8b56d673849eb89ae6) C:\Windows\System32\SCardSvr.dll
06:27:57.0421 5444 SCardSvr - ok
06:27:57.0507 5444 Schedule (ce75d26e0a1106129f4d156851e298ed) C:\Windows\system32\schedsvc.dll
06:27:57.0614 5444 Schedule - ok
06:27:57.0653 5444 SCPolicySvc (edfffc8b6afb609bf33dbe0a900426b6) C:\Windows\System32\certprop.dll
06:27:57.0709 5444 SCPolicySvc - ok
06:27:57.0744 5444 SDRSVC (4ff71b076a7760fe75ea5ae2d0ee0018) C:\Windows\System32\SDRSVC.dll
06:27:57.0814 5444 SDRSVC - ok
06:27:57.0842 5444 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
06:27:57.0925 5444 secdrv - ok
06:27:57.0935 5444 seclogon (5acdcbc67fcf894a1815b9f96d704490) C:\Windows\system32\seclogon.dll
06:27:58.0005 5444 seclogon - ok
06:27:58.0028 5444 SENS (90973a64b96cd647ff81c79443618eed) C:\Windows\System32\sens.dll
06:27:58.0106 5444 SENS - ok
06:27:58.0131 5444 Serenum (f71bfe7ac6c52273b7c82cbf1bb2a222) C:\Windows\system32\drivers\serenum.sys
06:27:58.0234 5444 Serenum - ok
06:27:58.0260 5444 Serial (e62fac91ee288db29a9696a9d279929c) C:\Windows\system32\drivers\serial.sys
06:27:58.0360 5444 Serial - ok
06:27:58.0393 5444 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys
06:27:58.0448 5444 sermouse - ok
06:27:58.0496 5444 SessionEnv (a8e4a4407a09f35dccc3771af590b0c4) C:\Windows\system32\sessenv.dll
06:27:58.0574 5444 SessionEnv - ok
06:27:58.0596 5444 sffdisk (14d4b4465193a87c127933978e8c4106) C:\Windows\system32\drivers\sffdisk.sys
06:27:58.0666 5444 sffdisk - ok
06:27:58.0697 5444 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys
06:27:58.0772 5444 sffp_mmc - ok
06:27:58.0791 5444 sffp_sd (35e59ebe4a01a0532ed67975161c7b82) C:\Windows\system32\drivers\sffp_sd.sys
06:27:58.0845 5444 sffp_sd - ok
06:27:58.0858 5444 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys
06:27:58.0957 5444 sfloppy - ok
06:27:59.0008 5444 ShellHWDetection (9235ec680d3db17464b39c7c7decb4dd) C:\Windows\System32\shsvcs.dll
06:27:59.0060 5444 ShellHWDetection - ok
06:27:59.0080 5444 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys
06:27:59.0095 5444 SiSRaid2 - ok
06:27:59.0124 5444 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys
06:27:59.0140 5444 SiSRaid4 - ok
06:27:59.0299 5444 slsvc (a301d2cefb4747dfe0c24425dcbe0b78) C:\Windows\system32\SLsvc.exe
06:27:59.0402 5444 slsvc - ok
06:27:59.0509 5444 SLUINotify (f5ddf7c0af85eb72cb295171f8c3cb35) C:\Windows\system32\SLUINotify.dll
06:27:59.0578 5444 SLUINotify - ok
06:27:59.0649 5444 Smb (41eb2e8e005feedcafce301983eff932) C:\Windows\system32\DRIVERS\smb.sys
06:27:59.0737 5444 Smb - ok
06:27:59.0759 5444 SNMPTRAP (f8f47f38909823b1af28d60b96340cff) C:\Windows\System32\snmptrap.exe
06:27:59.0790 5444 SNMPTRAP - ok
06:27:59.0816 5444 spldr (f9cb0672162f7f04248e2b82c1ff4617) C:\Windows\system32\drivers\spldr.sys
06:27:59.0830 5444 spldr - ok
06:27:59.0879 5444 Spooler (92e6738d25c2123be9515c0eac0776cd) C:\Windows\System32\spoolsv.exe
06:27:59.0937 5444 Spooler - ok
06:28:00.0075 5444 SQLAgent$MSSMLBIZ (a687b5b326afcfcf182c4931d1ff9771) C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\SQLAGENT.EXE
06:28:00.0098 5444 SQLAgent$MSSMLBIZ - ok
06:28:00.0161 5444 SQLBrowser (b54b48f6d92423440c264e91225c5ff1) c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
