Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Google search redirect [Solved]


  • This topic is locked This topic is locked

#1
mikebz5

mikebz5

    Member

  • Member
  • PipPip
  • 10 posts
Hi,

I am experiencing google search redirect problems in Chrome. Clicking on a link from search result redirects to a site that displays unusual search result like links. I cannot click back to google results(it stays on the same bogus page). I have to close Chrome and reopen to start a new session.

I run Win XP pro sp3.

Just to mention, I use MSE for antivirus and about a month ago is found a tracur.e trojan. It was quarantined and I removed it.

This redirect seems to be happening for the last 2 weeks. I have no idea if its related.

Thank you in advance for your help!

Below is my OTL:

OTL logfile created on: 8/23/2012 1:09:17 PM - Run 1
OTL by OldTimer - Version 3.2.58.1 Folder = C:\Documents and Settings\MikeB\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.25 Gb Total Physical Memory | 2.34 Gb Available Physical Memory | 71.91% Memory free
5.09 Gb Paging File | 4.12 Gb Available in Paging File | 80.92% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.76 Gb Total Space | 150.64 Gb Free Space | 64.72% Space Free | Partition Type: NTFS
Drive D: | 7.72 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive E: | 28.34 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive Y: | 372.60 Gb Total Space | 306.26 Gb Free Space | 82.20% Space Free | Partition Type: NTFS

Computer Name: MIKE | User Name: MikeB | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/08/23 13:08:57 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\MikeB\Desktop\OTL.exe
PRC - [2012/08/17 17:28:57 | 001,229,848 | ---- | M] (Google Inc.) -- C:\Documents and Settings\MikeB\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2012/08/14 12:29:16 | 000,136,616 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\ramaint.exe
PRC - [2012/08/14 12:28:07 | 000,374,184 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
PRC - [2012/07/05 22:07:00 | 000,161,704 | ---- | M] (Oracle Corporation) -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
PRC - [2012/06/27 16:01:36 | 000,595,216 | ---- | M] (Greatis Software) -- C:\Program Files\UnHackMe\hackmon.exe
PRC - [2012/06/05 17:40:36 | 000,133,992 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\IPROSetMonitor.exe
PRC - [2012/05/24 13:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\MikeB\Application Data\Dropbox\bin\Dropbox.exe
PRC - [2012/03/26 17:08:12 | 000,931,200 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2012/03/26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2011/10/21 12:09:44 | 000,390,528 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe
PRC - [2011/03/31 16:08:14 | 000,080,896 | ---- | M] () -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2010/02/09 13:34:00 | 001,807,680 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe
PRC - [2009/04/06 19:24:52 | 000,435,496 | R--- | M] (Pervasive Software Inc.) -- C:\Program Files\Pervasive Software\PSQL\bin\w3dbsmgr.exe
PRC - [2008/08/11 13:41:00 | 000,063,048 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/02/26 16:15:30 | 000,909,312 | ---- | M] (Realtek) -- C:\Program Files\Realtek\Diagnostics Utility\8169Diag.exe
PRC - [2007/05/25 11:38:46 | 000,112,176 | ---- | M] (SingleClick Systems) -- C:\Program Files\Dell Network Assistant\hnm_svc.exe
PRC - [2006/12/18 17:54:32 | 000,155,648 | ---- | M] (Sprint Spectrum, L.L.C) -- C:\Program Files\Novatel Wireless\Sprint\Sprint PCS Connection Manager\OSCMUtilityService.exe
PRC - [2006/10/30 16:59:34 | 000,024,576 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtProc.exe
PRC - [2006/09/20 08:35:26 | 000,020,480 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe


========== Modules (No Company Name) ==========

MOD - [2012/08/17 17:28:55 | 000,442,392 | ---- | M] () -- C:\Documents and Settings\MikeB\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.83\ppgooglenaclpluginchrome.dll
MOD - [2012/08/17 17:28:54 | 012,236,824 | ---- | M] () -- C:\Documents and Settings\MikeB\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.83\PepperFlash\pepflashplayer.dll
MOD - [2012/08/17 17:28:52 | 003,997,720 | ---- | M] () -- C:\Documents and Settings\MikeB\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.83\pdf.dll
MOD - [2012/08/17 17:27:23 | 000,144,424 | ---- | M] () -- C:\Documents and Settings\MikeB\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.83\avutil-51.dll
MOD - [2012/08/17 17:27:22 | 000,266,792 | ---- | M] () -- C:\Documents and Settings\MikeB\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.83\avformat-54.dll
MOD - [2012/08/17 17:27:21 | 002,480,680 | ---- | M] () -- C:\Documents and Settings\MikeB\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.83\avcodec-54.dll
MOD - [2012/06/13 03:15:52 | 012,433,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\01abbadafaf265d9f4ac9bbb247acb98\System.Windows.Forms.ni.dll
MOD - [2012/06/13 03:15:36 | 001,592,320 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\d86f2038209a4cf0d0f5b30f6375c9b2\System.Drawing.ni.dll
MOD - [2012/06/13 03:09:34 | 001,840,640 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Services\e70343406253e43964f9fe1f42cfbd7c\System.Web.Services.ni.dll
MOD - [2012/05/11 03:17:11 | 000,998,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\9080c8e8e7b6dfb502c1328673d636f8\System.Management.ni.dll
MOD - [2012/05/11 03:16:02 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d5b7368bde0f65aa15d9f46b498cc89\System.Configuration.ni.dll
MOD - [2012/05/11 03:13:52 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll
MOD - [2012/05/11 03:12:04 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll
MOD - [2012/05/11 03:11:51 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll
MOD - [2011/03/31 16:08:14 | 000,080,896 | ---- | M] () -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
MOD - [2010/02/09 13:34:00 | 001,807,680 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe
MOD - [2010/02/09 13:34:00 | 000,275,776 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\SdbShared.dll
MOD - [2010/02/09 13:34:00 | 000,152,896 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\SdbShared.XmlSerializers.dll
MOD - [2010/02/09 13:34:00 | 000,095,552 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\SdbUI.dll
MOD - [2010/02/09 13:34:00 | 000,058,688 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\BalloonWindow.dll
MOD - [2010/02/09 13:34:00 | 000,017,728 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\CppUtils.dll
MOD - [2008/04/13 19:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/13 19:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2007/07/23 15:04:46 | 000,068,080 | ---- | M] () -- C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\dlaapi_w.dll
MOD - [2006/10/30 16:59:34 | 000,024,576 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtProc.exe
MOD - [2006/09/20 08:35:26 | 000,020,480 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe /service /p dellsupportcenter -- (sprtsvc_dellsupportcenter)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2012/08/14 12:29:16 | 000,136,616 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\ramaint.exe -- (LMIMaint)
SRV - [2012/08/14 12:28:07 | 000,374,184 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2012/07/05 22:07:00 | 000,161,704 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012/06/05 17:40:36 | 000,133,992 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\WINDOWS\system32\IPROSetMonitor.exe -- (Intel®
SRV - [2012/04/13 10:12:34 | 000,334,152 | R--- | M] (Sage Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Sage\Peachtree\SmartPostingService2013.exe -- (Sage 50 SmartPosting 2013)
SRV - [2012/03/26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2011/10/21 12:09:44 | 000,390,528 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
SRV - [2011/03/31 16:08:14 | 000,080,896 | ---- | M] () [Auto | Running] -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2009/04/06 19:24:52 | 000,435,496 | R--- | M] (Pervasive Software Inc.) [Auto | Running] -- C:\Program Files\Pervasive Software\PSQL\bin\w3dbsmgr.exe -- (psqlWGE)
SRV - [2008/08/16 08:43:38 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2007/05/25 11:38:46 | 000,112,176 | ---- | M] (SingleClick Systems) [Auto | Running] -- C:\Program Files\Dell Network Assistant\hnm_svc.exe -- (hnmsvc)
SRV - [2006/12/18 17:54:32 | 000,155,648 | ---- | M] (Sprint Spectrum, L.L.C) [Auto | Running] -- C:\Program Files\Novatel Wireless\Sprint\Sprint PCS Connection Manager\OSCMUtilityService.exe -- (OSCM Utility Service)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\RimUsb.sys -- (RimUsb)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCAMPR5.SYS -- (PCAMPR5)
DRV - File not found [Kernel | System | Stopped] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D7E342B2-BB3B-402B-B146-9BEF0012CD48}\MpKsl30b2060f.sys -- (MpKsl30b2060f)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\DOCUME~1\MikeB\LOCALS~1\Temp\mbr.sys -- (mbr)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Running] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - [2012/08/23 11:24:25 | 000,035,816 | ---- | M] (Greatis Software) [Kernel | Boot | Unknown] -- C:\WINDOWS\system32\drivers\Partizan.sys -- (Partizan)
DRV - [2012/08/14 12:28:11 | 000,083,392 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2011/06/02 11:08:34 | 000,011,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\SystemRequirementsLab\cpudrv.sys -- (cpudrv)
DRV - [2010/06/22 18:01:50 | 000,021,248 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\htcnprot.sys -- (htcnprot)
DRV - [2009/10/22 01:23:18 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2009/10/22 01:23:18 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2009/07/13 16:51:12 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
DRV - [2009/06/10 00:49:32 | 000,024,576 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ANDROIDUSB.sys -- (HTCAND32)
DRV - [2008/08/11 13:41:00 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2008/08/11 13:41:00 | 000,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files\LogMeIn\x86\rainfo.sys -- (LMIInfo)
DRV - [2008/04/13 13:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008/02/28 14:45:32 | 000,084,992 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdAud.sys -- (HdAudAddService)
DRV - [2008/02/28 14:45:24 | 002,847,744 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008/02/02 13:52:54 | 000,105,856 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2008/01/31 14:20:36 | 004,637,696 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2007/12/03 11:13:48 | 000,011,264 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\diag69xp.sys -- (Diag69xp)
DRV - [2007/11/20 01:14:08 | 000,016,640 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTLVLAN.SYS -- (RTLVLAN)
DRV - [2007/10/12 16:04:38 | 000,099,200 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nwusbser2.sys -- (NWUSBPort2)
DRV - [2007/10/12 16:04:38 | 000,099,200 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nwusbser.sys -- (NWUSBPort)
DRV - [2007/10/12 16:04:38 | 000,099,200 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nwusbmdm.sys -- (NWUSBModem)
DRV - [2007/09/06 15:30:24 | 000,194,048 | ---- | M] (Novatel Wireless Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NWADIenum.sys -- (NWADI)
DRV - [2007/07/23 15:05:20 | 000,009,104 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLADResM.SYS -- (DLADResM)
DRV - [2007/07/23 15:04:58 | 000,037,360 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLABMFSM.SYS -- (DLABMFSM)
DRV - [2007/07/23 15:04:56 | 000,098,448 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2007/07/23 15:04:56 | 000,093,552 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2007/07/23 15:04:54 | 000,027,216 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2007/07/23 15:04:52 | 000,032,848 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2007/07/23 15:04:52 | 000,016,304 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2007/07/23 15:04:50 | 000,108,752 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2007/07/23 14:49:44 | 000,030,064 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS -- (DLARTL_M)
DRV - [2007/07/23 14:49:44 | 000,014,576 | ---- | M] (Roxio) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2006/12/18 19:01:20 | 000,012,672 | ---- | M] (SingleClick Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\packet.sys -- (Packet)
DRV - [2006/12/18 17:45:18 | 000,018,560 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PCASp50.sys -- (PCASp50)
DRV - [2004/11/22 17:36:39 | 000,018,003 | ---- | M] (Motive, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRENDIS5.sys -- (MRENDIS5)
DRV - [2004/11/22 17:36:34 | 000,019,345 | ---- | M] (Motive, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMPR5.sys -- (MREMPR5)
DRV - [2004/08/04 05:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2004/08/04 05:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2003/12/25 19:53:10 | 000,067,456 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\GA311ND5.SYS -- (RTL8023)
DRV - [2003/07/16 14:27:40 | 000,043,264 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ser2pl.sys -- (Ser2pl)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=5080813
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=5080813
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.att.net/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {4B1A1936-4774-447C-B4C0-55A629B6C9F3}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...Box&Form=IE8SRC
IE - HKCU\..\SearchScopes\{4B1A1936-4774-447C-B4C0-55A629B6C9F3}: "URL" = http://www.google.co...&rlz=1I7GGLF_en
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1;*.local


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files\Common Files\Motive\npMotive.dll (Motive, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.652: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\[email protected]/YahooActiveXPluginBridge;version=1.0.0.1: File not found
FF - HKCU\Software\MozillaPlugins\@powerchallenge.com/PowerLoader: C:\DOCUME~1\MikeB\APPLIC~1\POWERC~1\nppowerloader.dll (Power Challenge Sweden AB)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Documents and Settings\MikeB\Application Data\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Documents and Settings\MikeB\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\MikeB\Local Settings\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\MikeB\Local Settings\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\SearchPredict\PRFireFox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{0329E7D6-6F54-462D-93F6-F5C3118BADF2}: C:\Program Files\SpeedBit Video Downloader\SPFireFox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/06/15 09:07:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\Splashtop\Splashtop Remote\Server\plugin\FFExtensions
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/06/15 09:07:09 | 000,000,000 | ---D | M]

[2012/08/23 11:58:55 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\MikeB\Application Data\Mozilla\Extensions
[2010/10/15 13:09:58 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\MikeB\Application Data\Mozilla\Extensions\[email protected]
[2008/06/30 22:02:00 | 000,663,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\npOGAPlugin.dll
[2012/06/15 09:06:51 | 000,129,144 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll

========== Chrome ==========

CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\MikeB\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.83\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Documents and Settings\MikeB\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.83\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\MikeB\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.83\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\MikeB\Local Settings\Application Data\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Documents and Settings\MikeB\Application Data\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Documents and Settings\MikeB\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Office Genuine Advantage (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npOGAPlugin.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealNetworks™ RealPlayer Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Power Challenge Loader (Enabled) = C:\DOCUME~1\MikeB\APPLIC~1\POWERC~1\nppowerloader.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\MikeB\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: BrowserPlus (from Yahoo!) v2.8.1 (Enabled) = C:\Documents and Settings\MikeB\Local Settings\Application Data\Yahoo!\BrowserPlus\2.8.1\Plugins\npybrowserplus_2.8.1.dll
CHR - plugin: Motive Plugin (Enabled) = C:\Program Files\Common Files\Motive\npMotive.dll
CHR - plugin: RIM Handheld Application Loader (Disabled) = C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Full Screen Weather = C:\Documents and Settings\MikeB\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fkkaebihfmbofclegkcfkkemepfehibg\1.3_0\
CHR - Extension: Mail Checker Plus for Google Mail\u2122 = C:\Documents and Settings\MikeB\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gffjhibehnempbkeheiccaincokdjbfe\1.2.3.6_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Documents and Settings\MikeB\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Google Maps = C:\Documents and Settings\MikeB\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.4_0\
CHR - Extension: Incredible StartPage - Productive Start Page for Chrome! = C:\Documents and Settings\MikeB\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ncdfeghkpohnalmpblddmnppfooljekh\1.5.2_0\