06:28:00.0179 5444 SQLBrowser - ok
06:28:00.0251 5444 SQLWriter (6d65985945b03ca59b67d0b73702fc7b) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
06:28:00.0266 5444 SQLWriter - ok
06:28:00.0348 5444 srv (a8abd7d0d907b45cf3831f4dd8644349) C:\Windows\system32\DRIVERS\srv.sys
06:28:00.0428 5444 srv - ok
06:28:00.0501 5444 srv2 (6c72eea39e1c37b436a6d1532999f9ec) C:\Windows\system32\DRIVERS\srv2.sys
06:28:00.0523 5444 srv2 - ok
06:28:00.0547 5444 srvnet (7f69bcf9e6fa3d93c82ee6b87812666d) C:\Windows\system32\DRIVERS\srvnet.sys
06:28:00.0569 5444 srvnet - ok
06:28:00.0609 5444 SSDPSRV (192c74646ec5725aef3f80d19ff75f6a) C:\Windows\System32\ssdpsrv.dll
06:28:00.0669 5444 SSDPSRV - ok
06:28:00.0687 5444 SstpSvc (2ee3fa0308e6185ba64a9a7f2e74332b) C:\Windows\system32\sstpsvc.dll
06:28:00.0745 5444 SstpSvc - ok
06:28:00.0860 5444 STacSV (c5df63ae2693c9b6b01b4a2e6c1c64ac) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\STacSV64.exe
06:28:00.0906 5444 STacSV - ok
06:28:00.0974 5444 STHDA (ba16447226abfd342e130d2f24f73d32) C:\Windows\system32\DRIVERS\stwrt64.sys
06:28:01.0001 5444 STHDA - ok
06:28:01.0031 5444 StillCam (14b4db4381e4a55f570d8bb699b791d6) C:\Windows\system32\DRIVERS\serscan.sys
06:28:01.0091 5444 StillCam - ok
06:28:01.0162 5444 stisvc (f14f7d7d68a66777fb999d5d0f21138d) C:\Windows\System32\wiaservc.dll
06:28:01.0211 5444 stisvc - ok
06:28:01.0329 5444 stllssvr (1d0063597c3666404fcf97698abeb019) C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
06:28:01.0341 5444 stllssvr - ok
06:28:01.0379 5444 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys
06:28:01.0393 5444 swenum - ok
06:28:01.0461 5444 swprv (da34d6eb4a3154c0bebaeb0a2483ef3e) C:\Windows\System32\swprv.dll
06:28:01.0561 5444 swprv - ok
06:28:01.0613 5444 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys
06:28:01.0627 5444 Symc8xx - ok
06:28:01.0646 5444 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys
06:28:01.0660 5444 Sym_hi - ok
06:28:01.0675 5444 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys
06:28:01.0690 5444 Sym_u3 - ok
06:28:01.0781 5444 SysMain (bea0d5521ed21df8f6ffeed86daede7b) C:\Windows\system32\sysmain.dll
06:28:01.0871 5444 SysMain - ok
06:28:01.0911 5444 TabletInputService (005ce42567f9113a3bccb3b20073b029) C:\Windows\System32\TabSvc.dll
06:28:01.0984 5444 TabletInputService - ok
06:28:02.0027 5444 TapiSrv (52091001caf20ae84cf47023ee21b4bb) C:\Windows\System32\tapisrv.dll
06:28:02.0105 5444 TapiSrv - ok
06:28:02.0135 5444 TBS (cdbe8d7c1e201b911cdc346d06617fb5) C:\Windows\System32\tbssvc.dll
06:28:02.0198 5444 TBS - ok
06:28:02.0323 5444 Tcpip (7d86275fb640011b372fd566c0eafa8d) C:\Windows\system32\drivers\tcpip.sys
06:28:02.0381 5444 Tcpip - ok
06:28:02.0405 5444 Tcpip6 (7d86275fb640011b372fd566c0eafa8d) C:\Windows\system32\DRIVERS\tcpip.sys
06:28:02.0463 5444 Tcpip6 - ok
06:28:02.0499 5444 tcpipreg (c29d4b3b08ad0b7e8564814e4ff6a57b) C:\Windows\system32\drivers\tcpipreg.sys
06:28:02.0556 5444 tcpipreg - ok
06:28:02.0574 5444 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys
06:28:02.0631 5444 TDPIPE - ok
06:28:02.0643 5444 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys
06:28:02.0707 5444 TDTCP - ok
06:28:02.0733 5444 tdx (8c39c72e0e853de04748c0337d9b9216) C:\Windows\system32\DRIVERS\tdx.sys
06:28:02.0816 5444 tdx - ok
06:28:02.0848 5444 TermDD (3f0ebf6ee609f2a276c0d5faf244ec90) C:\Windows\system32\DRIVERS\termdd.sys
06:28:02.0864 5444 TermDD - ok
06:28:02.0924 5444 TermService (f870a5589d6a94b426efb13689023946) C:\Windows\System32\termsrv.dll
06:28:03.0010 5444 TermService - ok
06:28:03.0063 5444 Themes (9235ec680d3db17464b39c7c7decb4dd) C:\Windows\system32\shsvcs.dll
06:28:03.0090 5444 Themes - ok
06:28:03.0123 5444 THREADORDER (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll
06:28:03.0179 5444 THREADORDER - ok
06:28:03.0216 5444 TrkWks (f4689f05af472a651a7b1b7b02d200e7) C:\Windows\System32\trkwks.dll
06:28:03.0290 5444 TrkWks - ok
06:28:03.0336 5444 TrustedInstaller (ac6ff1df22ed90bad6417ee5a4c6e2f0) C:\Windows\servicing\TrustedInstaller.exe
06:28:03.0414 5444 TrustedInstaller - ok
06:28:03.0445 5444 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys
06:28:03.0501 5444 tssecsrv - ok
06:28:03.0532 5444 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys
06:28:03.0597 5444 tunmp - ok
06:28:03.0628 5444 tunnel (2dc2c423572946e9a3131425bda73cb6) C:\Windows\system32\DRIVERS\tunnel.sys
06:28:03.0666 5444 tunnel - ok
06:28:03.0685 5444 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys
06:28:03.0705 5444 uagp35 - ok
06:28:03.0749 5444 udfs (eca6629e33f122afff18a2ab7c3eb033) C:\Windows\system32\DRIVERS\udfs.sys
06:28:03.0834 5444 udfs - ok
06:28:03.0891 5444 UI0Detect (060507c4113391394478f6953a79eedc) C:\Windows\system32\UI0Detect.exe
06:28:03.0948 5444 UI0Detect - ok
06:28:03.0989 5444 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys
06:28:04.0005 5444 uliagpkx - ok
06:28:04.0039 5444 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys
06:28:04.0060 5444 uliahci - ok
06:28:04.0080 5444 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys
06:28:04.0096 5444 UlSata - ok
06:28:04.0139 5444 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys
06:28:04.0156 5444 ulsata2 - ok
06:28:04.0175 5444 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys
06:28:04.0247 5444 umbus - ok
06:28:04.0296 5444 upnphost (7093799ff80e9deca0680d2e3535be60) C:\Windows\System32\upnphost.dll
06:28:04.0376 5444 upnphost - ok
06:28:04.0419 5444 usbaudio (471474efa0640b426e9f8aa5a5fc2673) C:\Windows\system32\drivers\usbaudio.sys
06:28:04.0452 5444 usbaudio - ok
06:28:04.0482 5444 usbccgp (ae3dea342f01249317b2bb3df0424238) C:\Windows\system32\DRIVERS\usbccgp.sys
06:28:04.0525 5444 usbccgp - ok
06:28:04.0569 5444 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys
06:28:04.0674 5444 usbcir - ok
06:28:04.0702 5444 usbehci (b89f9fe9fc1e7c9cb03acb8819eb511d) C:\Windows\system32\DRIVERS\usbehci.sys
06:28:04.0737 5444 usbehci - ok
06:28:04.0796 5444 usbhub (f2c1d8eff9c7cf84ff0235408acd3f4b) C:\Windows\system32\DRIVERS\usbhub.sys
06:28:04.0836 5444 usbhub - ok
06:28:04.0857 5444 usbohci (eba14ef0c07cec233f1529c698d0d154) C:\Windows\system32\drivers\usbohci.sys
06:28:04.0957 5444 usbohci - ok
06:28:04.0997 5444 usbprint (28b693b6d31e7b9332c1bdcefef228c1) C:\Windows\system32\DRIVERS\usbprint.sys
06:28:05.0030 5444 usbprint - ok
06:28:05.0074 5444 usbscan (ea0bf666868964fbe8cb10e50c97b9f1) C:\Windows\system32\DRIVERS\usbscan.sys
06:28:05.0129 5444 usbscan - ok
06:28:05.0167 5444 USBSTOR (586d9876a4945779c8eea926c0d16889) C:\Windows\system32\DRIVERS\USBSTOR.SYS
06:28:05.0222 5444 USBSTOR - ok
06:28:05.0258 5444 usbuhci (225e107785315874ba5c1abc7dda7bfc) C:\Windows\system32\DRIVERS\usbuhci.sys
06:28:05.0287 5444 usbuhci - ok
06:28:05.0325 5444 usbvideo (fc33099877790d51b0927b7039059855) C:\Windows\system32\Drivers\usbvideo.sys
06:28:05.0393 5444 usbvideo - ok
06:28:05.0424 5444 usb_rndisx (567d09d1c41809550ece9ed22d6d612b) C:\Windows\system32\DRIVERS\usb8023x.sys
06:28:05.0502 5444 usb_rndisx - ok
06:28:05.0540 5444 UxSms (9190f03c82547afa87367f1ceca88f3b) C:\Windows\System32\uxsms.dll
06:28:05.0618 5444 UxSms - ok
06:28:05.0675 5444 vds (c15a4a550cba7b9f1f68b72528e04ce1) C:\Windows\System32\vds.exe
06:28:05.0763 5444 vds - ok
06:28:05.0803 5444 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys
06:28:05.0858 5444 vga - ok
06:28:05.0885 5444 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys
06:28:05.0955 5444 VgaSave - ok
06:28:05.0983 5444 viaide (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys
06:28:05.0996 5444 viaide - ok
06:28:06.0005 5444 volmgr (793d9b32a1c462c91f6f70358283ac97) C:\Windows\system32\drivers\volmgr.sys
06:28:06.0022 5444 volmgr - ok
06:28:06.0075 5444 volmgrx (5aa217da5dc4ff5b9ac9ab86563b3223) C:\Windows\system32\drivers\volmgrx.sys
06:28:06.0101 5444 volmgrx - ok
06:28:06.0132 5444 volsnap (de4307412d98050239026e56a7dff3c0) C:\Windows\system32\drivers\volsnap.sys
06:28:06.0155 5444 volsnap - ok
06:28:06.0197 5444 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys
06:28:06.0214 5444 vsmraid - ok
06:28:06.0329 5444 VSS (186bd53f8a408ad20f5a056c05678629) C:\Windows\system32\vssvc.exe
06:28:06.0452 5444 VSS - ok
06:28:06.0515 5444 W32Time (ba29f34a61cb55c0dee29e787542edf4) C:\Windows\system32\w32time.dll
06:28:06.0581 5444 W32Time - ok
06:28:06.0651 5444 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys
06:28:06.0737 5444 WacomPen - ok
06:28:06.0769 5444 Wanarp (aea75207e443c8623c36b8d03596f84f) C:\Windows\system32\DRIVERS\wanarp.sys
06:28:06.0845 5444 Wanarp - ok
06:28:06.0850 5444 Wanarpv6 (aea75207e443c8623c36b8d03596f84f) C:\Windows\system32\DRIVERS\wanarp.sys
06:28:06.0905 5444 Wanarpv6 - ok
06:28:06.0967 5444 wcncsvc (055449247c490e24b968b44fe8a969eb) C:\Windows\System32\wcncsvc.dll
06:28:07.0024 5444 wcncsvc - ok
06:28:07.0065 5444 WcsPlugInService (ea4b369560e986f19d93f45a881484ac) C:\Windows\System32\WcsPlugInService.dll
06:28:07.0106 5444 WcsPlugInService - ok
06:28:07.0142 5444 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys
06:28:07.0157 5444 Wd - ok
06:28:07.0195 5444 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\Windows\system32\DRIVERS\wdcsam64.sys
06:28:07.0221 5444 WDC_SAM - ok
06:28:07.0301 5444 Wdf01000 (d02e7e4567da1e7582fbf6a91144b0df) C:\Windows\system32\drivers\Wdf01000.sys
06:28:07.0341 5444 Wdf01000 - ok
06:28:07.0365 5444 WdiServiceHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll
06:28:07.0421 5444 WdiServiceHost - ok