O1 HOSTS File: ([2012/08/23 12:39:43 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AT&&T Toolbar) - {4E7BD74F-2B8D-469E-94BE-FD60BB9AAE29} - C:\Program Files\ATTToolbar\ATTToolbar.dll (AT&T)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (AT&&T Toolbar) - {4E7BD74F-2B8D-469E-94BE-FD60BB9AAE29} - C:\Program Files\ATTToolbar\ATTToolbar.dll (AT&T)
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (AT&&T Toolbar) - {4E7BD74F-2B8D-469E-94BE-FD60BB9AAE29} - C:\Program Files\ATTToolbar\ATTToolbar.dll (AT&T)
O3 - HKCU\..\Toolbar\WebBrowser: (AT&&T Toolbar) - {4E7BD74F-2B8D-469E-94BE-FD60BB9AAE29} - C:\Program Files\ATTToolbar\ATTToolbar.dll (AT&T)
O4 - HKLM..\Run: [8169Diag] C:\Program Files\Realtek\Diagnostics Utility\8169Diag.exe (Realtek)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe ()
O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [PeachtreePrefetcher.exe] C:\Program Files\Sage\Peachtree\PeachtreePrefetcher.exe (Sage Software, Inc.)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)
O4 - HKLM..\Run: [Seagull Drivers] C:\WINDOWS\ssdal_nc.exe ()
O4 - HKLM..\Run: [WrtMon.exe] C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe ()
O4 - HKCU..\Run: [UnHackMe Monitor] C:\Program Files\UnHackMe\hackmon.exe (Greatis Software)
O4 - HKLM..\RunOnceEx: [Flags] Reg Error: Invalid data type. File not found
O4 - HKLM..\RunOnceEx: [Title] UnHackMe Rootkit Check File not found
O4 - Startup: C:\Documents and Settings\MikeB\Start Menu\Programs\Startup\Dropbox.lnk = C:\Documents and Settings\MikeB\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html File not found
O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\MikeB\Start Menu\Programs\IMVU\Run IMVU.lnk File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} http://pccheckup.del...oad/tgctlcm.cab (Reg Error: Key error.)
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} http://activex.camfr..._instmodule.exe (Reg Error: Key error.)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1341489521921 (MUWebControl Class)
O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} http://chat.yahoo.com/cab/yuplapp.cab (Yahoo! Webcam Upload Wrapper)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {FB298ECE-4D17-414A-A5E8-FABC938796B2} http://www.kohlerplu...awingViewer.cab (ActiveWebParts Illustration Viewer)
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcp.../pcpitstop2.dll (PCPitstop Exam)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 8.8.8.8 8.8.4.4 10.168.141.190
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7F84D95D-E2C0-4628-8943-3356FD3F43D4}: NameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F7E595DC-13EA-460A-8869-05B60F6BF12C}: DhcpNameServer = 8.8.8.8 8.8.4.4 10.168.141.190
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll) - C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O20 - Winlogon\Notify\LMIinit: DllName - (LMIinit.dll) - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/11 17:15:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2008/02/21 19:43:08 | 000,358,248 | R--- | M] (NETGEAR Inc.) - E:\Autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2006/05/29 03:27:40 | 000,000,047 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (Partizan)
O34 - HKLM BootExecute: (ootExecute settings...)
O34 - HKLM BootExecute: (on\E)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/08/23 13:08:58 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\MikeB\Desktop\OTL.exe
[2012/08/23 12:58:19 | 000,071,398 | ---- | C] (jpshortstuff) -- C:\Documents and Settings\MikeB\Desktop\GooredFix.exe
[2012/08/23 12:30:50 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012/08/23 12:30:50 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012/08/23 12:30:50 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012/08/23 12:30:50 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012/08/23 12:28:48 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/08/23 12:28:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2012/08/23 11:24:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\RegRun
[2012/08/23 11:24:25 | 000,039,184 | ---- | C] (Greatis Software) -- C:\WINDOWS\System32\Partizan.exe
[2012/08/23 11:24:25 | 000,035,816 | ---- | C] (Greatis Software) -- C:\WINDOWS\System32\drivers\Partizan.sys
[2012/08/23 11:24:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\MikeB\My Documents\RegRun2
[2012/08/23 11:24:11 | 000,012,800 | ---- | C] (Greatis Software, LLC.) -- C:\WINDOWS\System32\drivers\UnHackMeDrv.sys
[2012/08/23 11:24:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\UnHackMe
[2012/08/23 11:24:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\regruninfo
[2012/08/23 11:24:01 | 000,000,000 | ---D | C] -- C:\Program Files\UnHackMe
[2012/08/23 10:44:24 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\MikeB\Recent
[2012/08/23 10:41:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner
[2012/08/23 10:41:48 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012/08/23 10:27:39 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools
[2012/08/23 10:23:48 | 000,203,120 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTSD.sys
[2012/08/23 10:23:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2012/08/23 10:23:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Tools
[2012/08/23 10:23:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\MikeB\Application Data\TestApp
[2012/08/23 07:21:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\HitmanPro
[2012/08/21 20:31:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Apps Sync
[2012/08/16 14:18:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\MikeB\jmeeting
[2012/08/15 16:54:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
[2012/08/15 16:54:13 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2012/08/14 12:58:55 | 000,053,760 | ---- | C] (Tolunay Orkun) -- C:\Documents and Settings\MikeB\Desktop\DRTCP021.exe
[2012/08/14 09:46:45 | 000,000,000 | ---D | C] -- C:\Intel17.2
[2012/08/14 07:54:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2012/08/14 07:54:08 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/08/13 11:54:25 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2012/08/13 11:50:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\MikeB\Local Settings\Application Data\Sun
[2012/08/13 11:45:46 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle
[2012/08/13 11:45:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\MikeB\Application Data\Oracle
[2012/08/13 11:44:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2012/08/13 10:10:57 | 000,000,000 | ---D | C] -- C:\Program Files\Cisco Systems
[2012/08/13 10:03:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Cisco Systems
[2012/07/31 08:20:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\MikeB\Start Menu\Programs\FOREXTraderPro
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/08/23 13:08:57 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\MikeB\Desktop\OTL.exe
[2012/08/23 12:58:14 | 000,071,398 | ---- | M] (jpshortstuff) -- C:\Documents and Settings\MikeB\Desktop\GooredFix.exe
[2012/08/23 12:48:20 | 000,000,384 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2012/08/23 12:42:26 | 000,000,433 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics
[2012/08/23 12:42:17 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/08/23 12:39:43 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012/08/23 12:39:37 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/08/23 12:38:16 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/08/23 12:29:03 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/08/23 11:38:02 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-593855856-1484460155-3387710267-1005UA.job
[2012/08/23 11:24:25 | 000,039,184 | ---- | M] (Greatis Software) -- C:\WINDOWS\System32\Partizan.exe
[2012/08/23 11:24:25 | 000,035,816 | ---- | M] (Greatis Software) -- C:\WINDOWS\System32\drivers\Partizan.sys
[2012/08/23 11:24:13 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012/08/23 11:24:13 | 000,001,688 | ---- | M] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2012/08/23 11:24:13 | 000,000,002 | RHS- | M] () -- C:\WINDOWS\winstart.bat
[2012/08/23 11:24:11 | 000,000,670 | ---- | M] () -- C:\Documents and Settings\MikeB\Desktop\UnHackMe.lnk
[2012/08/23 10:47:31 | 000,340,020 | ---- | M] () -- C:\Documents and Settings\MikeB\My Documents\cc_20120823_104708.reg
[2012/08/23 10:41:49 | 000,000,722 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2012/08/23 10:24:10 | 000,682,105 | ---- | M] () -- C:\WINDOWS\System32\drivers\Cat.DB
[2012/08/23 08:02:06 | 000,000,824 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/08/23 02:38:00 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-593855856-1484460155-3387710267-1005Core.job
[2012/08/22 18:00:08 | 000,000,432 | ---- | M] () -- C:\WINDOWS\tasks\Sage 50 Backup 1.job
[2012/08/22 07:07:10 | 000,002,533 | ---- | M] () -- C:\Documents and Settings\MikeB\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Word 2007.lnk
[2012/08/21 20:39:47 | 000,002,297 | ---- | M] () -- C:\Documents and Settings\MikeB\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/08/15 14:09:03 | 000,385,904 | ---- | M] () -- C:\Documents and Settings\MikeB\Desktop\ATT_SST.exe
[2012/08/15 13:32:46 | 000,009,374 | ---- | M] () -- C:\WINDOWS\System32\NEWSOFT
[2012/08/15 13:32:45 | 000,071,644 | ---- | M] () -- C:\Documents and Settings\MikeB\Desktop\Vulcan invoice 105142.PDF
[2012/08/14 13:45:22 | 000,224,024 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/08/14 13:44:20 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2012/08/14 12:58:56 | 000,053,760 | ---- | M] (Tolunay Orkun) -- C:\Documents and Settings\MikeB\Desktop\DRTCP021.exe
[2012/08/14 12:28:11 | 000,083,392 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIRfsClientNP.dll
[2012/08/14 12:28:09 | 000,030,624 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIport.dll
[2012/08/14 12:28:08 | 000,087,456 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIinit.dll
[2012/08/13 12:27:42 | 000,000,256 | ---- | M] () -- C:\Documents and Settings\MikeB\pool.bin
[2012/08/08 11:08:53 | 000,002,559 | ---- | M] () -- C:\Documents and Settings\MikeB\Desktop\Revolution III.lnk
[2012/07/31 08:20:05 | 000,000,346 | ---- | M] () -- C:\Documents and Settings\MikeB\Desktop\FOREXTraderPro.appref-ms
[2012/07/26 08:37:15 | 000,031,958 | ---- | M] () -- C:\Documents and Settings\MikeB\Desktop\JERNBERG BIANNUAL QUOTE.PDF
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/08/23 12:30:50 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012/08/23 12:30:50 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012/08/23 12:30:50 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012/08/23 12:30:50 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012/08/23 12:30:50 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012/08/23 11:24:13 | 000,000,002 | RHS- | C] () -- C:\WINDOWS\winstart.bat
[2012/08/23 11:24:11 | 000,000,670 | ---- | C] () -- C:\Documents and Settings\MikeB\Desktop\UnHackMe.lnk
[2012/08/23 10:47:12 | 000,340,020 | ---- | C] () -- C:\Documents and Settings\MikeB\My Documents\cc_20120823_104708.reg
[2012/08/23 10:41:49 | 000,000,722 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2012/08/23 10:28:27 | 000,001,549 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\More solutions from PC Tools.lnk
[2012/08/23 10:23:54 | 000,682,105 | ---- | C] () -- C:\WINDOWS\System32\drivers\Cat.DB
[2012/08/23 08:02:06 | 000,000,824 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/08/15 14:09:00 | 000,385,904 | ---- | C] () -- C:\Documents and Settings\MikeB\Desktop\ATT_SST.exe
[2012/08/15 13:32:45 | 000,071,644 | ---- | C] () -- C:\Documents and Settings\MikeB\Desktop\Vulcan invoice 105142.PDF
[2012/08/14 07:55:09 | 000,001,904 | ---- | C] () -- C:\WINDOWS\System32\SetupBD.din
[2012/08/13 12:24:45 | 000,001,059 | ---- | C] () -- C:\Documents and Settings\MikeB\Start Menu\Programs\Startup\Dropbox.lnk
[2012/08/13 10:11:37 | 000,001,850 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Cisco Connect.lnk
[2012/07/31 08:20:23 | 000,000,346 | ---- | C] () -- C:\Documents and Settings\MikeB\Desktop\FOREXTraderPro.appref-ms
[2012/07/27 10:46:43 | 000,002,878 | ---- | C] () -- C:\WINDOWS\System32\e1000325.din
[2012/07/26 08:37:15 | 000,031,958 | ---- | C] () -- C:\Documents and Settings\MikeB\Desktop\JERNBERG BIANNUAL QUOTE.PDF
[2012/02/15 07:34:54 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/06/06 10:49:52 | 000,109,216 | ---- | C] () -- C:\WINDOWS\System32\EasyHook64.dll
[2011/06/06 10:49:52 | 000,090,784 | ---- | C] () -- C:\WINDOWS\System32\EasyHook32.dll
[2011/02/08 08:57:47 | 000,013,004 | ---- | C] () -- C:\Documents and Settings\MikeB\Application Data\Comma Separated Values (Windows).CAL
[2011/02/07 11:34:14 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2011/02/07 09:24:27 | 000,000,026 | ---- | C] () -- C:\WINDOWS\lvdbed.INI
[2011/02/07 08:59:40 | 000,000,493 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010/12/07 08:14:59 | 000,001,500 | ---- | C] () -- C:\Documents and Settings\MikeB\.recently-used.xbel
[2009/11/24 08:42:34 | 000,003,072 | ---- | C] () -- C:\Documents and Settings\MikeB\Cache.db
[2009/09/21 13:28:26 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\MikeB\Application Data\TheHunterSettings.cfg
[2009/07/09 06:08:30 | 000,000,256 | ---- | C] () -- C:\Documents and Settings\MikeB\pool.bin
[2009/06/10 11:23:12 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\MikeB\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/11/26 10:01:19 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\MikeB\PERMISS.PTL
[2008/08/19 11:56:18 | 000,271,360 | ---- | C] () -- C:\Documents and Settings\MikeB\archive.pst
[2008/08/19 10:38:06 | 000,009,317 | ---- | C] () -- C:\Documents and Settings\MikeB\Application Data\Comma Separated Values (Windows).EML
[2008/08/19 10:28:22 | 000,038,463 | ---- | C] () -- C:\Documents and Settings\MikeB\Application Data\Comma Separated Values (Windows).ADR
[2008/08/16 07:23:15 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\MikeB\Local Settings\Application Data\fusioncache.dat

========== LOP Check ==========

[2008/09/11 14:51:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Aatrix Software
[2011/08/08 06:50:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ASUS WebStorage
[2011/01/26 08:51:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ATTToolbar
[2012/08/13 10:03:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Cisco Systems
[2008/08/16 08:44:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Citrix
[2011/10/20 11:37:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Convergence
[2012/08/23 07:22:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HitmanPro
[2012/08/23 08:02:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogMeIn
[2011/05/25 11:06:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCDr
[2012/08/13 12:26:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCPitstop
[2009/12/21 08:48:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCSettings
[2009/09/10 12:12:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pervasive Software
[2012/08/23 13:12:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RegRun
[2010/07/12 12:32:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Rice Lake Weighing Systems
[2012/07/05 10:15:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sage
[2008/08/13 15:42:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SingleClick Systems
[2011/09/22 09:26:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpeedBit
[2008/08/13 15:44:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2012/08/14 13:39:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2011/10/20 11:38:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\XHEO INC
[2009/07/10 12:54:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2011/10/14 13:00:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{B7A015B7-4802-4678-8CEC-700380BA9AFD}
[2012/07/18 15:59:26 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\MikeB\Application Data\951B32AB
[2008/09/11 14:51:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MikeB\Application Data\Aatrix Software
[2009/07/01 11:06:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MikeB\Application Data\Amazon
[2010/08/20 08:33:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MikeB\Application Data\AnvSoft
[2012/08/13 13:15:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MikeB\Application Data\ASUS
[2011/08/08 06:50:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MikeB\Application Data\ASUS WebStorage
[2010/04/10 06:20:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MikeB\Application Data\ATTToolbar
[2011/07/30 09:54:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MikeB\Application Data\CamfrogWEB
[2009/07/09 13:12:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MikeB\Application Data\Composer
[2011/10/20 11:41:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MikeB\Application Data\Convergence
[2012/08/23 12:40:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MikeB\Application Data\Dropbox
[2011/08/08 06:41:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MikeB\Application Data\eCareme
[2010/12/07 08:14:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MikeB\Application Data\gtk-2.0
[2010/08/20 07:46:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MikeB\Application Data\HandBrake
[2009/10/29 09:19:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MikeB\Application Data\NewSoft
[2012/08/13 11:45:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MikeB\Application Data\Oracle
[2011/08/08 07:04:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MikeB\Application Data\Outlook
[2011/03/03 16:41:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MikeB\Application Data\PCDr
[2008/08/19 09:56:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MikeB\Application Data\Peachtree
[2009/07/08 11:43:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MikeB\Application Data\Plazmic
[2010/06/16 06:40:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MikeB\Application Data\PowerChallenge
[2012/08/13 12:52:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MikeB\Application Data\Research In Motion
[2010/09/15 10:54:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MikeB\Application Data\Rice Lake Weighing Systems
[2009/03/03 08:56:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MikeB\Application Data\RIM Palm&PPC Upgrade Wizard
[2012/07/05 12:12:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MikeB\Application Data\Sage
[2012/08/14 07:45:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MikeB\Application Data\SystemRequirementsLab
[2012/08/23 10:23:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MikeB\Application Data\TestApp
[2010/07/06 06:10:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MikeB\Application Data\Tific
[2010/10/15 13:38:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MikeB\Application Data\Vivox
[2012/08/22 18:00:08 | 000,000,432 | ---- | M] () -- C:\WINDOWS\Tasks\Sage 50 Backup 1.job

========== Purity Check ==========



< End of report >


OTL Extras logfile created on: 8/23/2012 1:09:17 PM - Run 1
OTL by OldTimer - Version 3.2.58.1 Folder = C:\Documents and Settings\MikeB\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.25 Gb Total Physical Memory | 2.34 Gb Available Physical Memory | 71.91% Memory free
5.09 Gb Paging File | 4.12 Gb Available in Paging File | 80.92% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.76 Gb Total Space | 150.64 Gb Free Space | 64.72% Space Free | Partition Type: NTFS
Drive D: | 7.72 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive E: | 28.34 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive Y: | 372.60 Gb Total Space | 306.26 Gb Free Space | 82.20% Space Free | Partition Type: NTFS

Computer Name: MIKE | User Name: MikeB | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"10421:UDP" = 10421:UDP:*:Enabled:SingleClick Discovery Protocol
"10426:UDP" = 10426:UDP:*:Enabled:SingleClick ICC
"6160:TCP" = 6160:TCP:*:Enabled:Seagull Driver Networking
"1583:TCP" = 1583:TCP:*:Enabled:Pervasive DBEngine
"3351:TCP" = 3351:TCP:*:Enabled:Pervasive DBEngine
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe" = C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe:*:Enabled:CyberLink PowerDVD DX -- (CyberLink Corp.)
"C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" = C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe:*:Enabled:CyberLink PowerDVD DX Resident Program -- (CyberLink Corp.)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe" = C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe:*:Enabled:CyberLink PowerDVD DX -- (CyberLink Corp.)
"C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" = C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe:*:Enabled:CyberLink PowerDVD DX Resident Program -- (CyberLink Corp.)
"C:\Program Files\Pervasive Software\PSQL\bin\w3dbsmgr.exe" = C:\Program Files\Pervasive Software\PSQL\bin\w3dbsmgr.exe:*:Enabled:Database Service Manager -- (Pervasive Software Inc.)
"C:\Program Files\Dell Network Assistant\ezi_hnm2.exe" = C:\Program Files\Dell Network Assistant\ezi_hnm2.exe:*:Enabled:Dell Network Assistant -- (SingleClick Systems)
"C:\Program Files\Google\Google Talk\googletalk.exe" = C:\Program Files\Google\Google Talk\googletalk.exe:*:Enabled:Google Talk -- (Google)
"C:\Documents and Settings\MikeB\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe" = C:\Documents and Settings\MikeB\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin -- (Google)
"C:\Documents and Settings\MikeB\Application Data\Dropbox\bin\Dropbox.exe" = C:\Documents and Settings\MikeB\Application Data\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox -- (Dropbox, Inc.)
"C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java™ Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Documents and Settings\MikeB\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" = C:\Documents and Settings\MikeB\Local Settings\Application Data\Google\Chrome\Application\chrome.exe:LocalSubNet:Enabled:Google Chrome -- (Google Inc.)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Program Files\Java\jre7\bin\java.exe" = C:\Program Files\Java\jre7\bin\java.exe:*:Enabled:Java™ Platform SE binary -- (Oracle Corporation)
"C:\WINDOWS\system32\mmc.exe" = C:\WINDOWS\system32\mmc.exe:*:Enabled:Microsoft Management Console -- (Microsoft Corporation)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00BA866C-F2A2-4BB9-A308-3DFA695B6F7C}" = Java DB 10.5.3.0
"{0240BDFB-2995-4A3F-8C96-18D41282B716}" = Dell Network Assistant
"{0394CDC8-FABD-4ED8-B104-03393876DFDF}" = Roxio Creator Tools
"{07159635-9DFE-4105-BFC0-2817DB540C68}" = Roxio Activation Module
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0A3238D7-AB32-1010-B717-F3E3F18B4A8C}" = Pervasive PSQL v10 SP2 Workgroup (32-bit)
"{0CBD0AD5-550D-4850-98F6-FE8A9DFF1201}" = Revolution III
"{0D397393-9B50-4C52-84D5-77E344289F87}" = Roxio Creator Data
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{0F842B77-56EA-4AAF-8295-81A022350B5E}" = Microsoft Security Client
"{10D18EE2-D900-42A5-B71C-FA26DCB44388}" = Revolution
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}" = Dell DataSafe Online
"{13B8F8AB-9176-480C-9444-6B79681E1134}" = QLabel-IV 1.19
"{1768BEA4-3469-45FB-8EFB-6742E1C0E86F}" = Sage 50 Accounting 2013
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18B05B3E-DD9F-426D-BCFE-AD9ECFCEDD83}" = Color Network ScanGear Ver.2.40
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{20EE489A-4773-4BC0-8019-2C371C569917}" = Sidekick
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{236C3863-4A50-4121-8B57-CBB85D58C5C3}" = Sprint Mobile Broadband (Novatel Wireless)
"{26502D04-57B1-4A2D-8D5D-9DE36FC99355}" = Mobile Broadband Generic Drivers
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java™ 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java™ 7 Update 5
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2C2078EA-77C6-499C-89BC-4EC6F93ED009}" = BlackBerry Smartphone Simulators 4.5.0.127 (8330)
"{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}" = Roxio Drag-to-Disc
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{31228E31-2BFF-11D2-8866-00805F0D9D40}" = QPST
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java™ 6 Update 5
"{32A3A4F4-B792-11D6-A78A-00B0D0160210}" = Java™ SE Development Kit 6 Update 21
"{34F93E31-E1A0-421C-8E86-BCF7C4193A91}" = LogMeIn
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3544DED1-07DB-40C0-98F3-435A6DA195C7}" = Google SketchUp 8
"{4223E570-A8AF-4D4C-A9C9-544F9BDCCB46}" = Borland Database Engine
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51EF69CF-70D3-4142-993D-AA97F36484CC}" = Peachtree Accounting 2010
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5D601655-6D54-4384-B52C-17EC5385FBBD}" = iTunes
"{619CDD8A-14B6-43A1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{6767DFEE-8909-453A-B553-C7693912B2EB}" = Canon MF Toolbox 4.9.1.1.mf07
"{6798DD4E-BD16-4735-87EB-D712637CCB8C}" = Sage Message Center
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{83FFCFC7-88C6-41C6-8752-958A45325C82}" = Roxio Creator Audio
"{858C1B33-C3D5-4377-B77B-1E2F338C7F66}" = Intel® Network Connections 17.2.154.0
"{87841AF8-C785-42FF-A76E-CC0F0C2816CC}" = ATI Catalyst Control Center
"{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}" = Roxio Creator BDAV Plugin
"{88253B77-33C9-4A9D-9E4C-4579E39D9158}" = Diagnostics Utility
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8FB53850-246A-3507-8ADE-0060093FFEA6}" = Visual Studio Tools for the Office system 3.0 Runtime
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_BASICR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_BASICR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_BASICR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_BASICR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_BASICR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_BASICR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_BASICR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_BASICR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-0013-0000-0000-0000000FF1CE}" = Microsoft Office Basic 2007
"{91120000-0013-0000-0000-0000000FF1CE}_BASICR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{93C4EC91-A6CC-4F13-A6E7-892015BF107A}" = LABELVIEW 8.50.03
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96334581-5554-3E5F-8BC9-924C3C3AC5BE}" = Google Talk Plugin
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D2795DC-59E3-4E75-B59D-D23A6A18CE9C}" = ASUS Android USB Drivers
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}" = Windows 7 Upgrade Advisor
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4)
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B93A5C71-1F05-47c6-A9CD-DB6183CC8B30}" = Canon MF4360-4390
"{B98BE95C-E76F-4246-B8E6-BEB8EE791D06}" = Roxio Media Manager
"{BA1EF4A7-AB67-492B-9C7D-4AEE43F5A3C6}" = Peachtree Signature Ready Forms
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C484CC8D-03CF-4022-89C4-DB4F02E8A15B}" = Crystal Reports 2008 Runtime SP1
"{C5DA59CF-2BB8-48D5-8E5B-17F2E0F0FEE4}" = System Requirements Lab for Intel
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
"{C8E95BF5-C07F-4D98-BB42-F58FC98BC03E}" = Google Apps
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D2D6B9EB-C6DC-4DAA-B4DE-BB7D9735E7DA}" = Presto! PageManager 7.15.20
"{DBD40476-78A4-4738-86B4-A5FB8807946D}" = NETGEAR GA311 Gigabit Adapter
"{E89D78B8-28F7-412F-8B26-C684739CBBDC}" = Palm Desktop
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F92679BF-CA1F-4DD3-8269-A40A9AD873B1}" = Google Apps Sync™ for Microsoft Outlook® 3.2.353.947
"{FA61D601-A0FC-48BD-AE7A-54946BCD7FB6}_is1" = BitPim 1.0.7.20090805
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.3
"AppInventor Extras" = AppInventor Extras
"ATI Display Driver" = ATI Display Driver
"ATT-HSI" = ATT-HSI
"ATTToolbar" = AT&T Toolbar
"BASICR" = Microsoft Office Basic 2007
"CCleaner" = CCleaner
"Cisco Connect" = Cisco Connect
"Google Desktop" = Google Desktop
"GoToAssist" = GoToAssist 8.0.0.514
"ie8" = Windows Internet Explorer 8
"InstallShield_{1768BEA4-3469-45FB-8EFB-6742E1C0E86F}" = Sage 50 Accounting 2013
"InstallShield_{51EF69CF-70D3-4142-993D-AA97F36484CC}" = Peachtree Complete Accounting 2010
"InstallShield_{DBD40476-78A4-4738-86B4-A5FB8807946D}" = NETGEAR GA311 Smart Wizard Utility
"Integration Services" = Sage Software Integration Services
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.62.0.1300
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Security Client" = Microsoft Security Essentials
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Peachtree Complete Accounting" = Peachtree Complete Accounting 2010
"Pervasive Software PSQL v9.1 Workgroup_is1" = Pervasive Software PSQL v9.1 Client
"Pervasive System Analyzer_is1" = Pervasive System Analyzer v9.1
"RealPlayer 15.0" = RealPlayer
"SearchAssist" = SearchAssist
"Snapshot Viewer" = Snapshot Viewer
"ST6UNST #1" = AeroComm Development Kit Utility
"SystemRequirementsLab" = System Requirements Lab
"UnHackMe_is1" = UnHackMe 5.99 release
"Visual Studio Tools for the Office system 3.0 Runtime" = Visual Studio Tools for the Office system 3.0 Runtime
"VLC media player" = VLC media player 1.1.3
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinRAR archiver" = WinRAR archiver
"winusb0100" = Microsoft WinUsb 1.0
"winusb0200" = Microsoft WinUsb 2.0
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"YTdetect" = Yahoo! Detect