06:28:07.0426 5444 WdiSystemHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll
06:28:07.0484 5444 WdiSystemHost - ok
06:28:07.0528 5444 WebClient (3d4ab55f8178fd0cd3ca45cd0ec9cf5b) C:\Windows\System32\webclnt.dll
06:28:07.0576 5444 WebClient - ok
06:28:07.0625 5444 Wecsvc (8d40bc587993f876658bf9fb0f7d3462) C:\Windows\system32\wecsvc.dll
06:28:07.0693 5444 Wecsvc - ok
06:28:07.0713 5444 wercplsupport (9c980351d7e96288ea0c23ae232bd065) C:\Windows\System32\wercplsupport.dll
06:28:07.0755 5444 wercplsupport - ok
06:28:07.0784 5444 WerSvc (fc25242b3bcaf7e84d9184082274ae08) C:\Windows\System32\WerSvc.dll
06:28:07.0848 5444 WerSvc - ok
06:28:07.0880 5444 WinDefend - ok
06:28:07.0896 5444 WinHttpAutoProxySvc - ok
06:28:07.0961 5444 Winmgmt (ac98f38feab066a8f983d54ff3f4fd4c) C:\Windows\system32\wbem\WMIsvc.dll
06:28:08.0032 5444 Winmgmt - ok
06:28:08.0184 5444 WinRM (6cbb0c68f13b9c2ec1b16f5fa5e7c869) C:\Windows\system32\WsmSvc.dll
06:28:08.0248 5444 WinRM - ok
06:28:08.0434 5444 Wlansvc (0a69955261c1b54206adc9beb89517de) C:\Windows\System32\wlansvc.dll
06:28:08.0496 5444 Wlansvc - ok
06:28:08.0564 5444 WmiAcpi (7999dfb1c555efc0db69576f70027867) C:\Windows\system32\DRIVERS\wmiacpi.sys
06:28:08.0583 5444 WmiAcpi - ok
06:28:08.0650 5444 wmiApSrv (d303322dd577c3deda1251ed2e7a496c) C:\Windows\system32\wbem\WmiApSrv.exe
06:28:08.0727 5444 wmiApSrv - ok
06:28:08.0779 5444 WMPNetworkSvc - ok
06:28:08.0821 5444 WPCSvc (cbc156c913f099e6680d1df9307db7a8) C:\Windows\System32\wpcsvc.dll
06:28:08.0874 5444 WPCSvc - ok
06:28:08.0904 5444 WPDBusEnum (a27c8f92d84e2ddc151978e4692c978e) C:\Windows\system32\wpdbusenum.dll
06:28:08.0971 5444 WPDBusEnum - ok
06:28:09.0159 5444 WPFFontCache_v0400 (991e2c2cf3bc204c2bb2ee1476149e4e) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
06:28:09.0199 5444 WPFFontCache_v0400 - ok
06:28:09.0279 5444 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys
06:28:09.0333 5444 ws2ifsl - ok
06:28:09.0374 5444 wscsvc (cb8ea6d95949384925ccfca21cc6dfd8) C:\Windows\system32\wscsvc.dll
06:28:09.0410 5444 wscsvc - ok
06:28:09.0415 5444 WSearch - ok
06:28:09.0608 5444 wuauserv (fb3796754fe00f0bdc87a36f164a5f4d) C:\Windows\system32\wuaueng.dll
06:28:09.0692 5444 wuauserv - ok
06:28:09.0847 5444 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys
06:28:09.0920 5444 WUDFRd - ok
06:28:09.0956 5444 wudfsvc (6cbd51ff913c851d56ed9dc7f2a27dde) C:\Windows\System32\WUDFSvc.dll
06:28:10.0013 5444 wudfsvc - ok
06:28:10.0025 5444 yksvc - ok
06:28:10.0081 5444 yukonx64 (b681cadb266b151061e7baa82b0d77b7) C:\Windows\system32\DRIVERS\yk60x64.sys
06:28:10.0131 5444 yukonx64 - ok
06:28:10.0174 5444 MBR (0x1B8) (cdb4de4bbd714f152979da2dcbef57eb) \Device\Harddisk0\DR0
06:28:10.0819 5444 \Device\Harddisk0\DR0 - ok
06:28:10.0854 5444 Boot (0x1200) (369490361fd77503299eb2caecb2e6ed) \Device\Harddisk0\DR0\Partition0
06:28:10.0857 5444 \Device\Harddisk0\DR0\Partition0 - ok
06:28:10.0869 5444 Boot (0x1200) (40bb0420a4aab2904e919c66049fee8e) \Device\Harddisk0\DR0\Partition1
06:28:10.0871 5444 \Device\Harddisk0\DR0\Partition1 - ok
06:28:10.0872 5444 ============================================================
06:28:10.0872 5444 Scan finished
06:28:10.0872 5444 ============================================================
06:28:10.0887 3012 Detected object count: 6
06:28:10.0887 3012 Actual detected object count: 6
06:28:52.0553 3012 Auth Service ( UnsignedFile.Multi.Generic ) - skipped by user
06:28:52.0553 3012 Auth Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:28:52.0559 3012 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
06:28:52.0559 3012 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:28:52.0562 3012 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
06:28:52.0562 3012 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:28:52.0563 3012 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
06:28:52.0563 3012 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:28:52.0566 3012 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
06:28:52.0566 3012 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:28:52.0569 3012 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
06:28:52.0569 3012 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
Vino's Event Viewer v01c run on Windows Vista in English
Report run at 02/08/2012 7:31:30 AM
Note: All dates below are in the format dd/mm/yyyy
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 02/08/2012 1:55:30 PM
Type: Error Category: 0
Event: 15016 Source: Microsoft-Windows-HttpEvent
Unable to initialize the security package Kerberos for server side authentication. The data field contains the error number.
Log: 'System' Date/Time: 02/08/2012 1:55:34 PM
Type: Error Category: 0
Event: 19 Source: Microsoft-Windows-PrintSpooler
The print spooler failed to share printer TurboMeeting Printer with shared resource name TurboMeeting Printer. Error 1753. The printer cannot be used by others on the network.
Log: 'System' Date/Time: 02/08/2012 1:57:09 PM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Intel® PRO/1000 PCI Express Network Connection Driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
Log: 'System' Date/Time: 02/08/2012 1:57:09 PM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Intel® PRO/1000 NDIS 6 Adapter Driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
Log: 'System' Date/Time: 02/08/2012 1:57:09 PM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The USB RNDIS Adapter service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
Log: 'System' Date/Time: 02/08/2012 1:57:09 PM
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.
Log: 'System' Date/Time: 02/08/2012 1:57:09 PM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The McAfee SiteAdvisor Service service failed to start due to the following error: The system cannot find the path specified.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 02/08/2012 1:54:34 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.
Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org
Database version: v2012.08.02.07
Windows Vista Service Pack 1 x64 NTFS
Internet Explorer 7.0.6001.18000
Doug :: DOUGLT [administrator]
8/2/2012 6:44:11 AM
mbam-log-2012-08-02 (06-44-11).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 197234
Time elapsed: 3 minute(s), 39 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)