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"1df0cdb088182ccc" = FOREXTraderPro
"Draw 4 App" = Draw 4 App
"Dropbox" = Dropbox
"f269fca5d8764803" = Sage Exchange
"Google Chrome" = Google Chrome
"Power Loader" = Power Challenge Game Plugin

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 8/14/2012 7:00:12 PM | Computer Name = MIKE | Source = Sage 50 Automatic Backup | ID = 0
Description = An unknown error has occured.

Error - 8/15/2012 7:00:01 PM | Computer Name = MIKE | Source = Sage 50 Automatic Backup | ID = 0
Description = An unknown error has occured.

Error - 8/16/2012 7:00:08 PM | Computer Name = MIKE | Source = Sage 50 Automatic Backup | ID = 0
Description = An unknown error has occured.

Error - 8/17/2012 7:00:02 PM | Computer Name = MIKE | Source = Sage 50 Automatic Backup | ID = 0
Description = An unknown error has occured.

Error - 8/18/2012 7:00:13 PM | Computer Name = MIKE | Source = Sage 50 Automatic Backup | ID = 0
Description = An unknown error has occured.

Error - 8/19/2012 7:00:07 PM | Computer Name = MIKE | Source = Sage 50 Automatic Backup | ID = 0
Description = An unknown error has occured.

Error - 8/20/2012 7:00:07 PM | Computer Name = MIKE | Source = Sage 50 Automatic Backup | ID = 0
Description = An unknown error has occured.

Error - 8/21/2012 7:00:07 PM | Computer Name = MIKE | Source = Sage 50 Automatic Backup | ID = 0
Description = An unknown error has occured.

Error - 8/22/2012 7:00:08 PM | Computer Name = MIKE | Source = Sage 50 Automatic Backup | ID = 0
Description = An unknown error has occured.

Error - 8/23/2012 1:04:27 PM | Computer Name = MIKE | Source = Microsoft Security Client | ID = 5000
Description =

[ OSession Events ]
Error - 9/17/2009 1:32:25 PM | Computer Name = MIKE | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 18
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 8/23/2012 11:54:10 AM | Computer Name = MIKE | Source = Service Control Manager | ID = 7000
Description = The SupportSoft Sprocket Service (dellsupportcenter) service failed
to start due to the following error: %%2

Error - 8/23/2012 12:37:01 PM | Computer Name = MIKE | Source = sr | ID = 1
Description = The System Restore filter encountered the unexpected error '0xC0000243'
while processing the file '55795434.sys' on the volume 'HarddiskVolume2'. It has
stopped monitoring the volume.

Error - 8/23/2012 12:38:06 PM | Computer Name = MIKE | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Roxio Hard Drive Watcher
9 service to connect.

Error - 8/23/2012 12:38:06 PM | Computer Name = MIKE | Source = Service Control Manager | ID = 7000
Description = The SupportSoft Sprocket Service (dellsupportcenter) service failed
to start due to the following error: %%2

Error - 8/23/2012 12:39:40 PM | Computer Name = MIKE | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
iaStor

Error - 8/23/2012 12:42:05 PM | Computer Name = MIKE | Source = BROWSER | ID = 8032
Description = The browser service has failed to retrieve the backup list too many
times on transport \Device\NetBT_Tcpip_{F7E595DC-13EA-460A-8869-05B60F6BF12C}. The
backup browser is stopping.

Error - 8/23/2012 1:07:51 PM | Computer Name = MIKE | Source = ipnathlp | ID = 30013
Description = The DHCP allocator has disabled itself on IP address 169.254.90.215,
since
the IP address is outside the 192.168.0.0/255.255.255.0 scope from which addresses
are being allocated to DHCP clients. To enable the DHCP allocator on this IP address,
please
change the scope to include the IP address, or change the IP address to fall within
the scope.

Error - 8/23/2012 1:40:43 PM | Computer Name = MIKE | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Roxio Hard Drive Watcher
9 service to connect.

Error - 8/23/2012 1:40:43 PM | Computer Name = MIKE | Source = Service Control Manager | ID = 7000
Description = The SupportSoft Sprocket Service (dellsupportcenter) service failed
to start due to the following error: %%2

Error - 8/23/2012 1:42:26 PM | Computer Name = MIKE | Source = ipnathlp | ID = 30013
Description = The DHCP allocator has disabled itself on IP address 169.254.90.215,
since
the IP address is outside the 192.168.0.0/255.255.255.0 scope from which addresses
are being allocated to DHCP clients. To enable the DHCP allocator on this IP address,
please
change the scope to include the IP address, or change the IP address to fall within
the scope.


< End of report >

Edited by mikebz5, 23 August 2012 - 01:49 PM.

  • 0

Advertisements


#2
mikebz5

mikebz5

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
Have I slipped between the cracks?
  • 0

#3
ali.B

ali.B

    Trusted Helper

  • Malware Removal
  • 3,086 posts
hi :welcome:

  • Download RogueKiller and save it on your desktop.
  • Quit all programs
  • Start RogueKiller.exe.
  • Wait until Prescan has finished ...
  • Click on Scan
Posted Image
  • Wait for the end of the scan.
  • The report has been created on the desktop.
  • Click on the Delete button.
Posted Image
  • The report has been created on the desktop.

  • Next click on the ShortcutsFix
    Posted Image
  • The report has been created on the desktop.

Please post: All RKreport.txt text files located on your desktop.

THEN

Download the latest version of TDSSKiller from here and save it to your Desktop.


  • Doubleclick on TDSSKiller.exe to run the application
    Posted Image
  • Then click on Change parameters.

    Posted Image
  • Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
  • Click the Start Scan button.

  • If a suspicious object is detected, the default action will be Skip, click on Continue.

    Posted Image
  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
  • Get the report by selecting Reports

    Posted Image
  • Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

Please copy and paste its contents on your next reply.
  • 0

#4
mikebz5

mikebz5

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
Thanks,

I don't know if this was supposed to fix the problem but I'm still being redirected.

TDSSKiller found suspicious, but no malicious items,

Attached are the reports


09:56:23.0468 1456 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
09:56:23.0812 1456 ============================================================
09:56:23.0812 1456 Current date / time: 2012/08/24 09:56:23.0812
09:56:23.0812 1456 SystemInfo:
09:56:23.0812 1456
09:56:23.0812 1456 OS Version: 5.1.2600 ServicePack: 3.0
09:56:23.0812 1456 Product type: Workstation
09:56:23.0812 1456 ComputerName: MIKE
09:56:23.0812 1456 UserName: MikeB
09:56:23.0812 1456 Windows directory: C:\WINDOWS
09:56:23.0812 1456 System windows directory: C:\WINDOWS
09:56:23.0812 1456 Processor architecture: Intel x86
09:56:23.0812 1456 Number of processors: 4
09:56:23.0812 1456 Page size: 0x1000
09:56:23.0812 1456 Boot type: Normal boot
09:56:23.0812 1456 ============================================================
09:56:24.0906 1456 Drive \Device\Harddisk0\DR0 - Size: 0x3A35294400 (232.83 Gb), SectorSize: 0x200, Cylinders: 0x76BA, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
09:56:24.0906 1456 ============================================================
09:56:24.0906 1456 \Device\Harddisk0\DR0:
09:56:24.0906 1456 MBR partitions:
09:56:24.0906 1456 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1F608, BlocksNum 0x1D185971
09:56:24.0906 1456 ============================================================
09:56:25.0046 1456 C: <-> \Device\Harddisk0\DR0\Partition1
09:56:25.0046 1456 ============================================================
09:56:25.0046 1456 Initialize success
09:56:25.0046 1456 ============================================================
09:56:28.0156 3120 ============================================================
09:56:28.0156 3120 Scan started
09:56:28.0156 3120 Mode: Manual;
09:56:28.0156 3120 ============================================================
09:56:29.0078 3120 ================ Scan system memory ========================
09:56:29.0078 3120 System memory - ok
09:56:29.0078 3120 ================ Scan services =============================
09:56:29.0250 3120 Abiosdsk - ok
09:56:29.0265 3120 [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
09:56:29.0265 3120 abp480n5 - ok
09:56:29.0312 3120 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
09:56:29.0312 3120 ACPI - ok
09:56:29.0343 3120 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
09:56:29.0343 3120 ACPIEC - ok
09:56:29.0359 3120 [ 9A11864873DA202C996558B2106B0BBC ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
09:56:29.0359 3120 adpu160m - ok
09:56:29.0375 3120 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
09:56:29.0390 3120 aec - ok
09:56:29.0421 3120 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
09:56:29.0421 3120 AFD - ok
09:56:29.0453 3120 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
09:56:29.0453 3120 agp440 - ok
09:56:29.0484 3120 [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
09:56:29.0484 3120 agpCPQ - ok
09:56:29.0500 3120 [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys
09:56:29.0500 3120 Aha154x - ok
09:56:29.0515 3120 [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
09:56:29.0515 3120 aic78u2 - ok
09:56:29.0515 3120 [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
09:56:29.0515 3120 aic78xx - ok
09:56:29.0562 3120 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
09:56:29.0562 3120 Alerter - ok
09:56:29.0578 3120 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
09:56:29.0593 3120 ALG - ok
09:56:29.0609 3120 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
09:56:29.0609 3120 AliIde - ok
09:56:29.0703 3120 [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys
09:56:29.0703 3120 alim1541 - ok
09:56:29.0796 3120 [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys
09:56:29.0796 3120 amdagp - ok
09:56:29.0812 3120 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys
09:56:29.0812 3120 amsint - ok
09:56:29.0953 3120 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
09:56:29.0953 3120 AppMgmt - ok
09:56:30.0015 3120 [ 62D318E9A0C8FC9B780008E724283707 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys
09:56:30.0015 3120 asc - ok
09:56:30.0078 3120 [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys
09:56:30.0078 3120 asc3350p - ok
09:56:30.0171 3120 [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys
09:56:30.0171 3120 asc3550 - ok
09:56:30.0328 3120 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
09:56:30.0328 3120 aspnet_state - ok
09:56:30.0359 3120 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
09:56:30.0359 3120 AsyncMac - ok
09:56:30.0390 3120 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
09:56:30.0390 3120 atapi - ok
09:56:30.0406 3120 Atdisk - ok
09:56:30.0484 3120 [ 09AD298196A9F2D8F89D58F88A1EA0D4 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
09:56:30.0484 3120 Ati HotKey Poller - ok
09:56:30.0546 3120 [ 75DF4CE950DE5CAA6E68A33B36513EF6 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
09:56:30.0578 3120 ati2mtag - ok
09:56:30.0593 3120 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
09:56:30.0593 3120 Atmarpc - ok
09:56:30.0640 3120 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
09:56:30.0640 3120 AudioSrv - ok
09:56:30.0640 3120 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
09:56:30.0640 3120 audstub - ok
09:56:30.0656 3120 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
09:56:30.0656 3120 Beep - ok
09:56:30.0687 3120 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
09:56:30.0687 3120 BITS - ok
09:56:30.0750 3120 [ 3F56903E124E820AEECE6D471583C6C1 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
09:56:30.0750 3120 Bonjour Service - ok
09:56:30.0781 3120 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
09:56:30.0781 3120 Browser - ok
09:56:30.0781 3120 catchme - ok
09:56:30.0828 3120 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
09:56:30.0828 3120 cbidf - ok
09:56:30.0843 3120 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
09:56:30.0843 3120 cbidf2k - ok
09:56:30.0890 3120 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
09:56:30.0890 3120 CCDECODE - ok
09:56:30.0890 3120 [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
09:56:30.0890 3120 cd20xrnt - ok
09:56:30.0906 3120 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
09:56:30.0906 3120 Cdaudio - ok
09:56:30.0937 3120 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
09:56:30.0937 3120 Cdfs - ok
09:56:30.0953 3120 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
09:56:30.0953 3120 Cdrom - ok
09:56:30.0953 3120 Changer - ok
09:56:31.0000 3120 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
09:56:31.0000 3120 CiSvc - ok
09:56:31.0031 3120 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
09:56:31.0031 3120 ClipSrv - ok
09:56:31.0046 3120 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:56:31.0046 3120 clr_optimization_v2.0.50727_32 - ok
09:56:31.0062 3120 [ E5DCB56C533014ECBC556A8357C929D5 ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys
09:56:31.0062 3120 CmdIde - ok
09:56:31.0062 3120 COMSysApp - ok
09:56:31.0093 3120 [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys
09:56:31.0093 3120 Cpqarray - ok
09:56:31.0171 3120 [ D01F685F8B4598D144B0CCE9FF95D8D5 ] cpudrv C:\Program Files\SystemRequirementsLab\cpudrv.sys
09:56:31.0171 3120 cpudrv - ok
09:56:31.0218 3120 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
09:56:31.0218 3120 CryptSvc - ok
09:56:31.0250 3120 [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
09:56:31.0250 3120 dac2w2k - ok
09:56:31.0265 3120 [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys
09:56:31.0265 3120 dac960nt - ok
09:56:31.0312 3120 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
09:56:31.0328 3120 DcomLaunch - ok
09:56:31.0359 3120 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
09:56:31.0359 3120 Dhcp - ok
09:56:31.0406 3120 [ A22D5A027F397E412CBB2D97E8661BFF ] Diag69xp C:\WINDOWS\system32\Drivers\Diag69xp.sys
09:56:31.0406 3120 Diag69xp - ok
09:56:31.0437 3120 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
09:56:31.0437 3120 Disk - ok
09:56:31.0453 3120 [ A0500678A33802D8954153839301D539 ] DLABMFSM C:\WINDOWS\system32\Drivers\DLABMFSM.SYS
09:56:31.0453 3120 DLABMFSM - ok
09:56:31.0468 3120 [ B8D2F68CAC54D46281399F9092644794 ] DLABOIOM C:\WINDOWS\system32\Drivers\DLABOIOM.SYS
09:56:31.0484 3120 DLABOIOM - ok
09:56:31.0500 3120 [ 0EE93AB799D1CB4EC90B36F3612FE907 ] DLACDBHM C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
09:56:31.0500 3120 DLACDBHM - ok
09:56:31.0500 3120 [ 87413B94AE1FABC117C4E8AE6725134E ] DLADResM C:\WINDOWS\system32\Drivers\DLADResM.SYS
09:56:31.0500 3120 DLADResM - ok
09:56:31.0515 3120 [ 766A148235BE1C0039C974446E4C0EDC ] DLAIFS_M C:\WINDOWS\system32\Drivers\DLAIFS_M.SYS
09:56:31.0515 3120 DLAIFS_M - ok
09:56:31.0515 3120 [ 38267CCA177354F1C64450A43A4F7627 ] DLAOPIOM C:\WINDOWS\system32\Drivers\DLAOPIOM.SYS
09:56:31.0531 3120 DLAOPIOM - ok
09:56:31.0531 3120 [ FD363369FD313B46B5AEAB1A688B52E9 ] DLAPoolM C:\WINDOWS\system32\Drivers\DLAPoolM.SYS
09:56:31.0531 3120 DLAPoolM - ok
09:56:31.0546 3120 [ 336AE18F0912EF4FBE5518849E004D74 ] DLARTL_M C:\WINDOWS\system32\Drivers\DLARTL_M.SYS
09:56:31.0546 3120 DLARTL_M - ok
09:56:31.0562 3120 [ FD85F682C1CC2A7CA878C7A448E6D87E ] DLAUDFAM C:\WINDOWS\system32\Drivers\DLAUDFAM.SYS
09:56:31.0562 3120 DLAUDFAM - ok
09:56:31.0562 3120 [ AF389CE587B6BF5BBDCD6F6ABE5EABC0 ] DLAUDF_M C:\WINDOWS\system32\Drivers\DLAUDF_M.SYS
09:56:31.0562 3120 DLAUDF_M - ok
09:56:31.0578 3120 dmadmin - ok
09:56:31.0625 3120 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
09:56:31.0625 3120 dmboot - ok
09:56:31.0671 3120 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
09:56:31.0671 3120 dmio - ok
09:56:31.0687 3120 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
09:56:31.0687 3120 dmload - ok
09:56:31.0718 3120 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
09:56:31.0718 3120 dmserver - ok
09:56:31.0734 3120 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
09:56:31.0734 3120 DMusic - ok
09:56:31.0765 3120 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
09:56:31.0765 3120 Dnscache - ok
09:56:31.0812 3120 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
09:56:31.0812 3120 Dot3svc - ok
09:56:31.0828 3120 [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
09:56:31.0828 3120 dpti2o - ok
09:56:31.0828 3120 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
09:56:31.0828 3120 drmkaud - ok
09:56:31.0875 3120 [ 5D3B71BB2BB0009D65D290E2EF374BD3 ] DRVMCDB C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
09:56:31.0875 3120 DRVMCDB - ok
09:56:31.0875 3120 [ C591BA9F96F40A1FD6494DAFDCD17185 ] DRVNDDM C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
09:56:31.0875 3120 DRVNDDM - ok
09:56:31.0906 3120 [ C42009E37E377AE55968768E521E05C3 ] E1000 C:\WINDOWS\system32\DRIVERS\e1000325.sys
09:56:31.0906 3120 E1000 - ok
09:56:31.0937 3120 [ 3FCA03CBCA11269F973B70FA483C88EF ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys
09:56:31.0937 3120 E100B - ok
09:56:31.0968 3120 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
09:56:31.0968 3120 EapHost - ok
09:56:32.0000 3120 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
09:56:32.0000 3120 ERSvc - ok
09:56:32.0046 3120 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
09:56:32.0046 3120 Eventlog - ok
09:56:32.0062 3120 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
09:56:32.0062 3120 EventSystem - ok
09:56:32.0093 3120 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
09:56:32.0093 3120 Fastfat - ok
09:56:32.0140 3120 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
09:56:32.0140 3120 FastUserSwitchingCompatibility - ok
09:56:32.0187 3120 [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax C:\WINDOWS\system32\fxssvc.exe
09:56:32.0187 3120 Fax - ok
09:56:32.0187 3120 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
09:56:32.0187 3120 Fdc - ok
09:56:32.0203 3120 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
09:56:32.0203 3120 Fips - ok
09:56:32.0234 3120 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
09:56:32.0234 3120 Flpydisk - ok
09:56:32.0265 3120 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
09:56:32.0265 3120 FltMgr - ok
09:56:32.0328 3120 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
09:56:32.0328 3120 FontCache3.0.0.0 - ok
09:56:32.0343 3120 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
09:56:32.0343 3120 Fs_Rec - ok
09:56:32.0375 3120 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
09:56:32.0375 3120 Ftdisk - ok
09:56:32.0453 3120 [ FF0E0E6E5768B82BEAD44BFBCB9BDFE6 ] GoogleDesktopManager-010708-104812 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
09:56:32.0453 3120 GoogleDesktopManager-010708-104812 - ok
09:56:32.0484 3120 [ D3316F6E3C011435F36E3D6E49B3196C ] GoToAssist C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
09:56:32.0484 3120 GoToAssist - ok
09:56:32.0500 3120 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
09:56:32.0500 3120 Gpc - ok
09:56:32.0546 3120 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
09:56:32.0546 3120 gupdate - ok
09:56:32.0546 3120 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
09:56:32.0546 3120 gupdatem - ok
09:56:32.0578 3120 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
09:56:32.0578 3120 gusvc - ok
09:56:32.0625 3120 [ 56BF27D7A539F9E6BBC1DE201ABA0EDF ] HdAudAddService C:\WINDOWS\system32\drivers\AtiHdAud.sys
09:56:32.0625 3120 HdAudAddService - ok
09:56:32.0656 3120 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
09:56:32.0656 3120 HDAudBus - ok
09:56:32.0734 3120 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
09:56:32.0734 3120 helpsvc - ok
09:56:32.0734 3120 HidServ - ok
09:56:32.0796 3120 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
09:56:32.0796 3120 HidUsb - ok
09:56:32.0828 3120 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
09:56:32.0828 3120 hkmsvc - ok
09:56:32.0875 3120 [ 80D465483CECC76B6D1EE05C8FB6BD3F ] hnmsvc C:\Program Files\Dell Network Assistant\hnm_svc.exe
09:56:32.0875 3120 hnmsvc - ok
09:56:32.0890 3120 [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys
09:56:32.0890 3120 hpn - ok
09:56:32.0921 3120 [ CBD09ED9CF6822177EE85AEA4D8816A2 ] HTCAND32 C:\WINDOWS\system32\Drivers\ANDROIDUSB.sys
09:56:32.0921 3120 HTCAND32 - ok
09:56:32.0953 3120 [ 04E3B3554076B8192A668EFE88A682A1 ] htcnprot C:\WINDOWS\system32\DRIVERS\htcnprot.sys
09:56:32.0953 3120 htcnprot - ok
09:56:32.0984 3120 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
09:56:33.0000 3120 HTTP - ok
09:56:33.0031 3120 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
09:56:33.0031 3120 HTTPFilter - ok
09:56:33.0078 3120 [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
09:56:33.0078 3120 i2omgmt - ok
09:56:33.0093 3120 [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys
09:56:33.0093 3120 i2omp - ok
09:56:33.0093 3120 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
09:56:33.0093 3120 i8042prt - ok
09:56:33.0140 3120 [ E5A0034847537EAEE3C00349D5C34C5F ] iaStor C:\WINDOWS\system32\drivers\iaStor.sys
09:56:33.0140 3120 iaStor - ok
09:56:33.0203 3120 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
09:56:33.0203 3120 IDriverT - ok
09:56:33.0265 3120 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:56:33.0265 3120 idsvc - ok
09:56:33.0296 3120 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
09:56:33.0296 3120 Imapi - ok
09:56:33.0343 3120 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
09:56:33.0343 3120 ImapiService - ok
09:56:33.0375 3120 [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys
09:56:33.0375 3120 ini910u - ok
09:56:33.0515 3120 [ 811B31E0E0AC7BE484EFBFFC42AFCBBE ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
09:56:33.0546 3120 IntcAzAudAddService - ok
09:56:33.0578 3120 [ D27F21B7B41DF2EA1D4E7A999D3C998B ] Intel® PROSet Monitoring Service C:\WINDOWS\system32\IProsetMonitor.exe
09:56:33.0578 3120 Intel® PROSet Monitoring Service - ok
09:56:33.0625 3120 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
09:56:33.0625 3120 IntelIde - ok
09:56:33.0656 3120 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
09:56:33.0656 3120 intelppm - ok
09:56:33.0703 3120 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
09:56:33.0703 3120 Ip6Fw - ok
09:56:33.0718 3120 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
09:56:33.0718 3120 IpFilterDriver - ok
09:56:33.0734 3120 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
09:56:33.0734 3120 IpInIp - ok
09:56:33.0765 3120 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
09:56:33.0765 3120 IpNat - ok
09:56:33.0812 3120 [ 05CF6A56FBF436C347BB87FD1957ADC1 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
09:56:33.0812 3120 iPod Service - ok
09:56:33.0843 3120 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
09:56:33.0843 3120 IPSec - ok
09:56:33.0875 3120 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
09:56:33.0875 3120 IRENUM - ok
09:56:33.0906 3120 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
09:56:33.0906 3120 isapnp - ok
09:56:33.0968 3120 [ 4F2143570D2250CA4C4A4C98553C82CD ] JavaQuickStarterService C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
09:56:33.0968 3120 JavaQuickStarterService - ok
09:56:33.0984 3120 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
09:56:33.0984 3120 Kbdclass - ok
09:56:34.0000 3120 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
09:56:34.0000 3120 kbdhid - ok
09:56:34.0046 3120 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
09:56:34.0046 3120 kmixer - ok
09:56:34.0078 3120 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
09:56:34.0078 3120 KSecDD - ok
09:56:34.0109 3120 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
09:56:34.0109 3120 lanmanserver - ok
09:56:34.0125 3120 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
09:56:34.0125 3120 lanmanworkstation - ok
09:56:34.0125 3120 lbrtfdc - ok
09:56:34.0203 3120 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
09:56:34.0203 3120 LmHosts - ok
09:56:34.0250 3120 [ 63DAF163D1617DD611BD0AB8E41A43E8 ] LMIGuardianSvc C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
09:56:34.0265 3120 LMIGuardianSvc - ok
09:56:34.0281 3120 [ 4F69FAAABB7DB0D43E327C0B6AAB40FC ] LMIInfo C:\Program Files\LogMeIn\x86\RaInfo.sys
09:56:34.0281 3120 LMIInfo - ok
09:56:34.0281 3120 [ 175F50F37EEAA1D4D744BCCCBB7CF68C ] LMIMaint C:\Program Files\LogMeIn\x86\RaMaint.exe
09:56:34.0281 3120 LMIMaint - ok
09:56:34.0328 3120 [ 4477689E2D8AE6B78BA34C9AF4CC1ED1 ] lmimirr C:\WINDOWS\system32\DRIVERS\lmimirr.sys
09:56:34.0328 3120 lmimirr - ok
09:56:34.0328 3120 LMIRfsClientNP - ok
09:56:34.0343 3120 [ 3FAA563DDF853320F90259D455A01D79 ] LMIRfsDriver C:\WINDOWS\system32\drivers\LMIRfsDriver.sys
09:56:34.0343 3120 LMIRfsDriver - ok
09:56:34.0390 3120 [ 432618FA75B61059D2C57D6A7E55147A ] LogMeIn C:\Program Files\LogMeIn\x86\LogMeIn.exe
09:56:34.0390 3120 LogMeIn - ok
09:56:34.0468 3120 [ F8B823414A22DBF3BEC10DCAA5F93CD8 ] McciCMService C:\Program Files\Common Files\Motive\McciCMService.exe
09:56:34.0468 3120 McciCMService - ok
09:56:34.0500 3120 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
09:56:34.0500 3120 Messenger - ok
09:56:34.0546 3120 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
09:56:34.0546 3120 mnmdd - ok
09:56:34.0578 3120 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
09:56:34.0578 3120 mnmsrvc - ok
09:56:34.0625 3120 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
09:56:34.0625 3120 Modem - ok
09:56:34.0656 3120 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
09:56:34.0656 3120 Mouclass - ok
09:56:34.0703 3120 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
09:56:34.0703 3120 mouhid - ok
09:56:34.0703 3120 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
09:56:34.0703 3120 MountMgr - ok
09:56:34.0765 3120 [ D993BEA500E7382DC4E760BF4F35EFCB ] MpFilter C:\WINDOWS\system32\DRIVERS\MpFilter.sys
09:56:34.0781 3120 MpFilter - ok
09:56:34.0890 3120 MpKsl3ce97850 - ok
09:56:34.0921 3120 [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys
09:56:34.0921 3120 mraid35x - ok
09:56:34.0968 3120 [ 9BD4DCB5412921864A7AACDEDFBD1923 ] MREMP50 C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
09:56:34.0968 3120 MREMP50 - ok
09:56:35.0000 3120 [ 2BC9E43F55DE8C30FC817ED56D0EE907 ] MREMPR5 C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS
09:56:35.0000 3120 MREMPR5 - ok
09:56:35.0015 3120 [ 594B9D8194E3F4ECBF0325BD10BBEB05 ] MRENDIS5 C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS
09:56:35.0015 3120 MRENDIS5 - ok
09:56:35.0046 3120 [ 07C02C892E8E1A72D6BF35004F0E9C5E ] MRESP50 C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
09:56:35.0046 3120 MRESP50 - ok
09:56:35.0078 3120 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
09:56:35.0078 3120 MRxDAV - ok
09:56:35.0109 3120 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
09:56:35.0125 3120 MRxSmb - ok
09:56:35.0156 3120 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
09:56:35.0156 3120 MSDTC - ok
09:56:35.0156 3120 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
09:56:35.0156 3120 Msfs - ok
09:56:35.0171 3120 MSIServer - ok
09:56:35.0203 3120 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
09:56:35.0203 3120 MSKSSRV - ok
09:56:35.0265 3120 [ 24516BF4E12A46CB67302E2CDCB8CDDF ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
09:56:35.0265 3120 MsMpSvc - ok
09:56:35.0296 3120 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
09:56:35.0296 3120 MSPCLOCK - ok
09:56:35.0312 3120 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
09:56:35.0312 3120 MSPQM - ok
09:56:35.0328 3120 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
09:56:35.0328 3120 mssmbios - ok
09:56:35.0359 3120 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
09:56:35.0359 3120 MSTEE - ok
09:56:35.0375 3120 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
09:56:35.0375 3120 Mup - ok
09:56:35.0406 3120 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
09:56:35.0406 3120 NABTSFEC - ok
09:56:35.0437 3120 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
09:56:35.0437 3120 napagent - ok
09:56:35.0453 3120 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
09:56:35.0468 3120 NDIS - ok
09:56:35.0484 3120 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
09:56:35.0484 3120 NdisIP - ok
09:56:35.0515 3120 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
09:56:35.0515 3120 NdisTapi - ok
09:56:35.0531 3120 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
09:56:35.0531 3120 Ndisuio - ok
09:56:35.0531 3120 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
09:56:35.0531 3120 NdisWan - ok
09:56:35.0562 3120 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
09:56:35.0562 3120 NDProxy - ok
09:56:35.0562 3120 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
09:56:35.0562 3120 NetBIOS - ok
09:56:35.0593 3120 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
09:56:35.0593 3120 NetBT - ok
09:56:35.0625 3120 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
09:56:35.0625 3120 NetDDE - ok
09:56:35.0640 3120 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
09:56:35.0640 3120 NetDDEdsdm - ok
09:56:35.0671 3120 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
09:56:35.0671 3120 Netlogon - ok
09:56:35.0703 3120 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
09:56:35.0718 3120 Netman - ok
09:56:35.0734 3120 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:56:35.0734 3120 NetTcpPortSharing - ok
09:56:35.0765 3120 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
09:56:35.0765 3120 Nla - ok
09:56:35.0765 3120 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
09:56:35.0765 3120 Npfs - ok
09:56:35.0828 3120 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
09:56:35.0828 3120 Ntfs - ok
09:56:35.0843 3120 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
09:56:35.0843 3120 NtLmSsp - ok
09:56:35.0890 3120 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
09:56:35.0890 3120 NtmsSvc - ok
09:56:35.0906 3120 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
09:56:35.0906 3120 Null - ok
09:56:35.0953 3120 [ 2B298519EDBFCF451D43E0F1E8F1006D ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
09:56:35.0968 3120 nv - ok
09:56:36.0015 3120 [ 67FB86EEB94059177642050718D57460 ] NWADI C:\WINDOWS\system32\DRIVERS\NWADIenum.sys
09:56:36.0015 3120 NWADI - ok
09:56:36.0046 3120 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
09:56:36.0046 3120 NwlnkFlt - ok
09:56:36.0062 3120 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
09:56:36.0062 3120 NwlnkFwd - ok
09:56:36.0093 3120 [ 8B8B1BE2DBA4025DA6786C645F77F123 ] NwlnkIpx C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
09:56:36.0093 3120 NwlnkIpx - ok
09:56:36.0093 3120 [ 56D34A67C05E94E16377C60609741FF8 ] NwlnkNb C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
09:56:36.0093 3120 NwlnkNb - ok
09:56:36.0109 3120 [ C0BB7D1615E1ACBDC99757F6CEAF8CF0 ] NwlnkSpx C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
09:56:36.0109 3120 NwlnkSpx - ok
09:56:36.0156 3120 [ 4E651808B35656AC88A4DCDAF6CC1169 ] NWUSBModem C:\WINDOWS\system32\DRIVERS\nwusbmdm.sys
09:56:36.0156 3120 NWUSBModem - ok
09:56:36.0156 3120 [ 4E651808B35656AC88A4DCDAF6CC1169 ] NWUSBPort C:\WINDOWS\system32\DRIVERS\nwusbser.sys
09:56:36.0156 3120 NWUSBPort - ok
09:56:36.0171 3120 [ 4E651808B35656AC88A4DCDAF6CC1169 ] NWUSBPort2 C:\WINDOWS\system32\DRIVERS\nwusbser2.sys
09:56:36.0171 3120 NWUSBPort2 - ok
09:56:36.0328 3120 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
09:56:36.0328 3120 odserv - ok
09:56:36.0359 3120 [ 99182635DC861858310BAAA6FB138824 ] OSCM Utility Service C:\Program Files\Novatel Wireless\Sprint\Sprint PCS Connection Manager\OSCMUtilityService.exe
09:56:36.0375 3120 OSCM Utility Service - ok
09:56:36.0406 3120 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:56:36.0406 3120 ose - ok
09:56:36.0468 3120 [ 8F856DAE19383BD69DB444004D5D4F50 ] Packet C:\WINDOWS\system32\DRIVERS\packet.sys
09:56:36.0468 3120 Packet - ok
09:56:36.0500 3120 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
09:56:36.0500 3120 Parport - ok
09:56:36.0500 3120 Partizan - ok
09:56:36.0531 3120 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
09:56:36.0531 3120 PartMgr - ok
09:56:36.0562 3120 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
09:56:36.0562 3120 ParVdm - ok
09:56:36.0578 3120 [ A1E779A0CF7A21B42E8FD3E8856D8481 ] PassThru Service C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
09:56:36.0578 3120 PassThru Service - ok
09:56:36.0578 3120 PCAMPR5 - ok
09:56:36.0609 3120 [ 803C8E7F4D00FE832C1F3871514FEC85 ] PCASp50 C:\WINDOWS\system32\Drivers\PCASp50.sys
09:56:36.0609 3120 PCASp50 - ok
09:56:36.0609 3120 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
09:56:36.0609 3120 PCI - ok
09:56:36.0625 3120 PCIDump - ok
09:56:36.0640 3120 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
09:56:36.0640 3120 PCIIde - ok
09:56:36.0656 3120 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
09:56:36.0656 3120 Pcmcia - ok
09:56:36.0656 3120 PDCOMP - ok
09:56:36.0671 3120 PDFRAME - ok
09:56:36.0687 3120 PDRELI - ok
09:56:36.0687 3120 PDRFRAME - ok
09:56:36.0718 3120 [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys
09:56:36.0718 3120 perc2 - ok
09:56:36.0734 3120 [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys
09:56:36.0734 3120 perc2hib - ok
09:56:36.0765 3120 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
09:56:36.0781 3120 PlugPlay - ok
09:56:36.0781 3120 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
09:56:36.0781 3120 PolicyAgent - ok
09:56:36.0812 3120 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
09:56:36.0812 3120 PptpMiniport - ok
09:56:36.0812 3120 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
09:56:36.0812 3120 ProtectedStorage - ok
09:56:36.0828 3120 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
09:56:36.0828 3120 PSched - ok
09:56:36.0890 3120 [ 5D059E1F56576A9264D2243D0C8DD7FA ] psqlWGE C:\Program Files\Pervasive Software\PSQL\bin\w3dbsmgr.exe
09:56:36.0906 3120 psqlWGE - ok
09:56:36.0921 3120 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
09:56:36.0921 3120 Ptilink - ok
09:56:36.0937 3120 [ 49452BFCEC22F36A7A9B9C2181BC3042 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
09:56:36.0937 3120 PxHelp20 - ok
09:56:36.0968 3120 [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys
09:56:36.0968 3120 ql1080 - ok
09:56:36.0968 3120 [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
09:56:36.0968 3120 Ql10wnt - ok
09:56:36.0984 3120 [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys
09:56:36.0984 3120 ql12160 - ok
09:56:37.0000 3120 [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys
09:56:37.0000 3120 ql1240 - ok
09:56:37.0000 3120 [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys
09:56:37.0000 3120 ql1280 - ok
09:56:37.0031 3120 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
09:56:37.0031 3120 RasAcd - ok
09:56:37.0078 3120 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
09:56:37.0078 3120 RasAuto - ok
09:56:37.0093 3120 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
09:56:37.0109 3120 Rasl2tp - ok
09:56:37.0140 3120 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
09:56:37.0140 3120 RasMan - ok
09:56:37.0156 3120 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
09:56:37.0156 3120 RasPppoe - ok
09:56:37.0156 3120 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
09:56:37.0156 3120 Raspti - ok
09:56:37.0187 3120 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
09:56:37.0187 3120 Rdbss - ok
09:56:37.0203 3120 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
09:56:37.0203 3120 RDPCDD - ok
09:56:37.0218 3120 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
09:56:37.0218 3120 rdpdr - ok
09:56:37.0265 3120 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
09:56:37.0265 3120 RDPWD - ok
09:56:37.0312 3120 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
09:56:37.0312 3120 RDSessMgr - ok
09:56:37.0343 3120 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
09:56:37.0343 3120 redbook - ok
09:56:37.0390 3120 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
09:56:37.0390 3120 RemoteAccess - ok
09:56:37.0421 3120 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
09:56:37.0421 3120 RemoteRegistry - ok
09:56:37.0421 3120 RimUsb - ok
09:56:37.0484 3120 [ 2C4FB2E9F039287767C384E46EE91030 ] RimVSerPort C:\WINDOWS\system32\DRIVERS\RimSerial.sys
09:56:37.0484 3120 RimVSerPort - ok
09:56:37.0546 3120 [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] ROOTMODEM C:\WINDOWS\system32\Drivers\RootMdm.sys
09:56:37.0546 3120 ROOTMODEM - ok
09:56:37.0625 3120 [ AFD61A7C48A3E15C86A6FADF0B69A2E4 ] Roxio UPnP Renderer 9 C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
09:56:37.0625 3120 Roxio UPnP Renderer 9 - ok
09:56:37.0625 3120 [ EFBB36E2BB02169D26E9980778FC20D3 ] Roxio Upnp Server 9 C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
09:56:37.0625 3120 Roxio Upnp Server 9 - ok
09:56:37.0703 3120 [ 78E680A105F47B6AA0003BD23ED9FA51 ] RoxLiveShare9 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
09:56:37.0703 3120 RoxLiveShare9 - ok
09:56:37.0750 3120 [ 9D5C024170C376D7CC66ED853FDA9068 ] RoxMediaDB9 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
09:56:37.0765 3120 RoxMediaDB9 - ok
09:56:37.0796 3120 [ 87F175539DBBA297018AA7FCDD563FF7 ] RoxWatch9 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
09:56:37.0796 3120 RoxWatch9 - ok
09:56:37.0812 3120 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
09:56:37.0812 3120 RpcLocator - ok
09:56:37.0828 3120 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll
09:56:37.0843 3120 RpcSs - ok
09:56:37.0859 3120 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
09:56:37.0859 3120 RSVP - ok
09:56:37.0906 3120 [ 471E91C38BD05CB024F9C02017235424 ] RTL8023 C:\WINDOWS\system32\DRIVERS\GA311ND5.SYS
09:56:37.0906 3120 RTL8023 - ok
09:56:37.0906 3120 [ 89619EF503F949FAE09252A8B883EE11 ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
09:56:37.0906 3120 RTLE8023xp - ok
09:56:37.0953 3120 [ B9CA69921379EA2931C4450FE975BCE7 ] RTLVLAN C:\WINDOWS\system32\DRIVERS\RTLVLAN.SYS
09:56:37.0953 3120 RTLVLAN - ok
09:56:38.0046 3120 [ CCB8B892941AC394E29F0B39E71717FF ] Sage 50 SmartPosting 2013 C:\Program Files\Sage\Peachtree\SmartPostingService2013.exe
09:56:38.0062 3120 Sage 50 SmartPosting 2013 - ok
09:56:38.0078 3120 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
09:56:38.0078 3120 SamSs - ok
09:56:38.0078 3120 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
09:56:38.0078 3120 SCardSvr - ok
09:56:38.0125 3120 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
09:56:38.0125 3120 Schedule - ok
09:56:38.0171 3120 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
09:56:38.0171 3120 Secdrv - ok
09:56:38.0203 3120 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
09:56:38.0203 3120 seclogon - ok
09:56:38.0234 3120 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
09:56:38.0234 3120 SENS - ok
09:56:38.0265 3120 [ B490AD520257DDA26C1D587A71E527B5 ] Ser2pl C:\WINDOWS\system32\DRIVERS\ser2pl.sys
09:56:38.0265 3120 Ser2pl - ok
09:56:38.0281 3120 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
09:56:38.0296 3120 serenum - ok
09:56:38.0312 3120 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
09:56:38.0312 3120 Serial - ok
09:56:38.0328 3120 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
09:56:38.0328 3120 Sfloppy - ok
09:56:38.0390 3120 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
09:56:38.0390 3120 SharedAccess - ok
09:56:38.0406 3120 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
09:56:38.0406 3120 ShellHWDetection - ok
09:56:38.0406 3120 Simbad - ok
09:56:38.0453 3120 [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
09:56:38.0453 3120 sisagp - ok
09:56:38.0484 3120 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
09:56:38.0484 3120 SLIP - ok
09:56:38.0515 3120 [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys
09:56:38.0515 3120 Sparrow - ok
09:56:38.0531 3120 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
09:56:38.0531 3120 splitter - ok
09:56:38.0562 3120 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
09:56:38.0562 3120 Spooler - ok
09:56:38.0609 3120 sprtsvc_dellsupportcenter - ok
09:56:38.0625 3120 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
09:56:38.0625 3120 sr - ok
09:56:38.0671 3120 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
09:56:38.0671 3120 srservice - ok
09:56:38.0718 3120 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
09:56:38.0718 3120 Srv - ok
09:56:38.0750 3120 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
09:56:38.0750 3120 SSDPSRV - ok
09:56:38.0750 3120 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
09:56:38.0765 3120 stisvc - ok
09:56:38.0828 3120 [ DE3E7A2345EBAA3CE8E6957DFB55FB15 ] stllssvr C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
09:56:38.0828 3120 stllssvr - ok
09:56:38.0859 3120 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
09:56:38.0859 3120 streamip - ok
09:56:38.0890 3120 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
09:56:38.0890 3120 swenum - ok
09:56:38.0906 3120 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
09:56:38.0906 3120 swmidi - ok
09:56:38.0906 3120 SwPrv - ok
09:56:38.0953 3120 [ 1FF3217614018630D0A6758630FC698C ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys
09:56:38.0953 3120 symc810 - ok
09:56:38.0953 3120 [ 070E001D95CF725186EF8B20335F933C ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
09:56:38.0953 3120 symc8xx - ok
09:56:38.0968 3120 [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
09:56:38.0968 3120 sym_hi - ok
09:56:38.0984 3120 [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
09:56:38.0984 3120 sym_u3 - ok
09:56:39.0015 3120 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
09:56:39.0015 3120 sysaudio - ok
09:56:39.0062 3120 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
09:56:39.0062 3120 SysmonLog - ok
09:56:39.0093 3120 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
09:56:39.0109 3120 TapiSrv - ok
09:56:39.0156 3120 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
09:56:39.0156 3120 Tcpip - ok
09:56:39.0187 3120 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
09:56:39.0187 3120 TDPIPE - ok
09:56:39.0203 3120 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
09:56:39.0203 3120 TDTCP - ok
09:56:39.0234 3120 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
09:56:39.0234 3120 TermDD - ok
09:56:39.0265 3120 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
09:56:39.0265 3120 TermService - ok
09:56:39.0296 3120 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
09:56:39.0296 3120 Themes - ok
09:56:39.0328 3120 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
09:56:39.0328 3120 TlntSvr - ok
09:56:39.0359 3120 [ F2790F6AF01321B172AA62F8E1E187D9 ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys
09:56:39.0359 3120 TosIde - ok
09:56:39.0390 3120 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
09:56:39.0390 3120 TrkWks - ok
09:56:39.0437 3120 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
09:56:39.0453 3120 Udfs - ok
09:56:39.0468 3120 [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys
09:56:39.0468 3120 ultra - ok
09:56:39.0500 3120 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
09:56:39.0500 3120 Update - ok
09:56:39.0546 3120 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
09:56:39.0546 3120 upnphost - ok
09:56:39.0562 3120 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
09:56:39.0562 3120 UPS - ok
09:56:39.0625 3120 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
09:56:39.0625 3120 usbaudio - ok
09:56:39.0640 3120 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
09:56:39.0640 3120 usbccgp - ok
09:56:39.0671 3120 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
09:56:39.0671 3120 usbehci - ok
09:56:39.0703 3120 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
09:56:39.0703 3120 usbhub - ok
09:56:39.0750 3120 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
09:56:39.0750 3120 usbprint - ok
09:56:39.0781 3120 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
09:56:39.0781 3120 usbscan - ok
09:56:39.0812 3120 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
09:56:39.0812 3120 USBSTOR - ok
09:56:39.0859 3120 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
09:56:39.0859 3120 usbuhci - ok
09:56:39.0875 3120 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
09:56:39.0875 3120 usbvideo - ok
09:56:39.0906 3120 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
09:56:39.0906 3120 VgaSave - ok
09:56:39.0953 3120 [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys
09:56:39.0953 3120 viaagp - ok
09:56:39.0968 3120 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
09:56:39.0968 3120 ViaIde - ok
09:56:40.0000 3120 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
09:56:40.0000 3120 VolSnap - ok
09:56:40.0046 3120 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
09:56:40.0046 3120 VSS - ok
09:56:40.0062 3120 [ 54AF4B1D5459500EF0937F6D33B1914F ] w32time C:\WINDOWS\system32\w32time.dll
09:56:40.0062 3120 w32time - ok
09:56:40.0109 3120 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
09:56:40.0109 3120 Wanarp - ok
09:56:40.0156 3120 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
09:56:40.0156 3120 Wdf01000 - ok
09:56:40.0156 3120 WDICA - ok
09:56:40.0203 3120 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
09:56:40.0203 3120 wdmaud - ok
09:56:40.0234 3120 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
09:56:40.0234 3120 WebClient - ok
09:56:40.0328 3120 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
09:56:40.0328 3120 winmgmt - ok
09:56:40.0390 3120 [ 30FC6E5448D0CBAAA95280EEEF7FEDAE ] WinUSB C:\WINDOWS\system32\DRIVERS\WinUSB.sys
09:56:40.0390 3120 WinUSB - ok
09:56:40.0421 3120 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
09:56:40.0421 3120 WmdmPmSN - ok
09:56:40.0453 3120 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
09:56:40.0468 3120 Wmi - ok
09:56:40.0484 3120 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
09:56:40.0484 3120 WmiApSrv - ok
09:56:40.0578 3120 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
09:56:40.0578 3120 WMPNetworkSvc - ok
09:56:40.0593 3120 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
09:56:40.0593 3120 WpdUsb - ok
09:56:40.0609 3120 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
09:56:40.0609 3120 WS2IFSL - ok
09:56:40.0656 3120 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
09:56:40.0656 3120 wscsvc - ok
09:56:40.0671 3120 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
09:56:40.0671 3120 WSTCODEC - ok
09:56:40.0718 3120 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
09:56:40.0718 3120 wuauserv - ok
09:56:40.0750 3120 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
09:56:40.0750 3120 WudfPf - ok
09:56:40.0781 3120 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WUDFRd C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
09:56:40.0781 3120 WUDFRd - ok
09:56:40.0812 3120 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
09:56:40.0812 3120 WudfSvc - ok
09:56:40.0859 3120 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
09:56:40.0859 3120 WZCSVC - ok
09:56:40.0890 3120 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
09:56:40.0890 3120 xmlprov - ok
09:56:40.0921 3120 ================ Scan global ===============================
09:56:40.0968 3120 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
09:56:41.0000 3120 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
09:56:41.0015 3120 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
09:56:41.0015 3120 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
09:56:41.0031 3120 [Global] - ok
09:56:41.0031 3120 ================ Scan MBR ==================================
09:56:41.0046 3120 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
09:56:41.0250 3120 \Device\Harddisk0\DR0 - ok
09:56:41.0250 3120 ================ Scan VBR ==================================
09:56:41.0250 3120 [ 8DA5ED66222F6D94601547602F8CEFA0 ] \Device\Harddisk0\DR0\Partition1
09:56:41.0250 3120 \Device\Harddisk0\DR0\Partition1 - ok
09:56:41.0265 3120 ============================================================
09:56:41.0265 3120 Scan finished
09:56:41.0265 3120 ============================================================
09:56:41.0312 3296 Detected object count: 0
09:56:41.0312 3296 Actual detected object count: 0
09:56:56.0328 2044 ============================================================
09:56:56.0328 2044 Scan started
09:56:56.0328 2044 Mode: Manual; SigCheck; TDLFS;
09:56:56.0328 2044 ============================================================
09:56:56.0562 2044 ================ Scan system memory ========================
09:56:56.0562 2044 System memory - ok
09:56:56.0562 2044 ================ Scan services =============================
09:56:56.0718 2044 Abiosdsk - ok
09:56:56.0734 2044 [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
09:56:56.0906 2044 abp480n5 - ok
09:56:56.0953 2044 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
09:56:57.0046 2044 ACPI - ok
09:56:57.0062 2044 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
09:56:57.0156 2044 ACPIEC - ok
09:56:57.0171 2044 [ 9A11864873DA202C996558B2106B0BBC ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
09:56:57.0265 2044 adpu160m - ok
09:56:57.0296 2044 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
09:56:57.0375 2044 aec - ok
09:56:57.0406 2044 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
09:56:57.0421 2044 AFD - ok
09:56:57.0453 2044 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
09:56:57.0546 2044 agp440 - ok
09:56:57.0578 2044 [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
09:56:57.0671 2044 agpCPQ - ok
09:56:57.0687 2044 [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys
09:56:57.0750 2044 Aha154x - ok
09:56:57.0765 2044 [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
09:56:57.0859 2044 aic78u2 - ok
09:56:57.0875 2044 [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
09:56:57.0953 2044 aic78xx - ok
09:56:57.0984 2044 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
09:56:58.0078 2044 Alerter - ok
09:56:58.0093 2044 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
09:56:58.0187 2044 ALG - ok
09:56:58.0203 2044 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
09:56:58.0281 2044 AliIde - ok
09:56:58.0296 2044 [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys
09:56:58.0375 2044 alim1541 - ok
09:56:58.0390 2044 [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys
09:56:58.0484 2044 amdagp - ok
09:56:58.0500 2044 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys
09:56:58.0546 2044 amsint - ok
09:56:58.0593 2044 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
09:56:58.0734 2044 AppMgmt - ok
09:56:58.0859 2044 [ 62D318E9A0C8FC9B780008E724283707 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys
09:56:59.0015 2044 asc - ok
09:56:59.0031 2044 [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys
09:56:59.0062 2044 asc3350p - ok
09:56:59.0078 2044 [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys
09:56:59.0156 2044 asc3550 - ok
09:56:59.0265 2044 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
09:56:59.0281 2044 aspnet_state - ok
09:56:59.0312 2044 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
09:56:59.0390 2044 AsyncMac - ok
09:56:59.0406 2044 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
09:56:59.0484 2044 atapi - ok
09:56:59.0484 2044 Atdisk - ok
09:56:59.0562 2044 [ 09AD298196A9F2D8F89D58F88A1EA0D4 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
09:56:59.0593 2044 Ati HotKey Poller - ok
09:56:59.0687 2044 [ 75DF4CE950DE5CAA6E68A33B36513EF6 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
09:56:59.0765 2044 ati2mtag - ok
09:56:59.0812 2044 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
09:56:59.0906 2044 Atmarpc - ok
09:56:59.0937 2044 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
09:57:00.0015 2044 AudioSrv - ok
09:57:00.0062 2044 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
09:57:00.0171 2044 audstub - ok
09:57:00.0218 2044 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
09:57:00.0312 2044 Beep - ok
09:57:00.0359 2044 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
09:57:00.0437 2044 BITS - ok
09:57:00.0500 2044 [ 3F56903E124E820AEECE6D471583C6C1 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
09:57:00.0515 2044 Bonjour Service - ok
09:57:00.0531 2044 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
09:57:00.0562 2044 Browser - ok
09:57:00.0562 2044 catchme - ok
09:57:00.0609 2044 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
09:57:00.0703 2044 cbidf - ok
09:57:00.0703 2044 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
09:57:00.0781 2044 cbidf2k - ok
09:57:00.0828 2044 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
09:57:00.0906 2044 CCDECODE - ok
09:57:00.0921 2044 [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
09:57:00.0953 2044 cd20xrnt - ok
09:57:00.0984 2044 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
09:57:01.0062 2044 Cdaudio - ok
09:57:01.0078 2044 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
09:57:01.0156 2044 Cdfs - ok
09:57:01.0171 2044 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
09:57:01.0265 2044 Cdrom - ok
09:57:01.0265 2044 Changer - ok
09:57:01.0328 2044 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
09:57:01.0406 2044 CiSvc - ok
09:57:01.0437 2044 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
09:57:01.0515 2044 ClipSrv - ok
09:57:01.0531 2044 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:57:01.0531 2044 clr_optimization_v2.0.50727_32 - ok
09:57:01.0562 2044 [ E5DCB56C533014ECBC556A8357C929D5 ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys
09:57:01.0656 2044 CmdIde - ok
09:57:01.0656 2044 COMSysApp - ok
09:57:01.0703 2044 [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys
09:57:01.0781 2044 Cpqarray - ok
09:57:01.0875 2044 [ D01F685F8B4598D144B0CCE9FF95D8D5 ] cpudrv C:\Program Files\SystemRequirementsLab\cpudrv.sys
09:57:01.0890 2044 cpudrv - ok
09:57:01.0921 2044 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
09:57:02.0015 2044 CryptSvc - ok
09:57:02.0046 2044 [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
09:57:02.0140 2044 dac2w2k - ok
09:57:02.0156 2044 [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys
09:57:02.0265 2044 dac960nt - ok
09:57:02.0328 2044 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
09:57:02.0375 2044 DcomLaunch - ok
09:57:02.0437 2044 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
09:57:02.0515 2044 Dhcp - ok
09:57:02.0546 2044 [ A22D5A027F397E412CBB2D97E8661BFF ] Diag69xp C:\WINDOWS\system32\Drivers\Diag69xp.sys
09:57:02.0562 2044 Diag69xp ( UnsignedFile.Multi.Generic ) - warning
09:57:02.0562 2044 Diag69xp - detected UnsignedFile.Multi.Generic (1)
09:57:02.0609 2044 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
09:57:02.0671 2044 Disk - ok
09:57:02.0703 2044 [ A0500678A33802D8954153839301D539 ] DLABMFSM C:\WINDOWS\system32\Drivers\DLABMFSM.SYS
09:57:02.0703 2044 DLABMFSM - ok
09:57:02.0703 2044 [ B8D2F68CAC54D46281399F9092644794 ] DLABOIOM C:\WINDOWS\system32\Drivers\DLABOIOM.SYS
09:57:02.0718 2044 DLABOIOM - ok
09:57:02.0718 2044 [ 0EE93AB799D1CB4EC90B36F3612FE907 ] DLACDBHM C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
09:57:02.0734 2044 DLACDBHM - ok
09:57:02.0734 2044 [ 87413B94AE1FABC117C4E8AE6725134E ] DLADResM C:\WINDOWS\system32\Drivers\DLADResM.SYS
09:57:02.0734 2044 DLADResM - ok
09:57:02.0750 2044 [ 766A148235BE1C0039C974446E4C0EDC ] DLAIFS_M C:\WINDOWS\system32\Drivers\DLAIFS_M.SYS
09:57:02.0750 2044 DLAIFS_M - ok
09:57:02.0750 2044 [ 38267CCA177354F1C64450A43A4F7627 ] DLAOPIOM C:\WINDOWS\system32\Drivers\DLAOPIOM.SYS
09:57:02.0765 2044 DLAOPIOM - ok
09:57:02.0765 2044 [ FD363369FD313B46B5AEAB1A688B52E9 ] DLAPoolM C:\WINDOWS\system32\Drivers\DLAPoolM.SYS
09:57:02.0765 2044 DLAPoolM - ok
09:57:02.0781 2044 [ 336AE18F0912EF4FBE5518849E004D74 ] DLARTL_M C:\WINDOWS\system32\Drivers\DLARTL_M.SYS
09:57:02.0781 2044 DLARTL_M - ok
09:57:02.0781 2044 [ FD85F682C1CC2A7CA878C7A448E6D87E ] DLAUDFAM C:\WINDOWS\system32\Drivers\DLAUDFAM.SYS
09:57:02.0796 2044 DLAUDFAM - ok
09:57:02.0828 2044 [ AF389CE587B6BF5BBDCD6F6ABE5EABC0 ] DLAUDF_M C:\WINDOWS\system32\Drivers\DLAUDF_M.SYS
09:57:02.0828 2044 DLAUDF_M - ok
09:57:02.0828 2044 dmadmin - ok
09:57:02.0875 2044 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
09:57:02.0984 2044 dmboot - ok
09:57:03.0000 2044 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
09:57:03.0078 2044 dmio - ok
09:57:03.0093 2044 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
09:57:03.0187 2044 dmload - ok
09:57:03.0218 2044 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
09:57:03.0296 2044 dmserver - ok
09:57:03.0312 2044 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
09:57:03.0406 2044 DMusic - ok
09:57:03.0421 2044 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
09:57:03.0453 2044 Dnscache - ok
09:57:03.0484 2044 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
09:57:03.0546 2044 Dot3svc - ok
09:57:03.0578 2044 [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
09:57:03.0671 2044 dpti2o - ok
09:57:03.0671 2044 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
09:57:03.0750 2044 drmkaud - ok
09:57:03.0812 2044 [ 5D3B71BB2BB0009D65D290E2EF374BD3 ] DRVMCDB C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
09:57:03.0812 2044 DRVMCDB - ok
09:57:03.0859 2044 [ C591BA9F96F40A1FD6494DAFDCD17185 ] DRVNDDM C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
09:57:03.0875 2044 DRVNDDM - ok
09:57:03.0906 2044 [ C42009E37E377AE55968768E521E05C3 ] E1000 C:\WINDOWS\system32\DRIVERS\e1000325.sys
09:57:03.0906 2044 E1000 - ok
09:57:03.0937 2044 [ 3FCA03CBCA11269F973B70FA483C88EF ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys
09:57:04.0031 2044 E100B - ok
09:57:04.0078 2044 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
09:57:04.0156 2044 EapHost - ok
09:57:04.0203 2044 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
09:57:04.0281 2044 ERSvc - ok
09:57:04.0328 2044 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
09:57:04.0359 2044 Eventlog - ok
09:57:04.0390 2044 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
09:57:04.0421 2044 EventSystem - ok
09:57:04.0453 2044 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
09:57:04.0515 2044 Fastfat - ok
09:57:04.0562 2044 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
09:57:04.0578 2044 FastUserSwitchingCompatibility - ok
09:57:04.0625 2044 [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax C:\WINDOWS\system32\fxssvc.exe
09:57:04.0703 2044 Fax - ok
09:57:04.0734 2044 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
09:57:04.0812 2044 Fdc - ok
09:57:04.0843 2044 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
09:57:04.0937 2044 Fips - ok
09:57:04.0968 2044 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
09:57:05.0031 2044 Flpydisk - ok
09:57:05.0062 2044 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
09:57:05.0140 2044 FltMgr - ok
09:57:05.0203 2044 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
09:57:05.0203 2044 FontCache3.0.0.0 - ok
09:57:05.0218 2044 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
09:57:05.0312 2044 Fs_Rec - ok
09:57:05.0343 2044 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
09:57:05.0437 2044 Ftdisk - ok
09:57:05.0515 2044 [ FF0E0E6E5768B82BEAD44BFBCB9BDFE6 ] GoogleDesktopManager-010708-104812 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
09:57:05.0531 2044 GoogleDesktopManager-010708-104812 - ok
09:57:05.0562 2044 [ D3316F6E3C011435F36E3D6E49B3196C ] GoToAssist C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
09:57:05.0562 2044 GoToAssist - ok
09:57:05.0609 2044 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
09:57:05.0687 2044 Gpc - ok
09:57:05.0734 2044 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
09:57:05.0734 2044 gupdate - ok
09:57:05.0750 2044 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
09:57:05.0750 2044 gupdatem - ok
09:57:05.0812 2044 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
09:57:05.0812 2044 gusvc - ok
09:57:05.0875 2044 [ 56BF27D7A539F9E6BBC1DE201ABA0EDF ] HdAudAddService C:\WINDOWS\system32\drivers\AtiHdAud.sys
09:57:05.0890 2044 HdAudAddService - ok
09:57:05.0921 2044 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
09:57:06.0015 2044 HDAudBus - ok
09:57:06.0078 2044 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
09:57:06.0187 2044 helpsvc - ok
09:57:06.0187 2044 HidServ - ok
09:57:06.0218 2044 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
09:57:06.0312 2044 HidUsb - ok
09:57:06.0359 2044 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
09:57:06.0437 2044 hkmsvc - ok
09:57:06.0484 2044 [ 80D465483CECC76B6D1EE05C8FB6BD3F ] hnmsvc C:\Program Files\Dell Network Assistant\hnm_svc.exe
09:57:06.0500 2044 hnmsvc - ok
09:57:06.0515 2044 [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys
09:57:06.0593 2044 hpn - ok
09:57:06.0625 2044 [ CBD09ED9CF6822177EE85AEA4D8816A2 ] HTCAND32 C:\WINDOWS\system32\Drivers\ANDROIDUSB.sys
09:57:06.0640 2044 HTCAND32 - ok
09:57:06.0671 2044 [ 04E3B3554076B8192A668EFE88A682A1 ] htcnprot C:\WINDOWS\system32\DRIVERS\htcnprot.sys
09:57:06.0687 2044 htcnprot - ok
09:57:06.0718 2044 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
09:57:06.0750 2044 HTTP - ok
09:57:06.0781 2044 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
09:57:06.0859 2044 HTTPFilter - ok
09:57:06.0890 2044 [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
09:57:06.0984 2044 i2omgmt - ok
09:57:07.0000 2044 [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys
09:57:07.0078 2044 i2omp - ok
09:57:07.0093 2044 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
09:57:07.0187 2044 i8042prt - ok
09:57:07.0203 2044 [ E5A0034847537EAEE3C00349D5C34C5F ] iaStor C:\WINDOWS\system32\drivers\iaStor.sys
09:57:07.0218 2044 iaStor - ok
09:57:07.0281 2044 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
09:57:07.0296 2044 IDriverT ( UnsignedFile.Multi.Generic ) - warning
09:57:07.0296 2044 IDriverT - detected UnsignedFile.Multi.Generic (1)
09:57:07.0343 2044 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:57:07.0390 2044 idsvc - ok
09:57:07.0406 2044 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
09:57:07.0500 2044 Imapi - ok
09:57:07.0531 2044 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
09:57:07.0609 2044 ImapiService - ok
09:57:07.0640 2044 [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys
09:57:07.0750 2044 ini910u - ok
09:57:07.0890 2044 [ 811B31E0E0AC7BE484EFBFFC42AFCBBE ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
09:57:08.0046 2044 IntcAzAudAddService - ok
09:57:08.0093 2044 [ D27F21B7B41DF2EA1D4E7A999D3C998B ] Intel® PROSet Monitoring Service C:\WINDOWS\system32\IProsetMonitor.exe
09:57:08.0093 2044 Intel® PROSet Monitoring Service - ok
09:57:08.0140 2044 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
09:57:08.0234 2044 IntelIde - ok
09:57:08.0265 2044 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
09:57:08.0375 2044 intelppm - ok
09:57:08.0390 2044 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
09:57:08.0500 2044 Ip6Fw - ok
09:57:08.0531 2044 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
09:57:08.0656 2044 IpFilterDriver - ok
09:57:08.0671 2044 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
09:57:08.0781 2044 IpInIp - ok
09:57:08.0812 2044 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
09:57:08.0906 2044 IpNat - ok
09:57:08.0968 2044 [ 05CF6A56FBF436C347BB87FD1957ADC1 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
09:57:08.0984 2044 iPod Service - ok
09:57:09.0015 2044 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
09:57:09.0125 2044 IPSec - ok
09:57:09.0171 2044 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
09:57:09.0281 2044 IRENUM - ok
09:57:09.0312 2044 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
09:57:09.0406 2044 isapnp - ok
09:57:09.0468 2044 [ 4F2143570D2250CA4C4A4C98553C82CD ] JavaQuickStarterService C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
09:57:09.0484 2044 JavaQuickStarterService - ok
09:57:09.0484 2044 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
09:57:09.0562 2044 Kbdclass - ok
09:57:09.0562 2044 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
09:57:09.0640 2044 kbdhid - ok
09:57:09.0687 2044 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
09:57:09.0765 2044 kmixer - ok
09:57:09.0796 2044 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
09:57:09.0796 2044 KSecDD - ok
09:57:09.0859 2044 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
09:57:09.0875 2044 lanmanserver - ok
09:57:09.0890 2044 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
09:57:09.0906 2044 lanmanworkstation - ok
09:57:09.0921 2044 lbrtfdc - ok
09:57:09.0968 2044 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
09:57:10.0031 2044 LmHosts - ok
09:57:10.0109 2044 [ 63DAF163D1617DD611BD0AB8E41A43E8 ] LMIGuardianSvc C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
09:57:10.0125 2044 LMIGuardianSvc - ok
09:57:10.0171 2044 [ 4F69FAAABB7DB0D43E327C0B6AAB40FC ] LMIInfo C:\Program Files\LogMeIn\x86\RaInfo.sys
09:57:10.0171 2044 LMIInfo - ok
09:57:10.0187 2044 [ 175F50F37EEAA1D4D744BCCCBB7CF68C ] LMIMaint C:\Program Files\LogMeIn\x86\RaMaint.exe
09:57:10.0187 2044 LMIMaint - ok
09:57:10.0250 2044 [ 4477689E2D8AE6B78BA34C9AF4CC1ED1 ] lmimirr C:\WINDOWS\system32\DRIVERS\lmimirr.sys
09:57:10.0250 2044 lmimirr - ok
09:57:10.0265 2044 LMIRfsClientNP - ok
09:57:10.0281 2044 [ 3FAA563DDF853320F90259D455A01D79 ] LMIRfsDriver C:\WINDOWS\system32\drivers\LMIRfsDriver.sys
09:57:10.0281 2044 LMIRfsDriver - ok
09:57:10.0328 2044 [ 432618FA75B61059D2C57D6A7E55147A ] LogMeIn C:\Program Files\LogMeIn\x86\LogMeIn.exe
09:57:10.0343 2044 LogMeIn - ok
09:57:10.0437 2044 [ F8B823414A22DBF3BEC10DCAA5F93CD8 ] McciCMService C:\Program Files\Common Files\Motive\McciCMService.exe
09:57:10.0453 2044 McciCMService ( UnsignedFile.Multi.Generic ) - warning
09:57:10.0453 2044 McciCMService - detected UnsignedFile.Multi.Generic (1)
09:57:10.0484 2044 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
09:57:10.0609 2044 Messenger - ok
09:57:10.0656 2044 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
09:57:10.0765 2044 mnmdd - ok
09:57:10.0828 2044 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
09:57:10.0937 2044 mnmsrvc - ok
09:57:10.0984 2044 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
09:57:11.0093 2044 Modem - ok
09:57:11.0109 2044 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
09:57:11.0234 2044 Mouclass - ok
09:57:11.0265 2044 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
09:57:11.0390 2044 mouhid - ok
09:57:11.0421 2044 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
09:57:11.0515 2044 MountMgr - ok
09:57:11.0531 2044 [ D993BEA500E7382DC4E760BF4F35EFCB ] MpFilter C:\WINDOWS\system32\DRIVERS\MpFilter.sys
09:57:11.0546 2044 MpFilter - ok
09:57:11.0656 2044 MpKsl3ce97850 - ok
09:57:11.0671 2044 [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys
09:57:11.0781 2044 mraid35x - ok
09:57:11.0812 2044 [ 9BD4DCB5412921864A7AACDEDFBD1923 ] MREMP50 C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
09:57:11.0843 2044 MREMP50 ( UnsignedFile.Multi.Generic ) - warning
09:57:11.0843 2044 MREMP50 - detected UnsignedFile.Multi.Generic (1)
09:57:11.0875 2044 [ 2BC9E43F55DE8C30FC817ED56D0EE907 ] MREMPR5 C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS
09:57:11.0906 2044 MREMPR5 ( UnsignedFile.Multi.Generic ) - warning
09:57:11.0906 2044 MREMPR5 - detected UnsignedFile.Multi.Generic (1)
09:57:11.0921 2044 [ 594B9D8194E3F4ECBF0325BD10BBEB05 ] MRENDIS5 C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS
09:57:11.0921 2044 MRENDIS5 ( UnsignedFile.Multi.Generic ) - warning
09:57:11.0921 2044 MRENDIS5 - detected UnsignedFile.Multi.Generic (1)
09:57:11.0953 2044 [ 07C02C892E8E1A72D6BF35004F0E9C5E ] MRESP50 C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
09:57:11.0968 2044 MRESP50 ( UnsignedFile.Multi.Generic ) - warning
09:57:11.0968 2044 MRESP50 - detected UnsignedFile.Multi.Generic (1)
09:57:11.0984 2044 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
09:57:12.0046 2044 MRxDAV - ok
09:57:12.0093 2044 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
09:57:12.0125 2044 MRxSmb - ok
09:57:12.0171 2044 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
09:57:12.0281 2044 MSDTC - ok
09:57:12.0296 2044 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
09:57:12.0390 2044 Msfs - ok
09:57:12.0390 2044 MSIServer - ok
09:57:12.0406 2044 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
09:57:12.0500 2044 MSKSSRV - ok
09:57:12.0562 2044 [ 24516BF4E12A46CB67302E2CDCB8CDDF ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
09:57:12.0562 2044 MsMpSvc - ok
09:57:12.0593 2044 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
09:57:12.0687 2044 MSPCLOCK - ok
09:57:12.0703 2044 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
09:57:12.0796 2044 MSPQM - ok
09:57:12.0812 2044 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
09:57:12.0875 2044 mssmbios - ok
09:57:12.0906 2044 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
09:57:12.0984 2044 MSTEE - ok
09:57:13.0000 2044 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
09:57:13.0015 2044 Mup - ok
09:57:13.0046 2044 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
09:57:13.0140 2044 NABTSFEC - ok
09:57:13.0156 2044 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
09:57:13.0250 2044 napagent - ok
09:57:13.0265 2044 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
09:57:13.0343 2044 NDIS - ok
09:57:13.0375 2044 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
09:57:13.0437 2044 NdisIP - ok
09:57:13.0468 2044 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
09:57:13.0500 2044 NdisTapi - ok
09:57:13.0515 2044 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
09:57:13.0593 2044 Ndisuio - ok
09:57:13.0593 2044 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
09:57:13.0671 2044 NdisWan - ok
09:57:13.0703 2044 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
09:57:13.0718 2044 NDProxy - ok
09:57:13.0718 2044 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
09:57:13.0796 2044 NetBIOS - ok
09:57:13.0828 2044 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
09:57:13.0906 2044 NetBT - ok
09:57:13.0937 2044 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
09:57:14.0031 2044 NetDDE - ok
09:57:14.0031 2044 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
09:57:14.0093 2044 NetDDEdsdm - ok
09:57:14.0125 2044 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
09:57:14.0218 2044 Netlogon - ok
09:57:14.0250 2044 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
09:57:14.0328 2044 Netman - ok
09:57:14.0359 2044 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:57:14.0375 2044 NetTcpPortSharing - ok
09:57:14.0406 2044 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
09:57:14.0421 2044 Nla - ok
09:57:14.0421 2044 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
09:57:14.0484 2044 Npfs - ok
09:57:14.0500 2044 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
09:57:14.0593 2044 Ntfs - ok
09:57:14.0593 2044 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
09:57:14.0671 2044 NtLmSsp - ok
09:57:14.0703 2044 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
09:57:14.0796 2044 NtmsSvc - ok
09:57:14.0812 2044 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
09:57:14.0890 2044 Null - ok
09:57:14.0953 2044 [ 2B298519EDBFCF451D43E0F1E8F1006D ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
09:57:15.0078 2044 nv - ok
09:57:15.0109 2044 [ 67FB86EEB94059177642050718D57460 ] NWADI C:\WINDOWS\system32\DRIVERS\NWADIenum.sys
09:57:15.0140 2044 NWADI - ok
09:57:15.0156 2044 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
09:57:15.0250 2044 NwlnkFlt - ok
09:57:15.0265 2044 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
09:57:15.0359 2044 NwlnkFwd - ok
09:57:15.0375 2044 [ 8B8B1BE2DBA4025DA6786C645F77F123 ] NwlnkIpx C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
09:57:15.0453 2044 NwlnkIpx - ok
09:57:15.0453 2044 [ 56D34A67C05E94E16377C60609741FF8 ] NwlnkNb C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
09:57:15.0546 2044 NwlnkNb - ok
09:57:15.0562 2044 [ C0BB7D1615E1ACBDC99757F6CEAF8CF0 ] NwlnkSpx C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
09:57:15.0640 2044 NwlnkSpx - ok
09:57:15.0671 2044 [ 4E651808B35656AC88A4DCDAF6CC1169 ] NWUSBModem C:\WINDOWS\system32\DRIVERS\nwusbmdm.sys
09:57:15.0687 2044 NWUSBModem - ok
09:57:15.0703 2044 [ 4E651808B35656AC88A4DCDAF6CC1169 ] NWUSBPort C:\WINDOWS\system32\DRIVERS\nwusbser.sys
09:57:15.0718 2044 NWUSBPort - ok
09:57:15.0734 2044 [ 4E651808B35656AC88A4DCDAF6CC1169 ] NWUSBPort2 C:\WINDOWS\system32\DRIVERS\nwusbser2.sys
09:57:15.0750 2044 NWUSBPort2 - ok
09:57:15.0906 2044 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
09:57:15.0921 2044 odserv - ok
09:57:16.0015 2044 [ 99182635DC861858310BAAA6FB138824 ] OSCM Utility Service C:\Program Files\Novatel Wireless\Sprint\Sprint PCS Connection Manager\OSCMUtilityService.exe
09:57:16.0031 2044 OSCM Utility Service ( UnsignedFile.Multi.Generic ) - warning
09:57:16.0031 2044 OSCM Utility Service - detected UnsignedFile.Multi.Generic (1)
09:57:16.0062 2044 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:57:16.0078 2044 ose - ok
09:57:16.0125 2044 [ 8F856DAE19383BD69DB444004D5D4F50 ] Packet C:\WINDOWS\system32\DRIVERS\packet.sys
09:57:16.0140 2044 Packet ( UnsignedFile.Multi.Generic ) - warning
09:57:16.0140 2044 Packet - detected UnsignedFile.Multi.Generic (1)
09:57:16.0156 2044 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
09:57:16.0250 2044 Parport - ok
09:57:16.0250 2044 Partizan - ok
09:57:16.0296 2044 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
09:57:16.0390 2044 PartMgr - ok
09:57:16.0406 2044 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
09:57:16.0515 2044 ParVdm - ok
09:57:16.0546 2044 [ A1E779A0CF7A21B42E8FD3E8856D8481 ] PassThru Service C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
09:57:16.0562 2044 PassThru Service ( UnsignedFile.Multi.Generic ) - warning
09:57:16.0562 2044 PassThru Service - detected UnsignedFile.Multi.Generic (1)
09:57:16.0562 2044 PCAMPR5 - ok
09:57:16.0625 2044 [ 803C8E7F4D00FE832C1F3871514FEC85 ] PCASp50 C:\WINDOWS\system32\Drivers\PCASp50.sys
09:57:16.0640 2044 PCASp50 ( UnsignedFile.Multi.Generic ) - warning
09:57:16.0640 2044 PCASp50 - detected UnsignedFile.Multi.Generic (1)
09:57:16.0656 2044 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
09:57:16.0750 2044 PCI - ok
09:57:16.0750 2044 PCIDump - ok
09:57:16.0765 2044 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
09:57:16.0906 2044 PCIIde - ok
09:57:16.0937 2044 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
09:57:17.0046 2044 Pcmcia - ok
09:57:17.0046 2044 PDCOMP - ok
09:57:17.0078 2044 PDFRAME - ok
09:57:17.0109 2044 PDRELI - ok
09:57:17.0125 2044 PDRFRAME - ok
09:57:17.0140 2044 [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys
09:57:17.0218 2044 perc2 - ok
09:57:17.0234 2044 [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys
09:57:17.0312 2044 perc2hib - ok
09:57:17.0390 2044 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
09:57:17.0421 2044 PlugPlay - ok
09:57:17.0421 2044 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
09:57:17.0484 2044 PolicyAgent - ok
09:57:17.0515 2044 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
09:57:17.0593 2044 PptpMiniport - ok
09:57:17.0593 2044 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
09:57:17.0656 2044 ProtectedStorage - ok
09:57:17.0656 2044 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
09:57:17.0750 2044 PSched - ok
09:57:17.0828 2044 [ 5D059E1F56576A9264D2243D0C8DD7FA ] psqlWGE C:\Program Files\Pervasive Software\PSQL\bin\w3dbsmgr.exe
09:57:17.0843 2044 psqlWGE - ok
09:57:17.0875 2044 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
09:57:17.0968 2044 Ptilink - ok
09:57:18.0000 2044 [ 49452BFCEC22F36A7A9B9C2181BC3042 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
09:57:18.0015 2044 PxHelp20 - ok
09:57:18.0031 2044 [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys
09:57:18.0140 2044 ql1080 - ok
09:57:18.0171 2044 [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
09:57:18.0234 2044 Ql10wnt - ok
09:57:18.0250 2044 [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys
09:57:18.0328 2044 ql12160 - ok
09:57:18.0343 2044 [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys
09:57:18.0437 2044 ql1240 - ok
09:57:18.0453 2044 [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys
09:57:18.0546 2044 ql1280 - ok
09:57:18.0562 2044 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
09:57:18.0625 2044 RasAcd - ok
09:57:18.0671 2044 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
09:57:18.0750 2044 RasAuto - ok
09:57:18.0781 2044 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
09:57:18.0859 2044 Rasl2tp - ok
09:57:18.0906 2044 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
09:57:19.0000 2044 RasMan - ok
09:57:19.0015 2044 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
09:57:19.0078 2044 RasPppoe - ok
09:57:19.0093 2044 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
09:57:19.0171 2044 Raspti - ok
09:57:19.0203 2044 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
09:57:19.0265 2044 Rdbss - ok
09:57:19.0281 2044 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
09:57:19.0359 2044 RDPCDD - ok
09:57:19.0390 2044 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
09:57:19.0453 2044 rdpdr - ok
09:57:19.0484 2044 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
09:57:19.0515 2044 RDPWD - ok
09:57:19.0546 2044 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
09:57:19.0625 2044 RDSessMgr - ok
09:57:19.0671 2044 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
09:57:19.0750 2044 redbook - ok
09:57:19.0796 2044 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
09:57:19.0890 2044 RemoteAccess - ok
09:57:19.0921 2044 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
09:57:20.0000 2044 RemoteRegistry - ok
09:57:20.0000 2044 RimUsb - ok
09:57:20.0078 2044 [ 2C4FB2E9F039287767C384E46EE91030 ] RimVSerPort C:\WINDOWS\system32\DRIVERS\RimSerial.sys
09:57:20.0093 2044 RimVSerPort - ok
09:57:20.0156 2044 [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] ROOTMODEM C:\WINDOWS\system32\Drivers\RootMdm.sys
09:57:20.0250 2044 ROOTMODEM - ok
09:57:20.0312 2044 [ AFD61A7C48A3E15C86A6FADF0B69A2E4 ] Roxio UPnP Renderer 9 C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
09:57:20.0328 2044 Roxio UPnP Renderer 9 - ok
09:57:20.0343 2044 [ EFBB36E2BB02169D26E9980778FC20D3 ] Roxio Upnp Server 9 C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
09:57:20.0359 2044 Roxio Upnp Server 9 - ok
09:57:20.0468 2044 [ 78E680A105F47B6AA0003BD23ED9FA51 ] RoxLiveShare9 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
09:57:20.0484 2044 RoxLiveShare9 - ok
09:57:20.0531 2044 [ 9D5C024170C376D7CC66ED853FDA9068 ] RoxMediaDB9 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
09:57:20.0562 2044 RoxMediaDB9 - ok
09:57:20.0593 2044 [ 87F175539DBBA297018AA7FCDD563FF7 ] RoxWatch9 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
09:57:20.0609 2044 RoxWatch9 - ok
09:57:20.0625 2044 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
09:57:20.0703 2044 RpcLocator - ok
09:57:20.0718 2044 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll
09:57:20.0750 2044 RpcSs - ok
09:57:20.0765 2044 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
09:57:20.0859 2044 RSVP - ok
09:57:20.0906 2044 [ 471E91C38BD05CB024F9C02017235424 ] RTL8023 C:\WINDOWS\system32\DRIVERS\GA311ND5.SYS
09:57:20.0906 2044 RTL8023 ( UnsignedFile.Multi.Generic ) - warning
09:57:20.0906 2044 RTL8023 - detected UnsignedFile.Multi.Generic (1)
09:57:20.0937 2044 [ 89619EF503F949FAE09252A8B883EE11 ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
09:57:20.0953 2044 RTLE8023xp - ok
09:57:20.0984 2044 [ B9CA69921379EA2931C4450FE975BCE7 ] RTLVLAN C:\WINDOWS\system32\DRIVERS\RTLVLAN.SYS
09:57:20.0984 2044 RTLVLAN - ok
09:57:21.0093 2044 [ CCB8B892941AC394E29F0B39E71717FF ] Sage 50 SmartPosting 2013 C:\Program Files\Sage\Peachtree\SmartPostingService2013.exe
09:57:21.0109 2044 Sage 50 SmartPosting 2013 - ok
09:57:21.0156 2044 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
09:57:21.0218 2044 SamSs - ok
09:57:21.0234 2044 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
09:57:21.0296 2044 SCardSvr - ok
09:57:21.0343 2044 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
09:57:21.0437 2044 Schedule - ok
09:57:21.0468 2044 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
09:57:21.0546 2044 Secdrv - ok
09:57:21.0593 2044 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
09:57:21.0671 2044 seclogon - ok
09:57:21.0687 2044 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
09:57:21.0765 2044 SENS - ok
09:57:21.0812 2044 [ B490AD520257DDA26C1D587A71E527B5 ] Ser2pl C:\WINDOWS\system32\DRIVERS\ser2pl.sys
09:57:21.0828 2044 Ser2pl - ok
09:57:21.0859 2044 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
09:57:21.0921 2044 serenum - ok
09:57:21.0953 2044 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
09:57:22.0031 2044 Serial - ok
09:57:22.0093 2044 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
09:57:22.0171 2044 Sfloppy - ok
09:57:22.0218 2044 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
09:57:22.0296 2044 SharedAccess - ok
09:57:22.0343 2044 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
09:57:22.0343 2044 ShellHWDetection - ok
09:57:22.0343 2044 Simbad - ok
09:57:22.0390 2044 [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
09:57:22.0453 2044 sisagp - ok
09:57:22.0484 2044 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
09:57:22.0562 2044 SLIP - ok
09:57:22.0609 2044 [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys
09:57:22.0640 2044 Sparrow - ok
09:57:22.0656 2044 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
09:57:22.0734 2044 splitter - ok
09:57:22.0765 2044 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
09:57:22.0781 2044 Spooler - ok
09:57:22.0812 2044 sprtsvc_dellsupportcenter - ok
09:57:22.0828 2044 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
09:57:22.0906 2044 sr - ok
09:57:22.0937 2044 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
09:57:23.0015 2044 srservice - ok
09:57:23.0046 2044 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
09:57:23.0078 2044 Srv - ok
09:57:23.0093 2044 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
09:57:23.0171 2044 SSDPSRV - ok
09:57:23.0187 2044 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
09:57:23.0281 2044 stisvc - ok
09:57:23.0328 2044 [ DE3E7A2345EBAA3CE8E6957DFB55FB15 ] stllssvr C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
09:57:23.0328 2044 stllssvr ( UnsignedFile.Multi.Generic ) - warning
09:57:23.0328 2044 stllssvr - detected UnsignedFile.Multi.Generic (1)
09:57:23.0375 2044 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
09:57:23.0453 2044 streamip - ok
09:57:23.0468 2044 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
09:57:23.0562 2044 swenum - ok
09:57:23.0593 2044 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
09:57:23.0671 2044 swmidi - ok
09:57:23.0671 2044 SwPrv - ok
09:57:23.0734 2044 [ 1FF3217614018630D0A6758630FC698C ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys
09:57:23.0812 2044 symc810 - ok
09:57:23.0828 2044 [ 070E001D95CF725186EF8B20335F933C ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
09:57:23.0921 2044 symc8xx - ok
09:57:23.0937 2044 [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
09:57:24.0031 2044 sym_hi - ok
09:57:24.0062 2044 [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
09:57:24.0140 2044 sym_u3 - ok
09:57:24.0187 2044 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
09:57:24.0265 2044 sysaudio - ok
09:57:24.0312 2044 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
09:57:24.0375 2044 SysmonLog - ok
09:57:24.0421 2044 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
09:57:24.0484 2044 TapiSrv - ok
09:57:24.0531 2044 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
09:57:24.0562 2044 Tcpip - ok
09:57:24.0609 2044 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
09:57:24.0671 2044 TDPIPE - ok
09:57:24.0687 2044 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
09:57:24.0765 2044 TDTCP - ok
09:57:24.0796 2044 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
09:57:24.0890 2044 TermDD - ok
09:57:24.0921 2044 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
09:57:25.0000 2044 TermService - ok
09:57:25.0031 2044 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
09:57:25.0031 2044 Themes - ok
09:57:25.0078 2044 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
09:57:25.0156 2044 TlntSvr - ok
09:57:25.0187 2044 [ F2790F6AF01321B172AA62F8E1E187D9 ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys
09:57:25.0265 2044 TosIde - ok
09:57:25.0296 2044 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
09:57:25.0375 2044 TrkWks - ok
09:57:25.0406 2044 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
09:57:25.0500 2044 Udfs - ok
09:57:25.0515 2044 [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys
09:57:25.0562 2044 ultra - ok
09:57:25.0609 2044 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
09:57:25.0687 2044 Update - ok
09:57:25.0718 2044 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
09:57:25.0796 2044 upnphost - ok
09:57:25.0828 2044 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
09:57:25.0921 2044 UPS - ok
09:57:25.0968 2044 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
09:57:26.0046 2044 usbaudio - ok
09:57:26.0062 2044 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
09:57:26.0156 2044 usbccgp - ok
09:57:26.0187 2044 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
09:57:26.0265 2044 usbehci - ok
09:57:26.0281 2044 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
09:57:26.0375 2044 usbhub - ok
09:57:26.0406 2044 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
09:57:26.0484 2044 usbprint - ok
09:57:26.0531 2044 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
09:57:26.0609 2044 usbscan - ok
09:57:26.0656 2044 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
09:57:26.0718 2044 USBSTOR - ok
09:57:26.0765 2044 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
09:57:26.0843 2044 usbuhci - ok
09:57:26.0875 2044 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
09:57:26.0937 2044 usbvideo - ok
09:57:26.0968 2044 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
09:57:27.0031 2044 VgaSave - ok
09:57:27.0078 2044 [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys
09:57:27.0140 2044 viaagp - ok
09:57:27.0156 2044 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
09:57:27.0250 2044 ViaIde - ok
09:57:27.0265 2044 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
09:57:27.0328 2044 VolSnap - ok
09:57:27.0375 2044 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
09:57:27.0437 2044 VSS - ok
09:57:27.0468 2044 [ 54AF4B1D5459500EF0937F6D33B1914F ] w32time C:\WINDOWS\system32\w32time.dll
09:57:27.0562 2044 w32time - ok
09:57:27.0609 2044 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
09:57:27.0687 2044 Wanarp - ok
09:57:27.0734 2044 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
09:57:27.0750 2044 Wdf01000 - ok
09:57:27.0750 2044 WDICA - ok
09:57:27.0781 2044 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
09:57:27.0875 2044 wdmaud - ok
09:57:27.0906 2044 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
09:57:27.0984 2044 WebClient - ok
09:57:28.0062 2044 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
09:57:28.0140 2044 winmgmt - ok
09:57:28.0187 2044 [ 30FC6E5448D0CBAAA95280EEEF7FEDAE ] WinUSB C:\WINDOWS\system32\DRIVERS\WinUSB.sys
09:57:28.0203 2044 WinUSB - ok
09:57:28.0234 2044 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
09:57:28.0234 2044 WmdmPmSN - ok
09:57:28.0265 2044 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
09:57:28.0312 2044 Wmi - ok
09:57:28.0343 2044 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
09:57:28.0421 2044 WmiApSrv - ok
09:57:28.0515 2044 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
09:57:28.0562 2044 WMPNetworkSvc - ok
09:57:28.0578 2044 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
09:57:28.0593 2044 WpdUsb - ok
09:57:28.0625 2044 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
09:57:28.0718 2044 WS2IFSL - ok
09:57:28.0750 2044 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
09:57:28.0828 2044 wscsvc - ok
09:57:28.0859 2044 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
09:57:28.0953 2044 WSTCODEC - ok
09:57:28.0984 2044 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
09:57:29.0046 2044 wuauserv - ok
09:57:29.0093 2044 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
09:57:29.0109 2044 WudfPf - ok
09:57:29.0156 2044 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WUDFRd C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
09:57:29.0171 2044 WUDFRd - ok
09:57:29.0203 2044 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
09:57:29.0234 2044 WudfSvc - ok
09:57:29.0265 2044 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
09:57:29.0359 2044 WZCSVC - ok
09:57:29.0390 2044 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
09:57:29.0468 2044 xmlprov - ok
09:57:29.0531 2044 ================ Scan global ===============================
09:57:29.0578 2044 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
09:57:29.0625 2044 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
09:57:29.0625 2044 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
09:57:29.0640 2044 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
09:57:29.0640 2044 [Global] - ok
09:57:29.0640 2044 ================ Scan MBR ==================================
09:57:29.0671 2044 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
09:57:29.0953 2044 \Device\Harddisk0\DR0 - ok
09:57:29.0953 2044 ================ Scan VBR ==================================
09:57:29.0953 2044 [ 8DA5ED66222F6D94601547602F8CEFA0 ] \Device\Harddisk0\DR0\Partition1
09:57:29.0953 2044 \Device\Harddisk0\DR0\Partition1 - ok
09:57:29.0968 2044 ============================================================
09:57:29.0968 2044 Scan finished
09:57:29.0968 2044 ============================================================
09:57:30.0078 3108 Detected object count: 13
09:57:30.0078 3108 Actual detected object count: 13
09:57:33.0187 3108 Diag69xp ( UnsignedFile.Multi.Generic ) - skipped by user
09:57:33.0187 3108 Diag69xp ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:57:33.0187 3108 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
09:57:33.0187 3108 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:57:33.0203 3108 McciCMService ( UnsignedFile.Multi.Generic ) - skipped by user
09:57:33.0203 3108 McciCMService ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:57:33.0203 3108 MREMP50 ( UnsignedFile.Multi.Generic ) - skipped by user
09:57:33.0203 3108 MREMP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:57:33.0218 3108 MREMPR5 ( UnsignedFile.Multi.Generic ) - skipped by user
09:57:33.0218 3108 MREMPR5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:57:33.0218 3108 MRENDIS5 ( UnsignedFile.Multi.Generic ) - skipped by user
09:57:33.0218 3108 MRENDIS5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:57:33.0218 3108 MRESP50 ( UnsignedFile.Multi.Generic ) - skipped by user
09:57:33.0218 3108 MRESP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:57:33.0234 3108 OSCM Utility Service ( UnsignedFile.Multi.Generic ) - skipped by user
09:57:33.0234 3108 OSCM Utility Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:57:33.0234 3108 Packet ( UnsignedFile.Multi.Generic ) - skipped by user
09:57:33.0234 3108 Packet ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:57:33.0234 3108 PassThru Service ( UnsignedFile.Multi.Generic ) - skipped by user
09:57:33.0234 3108 PassThru Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:57:33.0250 3108 PCASp50 ( UnsignedFile.Multi.Generic ) - skipped by user
09:57:33.0250 3108 PCASp50 ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:57:33.0250 3108 RTL8023 ( UnsignedFile.Multi.Generic ) - skipped by user
09:57:33.0250 3108 RTL8023 ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:57:33.0250 3108 stllssvr ( UnsignedFile.Multi.Generic ) - skipped by user
09:57:33.0250 3108 stllssvr ( UnsignedFile.Multi.Generic ) - User select action: Skip

Attached Files


Edited by mikebz5, 24 August 2012 - 08:58 AM.

  • 0

#5
ali.B

ali.B

    Trusted Helper

  • Malware Removal
  • 3,086 posts
hi

Download and Install Combofix

Download ComboFix from one of the following locations:
Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop

* IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
  • Double click on ComboFix.exe & follow the prompts.
  • Accept the disclaimer and allow to update if it asks

    Posted Image

    Posted Image
  • When finished, it shall produce a log for you.
  • Please include the C:\ComboFix.txt in your next reply.

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.
3. If after the reboot you get errors about programmes being marked for deletion then reboot, that will cure it.

  • 0

#6
mikebz5

mikebz5

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
ComboFix 12-08-24.01 - MikeB 08/24/2012 10:40:50.2.4 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3326.2596 [GMT -5:00]
Running from: c:\documents and settings\MikeB\My Documents\Downloads\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\drivers\etc\hosts.ics
.
.
((((((((((((((((((((((((( Files Created from 2012-07-24 to 2012-08-24 )))))))))))))))))))))))))))))))
.
.
2012-08-24 13:01 . 2012-08-24 14:08 -------- d-----w- c:\documents and settings\All Users\Application Data\MFAData
2012-08-24 13:01 . 2012-08-24 13:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Common Files
2012-08-24 12:27 . 2012-08-24 12:27 -------- d-----w- C:\_OTM
2012-08-24 07:30 . 2012-08-24 07:30 56200 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CE785E42-BB16-494C-8C17-99BE3724D38F}\offreg.dll
2012-08-24 07:29 . 2012-08-01 22:51 7023536 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CE785E42-BB16-494C-8C17-99BE3724D38F}\mpengine.dll
2012-08-23 17:52 . 2012-08-01 22:51 7023536 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-08-23 16:24 . 2012-08-24 12:49 -------- d-----w- c:\documents and settings\All Users\Application Data\RegRun
2012-08-23 16:24 . 2012-08-23 16:24 2 --s-atr- c:\windows\winstart.bat
2012-08-23 16:24 . 2012-08-24 12:50 -------- d-----w- c:\program files\UnHackMe
2012-08-23 15:27 . 2012-08-23 15:52 -------- d-----w- c:\program files\PC Tools
2012-08-23 15:23 . 2012-06-22 20:34 203120 ----a-w- c:\windows\system32\drivers\PCTSD.sys
2012-08-23 15:23 . 2012-08-23 15:52 -------- d-----w- c:\program files\Common Files\PC Tools
2012-08-23 15:23 . 2012-08-23 15:51 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Tools
2012-08-23 15:23 . 2012-08-23 15:23 -------- d-----w- c:\documents and settings\MikeB\Application Data\TestApp
2012-08-23 12:21 . 2012-08-23 12:22 -------- d-----w- c:\documents and settings\All Users\Application Data\HitmanPro
2012-08-16 19:18 . 2012-08-16 19:28 -------- d-----w- c:\documents and settings\MikeB\jmeeting
2012-08-15 18:33 . 2008-04-13 17:45 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2012-08-15 18:33 . 2008-04-13 17:45 15104 ----a-w- c:\windows\system32\dllcache\usbscan.sys
2012-08-15 18:33 . 2001-08-18 03:36 5632 ----a-w- c:\windows\system32\ptpusb.dll
2012-08-15 18:33 . 2008-04-13 23:12 159232 ----a-w- c:\windows\system32\ptpusd.dll
2012-08-14 14:46 . 2012-08-14 14:46 -------- d-----w- C:\Intel17.2
2012-08-14 14:36 . 2012-06-19 21:01 295832 ----a-w- c:\windows\system32\PROUnstl.exe
2012-08-14 12:54 . 2012-08-14 12:54 -------- d-----w- c:\program files\iPod
2012-08-13 17:03 . 2012-08-13 17:03 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Mozilla
2012-08-13 17:02 . 2012-08-13 17:02 -------- d-s---w- c:\documents and settings\Administrator\IETldCache
2012-08-13 16:50 . 2012-08-13 16:50 -------- d-----w- c:\documents and settings\MikeB\Local Settings\Application Data\Sun
2012-08-13 16:45 . 2012-08-13 16:45 -------- d-----w- c:\program files\Oracle
2012-08-13 16:45 . 2012-08-13 16:45 -------- d-----w- c:\documents and settings\MikeB\Application Data\Oracle
2012-08-13 16:45 . 2012-07-06 03:06 772544 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-08-13 16:44 . 2012-08-13 16:44 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee
2012-08-13 15:10 . 2012-08-13 15:10 -------- d-----w- c:\program files\Cisco Systems
2012-08-13 15:03 . 2012-08-13 15:03 -------- d-----w- c:\documents and settings\All Users\Application Data\Cisco Systems
2012-07-27 20:51 . 2012-07-27 20:51 184248 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2012-07-27 20:51 . 2012-07-27 20:51 184248 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll
2012-07-27 15:46 . 2008-08-28 23:37 41080 ----a-w- c:\windows\system32\NicInstG.dll
2012-07-27 15:46 . 2007-08-07 08:28 28272 ----a-w- c:\windows\system32\NicCo2.dll
2012-07-27 15:46 . 2008-08-20 20:18 171152 ----a-w- c:\windows\system32\drivers\e1000325.sys
2012-07-27 15:46 . 2007-12-14 18:06 121440 ----a-w- c:\windows\system32\e1000msg.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-14 17:28 . 2009-11-19 03:01 83392 ----a-w- c:\windows\system32\LMIRfsClientNP.dll
2012-08-14 17:28 . 2009-11-19 03:01 52128 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\LMIproc.dll
2012-08-14 17:28 . 2009-11-19 03:01 30624 ----a-w- c:\windows\system32\LMIport.dll
2012-08-14 17:28 . 2009-11-19 03:01 87456 ----a-w- c:\windows\system32\LMIinit.dll
2012-08-13 17:27 . 2009-07-09 11:08 256 ----a-w- c:\documents and settings\MikeB\pool.bin
2012-07-12 11:46 . 2012-05-11 15:46 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-07-12 11:46 . 2011-07-30 13:16 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-06 13:58 . 2004-08-11 22:00 78336 ----a-w- c:\windows\system32\browser.dll
2012-07-06 03:07 . 2008-08-13 20:34 143872 ----a-w- c:\windows\system32\javacpl.cpl
2012-07-06 03:06 . 2010-08-23 18:29 687544 ----a-w- c:\windows\system32\deployJava1.dll
2012-07-05 15:10 . 2009-09-10 17:12 804 ----a-w- c:\windows\PSODBCEI.reg
2012-07-05 15:10 . 2009-09-10 17:12 804 ----a-w- c:\windows\PSODBCCI.reg
2012-07-05 15:10 . 2009-09-10 17:12 610 ----a-w- c:\windows\PSOA.reg
2012-07-05 15:10 . 2009-09-10 17:12 18798 ----a-w- c:\windows\PriorPervasive.reg
2012-07-04 14:05 . 2004-08-11 22:11 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-07-03 18:46 . 2009-09-10 16:35 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-07-03 13:40 . 2004-08-11 22:00 1866112 ----a-w- c:\windows\system32\win32k.sys
2012-07-02 17:52 . 2012-07-02 17:52 682296 ----a-w- c:\windows\system32\ncs2dmix.dll
2012-07-02 17:52 . 2012-07-02 17:52 559416 ----a-w- c:\windows\system32\accesor.dll
2012-07-02 17:49 . 2004-08-11 22:00 916992 ----a-w- c:\windows\system32\wininet.dll
2012-07-02 17:49 . 2004-08-11 22:00 43520 ------w- c:\windows\system32\licmgr10.dll
2012-07-02 17:49 . 2004-08-11 22:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-07-02 17:41 . 2012-07-02 17:41 163128 ----a-w- c:\windows\system32\ncs2instutility.dll
2012-07-02 17:36 . 2012-07-02 17:36 2378552 ----a-w- c:\windows\system32\ncscolib.dll
2012-07-02 12:05 . 2004-08-11 22:00 385024 ------w- c:\windows\system32\html.iec
2012-06-27 22:26 . 2012-06-27 22:26 171008 ----a-w- c:\windows\system32\Ncs2Setp.dll
2012-06-25 21:04 . 2012-06-25 21:04 1394248 ----a-w- c:\windows\system32\msxml4.dll
2012-06-15 14:06 . 2008-08-13 20:47 499712 ----a-w- c:\windows\system32\msvcp71.dll
2012-06-15 14:06 . 2008-08-13 20:47 348160 ----a-w- c:\windows\system32\msvcr71.dll
2012-06-15 11:07 . 2012-06-15 11:07 120720 ----a-w- c:\windows\system32\drivers\ianswxp.sys
2012-06-07 01:59 . 2012-06-07 01:59 1070152 ----a-w- c:\windows\system32\MSCOMCTL.OCX
2012-06-06 14:19 . 2012-06-06 14:19 31080 ----a-w- c:\windows\system32\drivers\iqvw32.sys
2012-06-05 22:40 . 2012-06-05 22:40 133992 ----a-w- c:\windows\system32\IPROSetMonitor.exe
2012-06-05 15:50 . 2009-08-19 23:07 1372672 ------w- c:\windows\system32\msxml6.dll
2012-06-05 15:50 . 2004-08-11 22:00 1172480 ----a-w- c:\windows\system32\msxml3.dll
2012-06-04 22:35 . 2010-12-30 11:15 222448 ----a-w- c:\windows\system32\muweb.dll
2012-06-04 04:32 . 2004-08-11 22:00 152576 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 20:19 . 2007-07-31 00:18 22040 ----a-w- c:\windows\system32\wucltui.dll.mui
2012-06-02 20:19 . 2007-07-31 00:19 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 20:19 . 2004-08-11 22:12 329240 ----a-w- c:\windows\system32\wucltui.dll
2012-06-02 20:19 . 2004-08-11 22:12 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
2012-06-02 20:19 . 2004-08-11 22:12 210968 ----a-w- c:\windows\system32\wuweb.dll
2012-06-02 20:19 . 2007-07-31 00:19 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 20:19 . 2007-07-31 00:19 15384 ----a-w- c:\windows\system32\wuapi.dll.mui
2012-06-02 20:19 . 2004-08-11 22:12 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 20:19 . 2004-08-11 22:12 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-02 20:19 . 2004-08-11 22:00 97304 ----a-w- c:\windows\system32\cdm.dll
2012-06-02 20:19 . 2007-07-31 00:18 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui
2012-06-02 20:19 . 2004-08-11 22:12 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 20:19 . 2004-08-11 22:12 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 20:18 . 2010-12-30 11:15 275696 ----a-w- c:\windows\system32\mucltui.dll
2012-06-02 20:18 . 2010-12-30 11:15 17136 ----a-w- c:\windows\system32\mucltui.dll.mui
2012-05-31 13:22 . 2004-08-11 22:00 599040 ----a-w- c:\windows\system32\crypt32.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-08-23_17.39.52 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-12 05:02 . 2009-07-12 05:02 51008 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_f0ccd4aa\vcomp90.dll
+ 2009-07-12 05:02 . 2009-07-12 05:02 59728 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90rus.dll
+ 2009-07-12 05:02 . 2009-07-12 05:02 42832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90kor.dll
+ 2009-07-12 05:02 . 2009-07-12 05:02 43344 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90jpn.dll
+ 2009-07-12 05:02 . 2009-07-12 05:02 61264 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90ita.dll
+ 2009-07-12 05:02 . 2009-07-12 05:02 62800 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90fra.dll
+ 2009-07-12 05:02 . 2009-07-12 05:02 61760 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esp.dll
+ 2009-07-12 05:02 . 2009-07-12 05:02 61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esn.dll
+ 2009-07-12 05:02 . 2009-07-12 05:02 53568 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90enu.dll
+ 2009-07-12 05:02 . 2009-07-12 05:02 63296 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90deu.dll
+ 2009-07-12 05:02 . 2009-07-12 05:02 36688 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90cht.dll
+ 2009-07-12 05:02 . 2009-07-12 05:02 35648 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90chs.dll
+ 2012-08-24 14:10 . 2012-08-24 14:10 16384 c:\windows\Temp\Perflib_Perfdata_63c.dat
+ 2004-08-11 22:00 . 2008-04-14 00:11 640000 c:\windows\system32\dllcache\dbghelp.dll
+ 2012-08-24 13:04 . 2012-08-24 13:04 219648 c:\windows\Installer\1220b7.msi
+ 2012-08-24 12:22 . 2012-08-24 12:22 892928 c:\windows\erdnt\8-24-2012\Users\00000002\UsrClass.dat
+ 2012-08-24 12:22 . 2005-10-20 17:02 163328 c:\windows\erdnt\8-24-2012\ERDNT.EXE
+ 2012-08-24 13:08 . 2012-08-24 13:08 5164032 c:\windows\Installer\1220bf.msi
+ 2012-08-24 13:05 . 2012-08-24 13:05 2208768 c:\windows\Installer\1220bb.msi
+ 2012-08-24 12:22 . 2012-08-24 12:22 6885376 c:\windows\erdnt\8-24-2012\Users\00000001\NTUSER.DAT
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\MikeB\Application Data\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\MikeB\Application Data\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\MikeB\Application Data\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\MikeB\Application Data\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2008-10-24 206112]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Seagull Drivers"="ssdal_nc.exe startup" [X]
"WrtMon.exe"="c:\windows\system32\spool\drivers\w32x86\3\WrtMon.exe" [2006-09-20 20480]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
"RoxWatchTray"="c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2009-07-08 236016]
"PeachtreePrefetcher.exe"="c:\program files\Sage\Peachtree\PeachtreePrefetcher.exe" [2012-04-13 319816]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 931200]
"LogMeIn GUI"="c:\program files\LogMeIn\x86\LogMeInSystray.exe" [2008-08-11 63048]
"Dell DataSafe Online"="c:\program files\Dell DataSafe Online\DataSafeOnline.exe" [2010-02-09 1807680]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"8169Diag"="c:\program files\Realtek\Diagnostics Utility\8169Diag.exe" [2008-02-26 909312]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-04-19 421888]
.
c:\documents and settings\MikeB\Start Menu\Programs\Startup\
Dropbox.lnk - c:\documents and settings\MikeB\Application Data\Dropbox\bin\Dropbox.exe [2012-5-24 27112840]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
2008-08-16 13:43 10536 ----a-w- c:\program files\Citrix\GoToAssist\514\g2awinlogon.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2012-08-14 17:28 87456 ----a-w- c:\windows\system32\LMIinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Dell Network Assistant.lnk]
backup=c:\windows\pss\Dell Network Assistant.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^GA311 Smart Wizard Utility.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\GA311 Smart Wizard Utility.lnk
backup=c:\windows\pss\GA311 Smart Wizard Utility.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^MikeB^Start Menu^Programs^Startup^Desktop Manager.lnk]
backup=c:\windows\pss\Desktop Manager.lnkStartup
backupExtension=Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^MikeB^Start Menu^Programs^Startup^IMVU.lnk]
path=c:\documents and settings\MikeB\Start Menu\Programs\Startup\IMVU.lnk
backup=c:\windows\pss\IMVU.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
2008-08-13 20:41 29744 ----a-w- c:\program files\Google\Google Desktop Search\GoogleDesktop.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk]
2007-01-01 21:22 3739648 ----a-w- c:\program files\Google\Google Talk\googletalk.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2009-06-05 18:39 292136 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVDDXSrv]
2008-02-26 15:57 128296 ------w- c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2012-04-19 01:56 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Scan Buttons]
2007-10-07 17:08 153424 ----a-w- c:\program files\NewSoft\Presto! PageManager 7.15\Pmsb.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2008-08-16 13:31 68856 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2012-06-15 14:06 296056 ----a-w- c:\program files\Real\RealPlayer\Update\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"iPod Service"=3 (0x3)
"WudfSvc"=2 (0x2)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\CyberLink\\PowerDVD DX\\PowerDVD.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD DX\\PDVDDXSrv.exe"=
"c:\\Program Files\\Pervasive Software\\PSQL\\bin\\w3dbsmgr.exe"=
"c:\\Program Files\\Dell Network Assistant\\ezi_hnm2.exe"=
"c:\\Program Files\\Google\\Google Talk\\googletalk.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Documents and Settings\\MikeB\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
"c:\\Documents and Settings\\MikeB\\Application Data\\Dropbox\\bin\\Dropbox.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\Java\\jre7\\bin\\java.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"10421:UDP"= 10421:UDP:SingleClick Discovery Protocol
"10426:UDP"= 10426:UDP:SingleClick ICC
"6160:TCP"= 6160:TCP:Seagull Driver Networking
"1583:TCP"= 1583:TCP:Pervasive DBEngine
"3351:TCP"= 3351:TCP:Pervasive DBEngine
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
.
R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;c:\windows\system32\IPROSetMonitor.exe [6/5/2012 5:40 PM 133992]
R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\LogMeIn\x86\LMIGuardianSvc.exe [10/21/2011 12:13 PM 374184]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\rainfo.sys [8/11/2008 1:41 PM 12856]
R2 PassThru Service;Internet Pass-Through Service;c:\program files\HTC\Internet Pass-Through\PassThruSvr.exe [3/31/2011 4:08 PM 80896]
R2 psqlWGE;Pervasive PSQL Workgroup Engine;c:\program files\Pervasive Software\PSQL\bin\w3dbsmgr.exe [6/6/2008 1:03 PM 435496]
S1 MpKsl3ce97850;MpKsl3ce97850;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CE785E42-BB16-494C-8C17-99BE3724D38F}\MpKsl3ce97850.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CE785E42-BB16-494C-8C17-99BE3724D38F}\MpKsl3ce97850.sys [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [4/10/2010 6:27 AM 135664]
S3 cpudrv;cpudrv;c:\program files\SystemRequirementsLab\cpudrv.sys [6/2/2011 11:08 AM 11336]
S3 Diag69xp;Diag69xp;c:\windows\system32\drivers\diag69xp.sys [8/13/2008 3:35 PM 11264]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [4/10/2010 6:27 AM 135664]
S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [9/29/2011 3:04 PM 24576]
S3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\drivers\htcnprot.sys [6/22/2010 6:01 PM 21248]
S3 NWUSBPort2;Novatel Wireless USB Status2 Port Driver;c:\windows\system32\drivers\nwusbser2.sys [11/7/2006 9:32 AM 99200]
S3 RTLVLAN;Realtek VLAN Intermediate Driver;c:\windows\system32\drivers\RTLVLAN.SYS [8/13/2008 3:35 PM 16640]
S3 Sage 50 SmartPosting 2013;Sage 50 SmartPosting 2013;c:\program files\Sage\Peachtree\SmartPostingService2013.exe [4/13/2012 10:12 AM 334152]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - 00920602
*NewlyCreated* - 79292994
*NewlyCreated* - TRUESIGHT
*Deregistered* - 00920602
*Deregistered* - 79292994
*Deregistered* - TrueSight
.
Contents of the 'Scheduled Tasks' folder
.
2012-08-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-10 11:27]
.
2012-08-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-10 11:27]
.
2012-08-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-593855856-1484460155-3387710267-1005Core.job
- c:\documents and settings\MikeB\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-06-28 05:53]
.
2012-08-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-593855856-1484460155-3387710267-1005UA.job
- c:\documents and settings\MikeB\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-06-28 05:53]
.
2012-08-24 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job
- c:\program files\Microsoft Security Client\MpCmdRun.exe [2012-03-26 22:03]
.
2012-08-23 c:\windows\Tasks\Sage 50 Backup 1.job
- c:\program files\Sage\Peachtree\PeachtreeBackup.exe [2012-04-13 15:12]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.att.net/
mSearch Bar = hxxp://www.google.com/ie
uInternet Connection Wizard,ShellNext = hxxp://pccheckup.dellfix.com/en/?appIndex=dellspct
uInternet Settings,ProxyOverride = 127.0.0.1;*.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\MikeB\Start Menu\Programs\IMVU\Run IMVU.lnk
TCP: DhcpNameServer = 8.8.8.8 8.8.4.4 10.168.141.190
TCP: Interfaces\{7F84D95D-E2C0-4628-8943-3356FD3F43D4}: NameServer = 192.168.0.1
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
.
- - - - ORPHANS REMOVED - - - -
.
HKLM-Run-ROC_roc_ssl_v12 - c:\program files\AVG Secure Search\ROC_roc_ssl_v12.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-08-24 10:43
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{3782D402-1413-2B4D-D5B93EB7648B29D4}\{9536055C-1E13-65AB-BABDBD84391B7DD3}\{70487E18-04C4-4686-6F59FE851A688CA9}*]
"W33ZWTG4UJJTAHQAC1VZJEW4ZD1"=hex:01,00,01,00,00,00,00,00,95,3d,0f,4b,3f,ef,ad,
b2,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Cryptography\RNG*]
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(1112)
c:\windows\system32\Ati2evxx.dll
c:\program files\Citrix\GoToAssist\514\G2AWinLogon.dll
c:\windows\system32\LMIinit.dll
c:\windows\system32\LMIRfsClientNP.dll
.
Completion time: 2012-08-24 10:45:58
ComboFix-quarantined-files.txt 2012-08-24 15:45
ComboFix2.txt 2012-08-23 17:45
.
Pre-Run: 161,463,508,992 bytes free
Post-Run: 161,482,907,648 bytes free
.
- - End Of File - - 4BFEC3FD4A76B18133996CF8EE49E4A0
  • 0

#7
ali.B

ali.B

    Trusted Helper

  • Malware Removal
  • 3,086 posts
hi

Step 1

Update MalwareBytes AntiMalware and Run a Quick Scan.
Post the log it produces

Step 2

ESET Online Scanner


  • Click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Check Posted Image
  • Push the Start button.
  • ESET will then download updates for itself, install itself, and begin
    scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as
    ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


Things i would like to see in your reply:
  • Malwarebytes Results.
  • Eset scanner report.
  • Update on how your computer is running

  • 0

#8
mikebz5

mikebz5

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
HI,
ESET is still running but so far has found Win32/BHO.OEI trojan. Should I quarantine or remove this when the scan is complete?

Will post logs for ESET and Malwarebytes when complete.

Thanks,

Mike
  • 0

#9
ali.B

ali.B

    Trusted Helper

  • Malware Removal
  • 3,086 posts
Quarantine
  • 0

#10
mikebz5

mikebz5

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
Running Malwarebytes now..


ESET log:

C:\Documents and Settings\MikeB\Local Settings\Application Data\Google\Chrome\User Data\Default\Default\aagfggdedggedfgedfgcdigddegcdidb\background.html Win32/BHO.OEI trojan cleaned by deleting - quarantined
  • 0

Advertisements


#11
mikebz5

mikebz5

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.23.05

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
MikeB :: MIKE [administrator]

8/27/2012 9:53:41 AM
mbam-log-2012-08-27 (09-53-41).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 348218
Time elapsed: 51 minute(s), 55 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
  • 0

#12
mikebz5

mikebz5

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
Still being redirected...sigh
  • 0

#13
mikebz5

mikebz5

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
Correction: I hadn't closed Chrome after eset quarantined. I closed it and then reopened and it appears it's ok now. I will keep checking.

If this ends up working, is there anything else I need to do cleanup wise?

If this does it I'm send a very nice donation your way!
  • 0

#14
ali.B

ali.B

    Trusted Helper

  • Malware Removal
  • 3,086 posts
let me know if you encounter any redirects in the next 24 hours :)
  • 0

#15
mikebz5

mikebz5

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
I'm fixed!!!!!!

Literally 100's of test searches over the last 24hrs and no redirects!

Thank you sooo much!!

If you can accept paypal donations, I'll gladly send one to you!

This forum ROCKS!!!!

Any further instructions?
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP