Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Click On Firefox/Chrome's icon BUT IE Opens - Need Help Urgently [

Started by WyffGoaL , Aug 28 2012 10:14 PM

  • This topic is locked This topic is locked

#1
WyffGoaL
Posted 28 August 2012 - 10:14 PM

WyffGoaL

    Member

  • Member
  • PipPip
  • 57 posts
Hi everyone,

I was surfing the Internet and working on my project this morning, everything worked just fine. Then all of a sudden I was no longer able to open my Firefox and Chrome.

Whenever I try to open my FireFox and Chrome, it will load up IE instead. I even have tried to open Chrome and FireFox directly from their directory using the main .exe files, but they still load IE instead of Chrome and FireFox.

This is really weird as this is the very 1st time I encounter problem such as this.

I've used Malwarebytes to do a quick scan and got some malwares removed, too bad I accidentally cleared the logs and viruses without saving the log files. After the removal of the Malwares, I'm still not able to open Chrome and Firefox, the problem still remains unchanged.

I think my PC is seriously infected by some unknown malwares.

I really do hope any expert here could help me as soon as possible.

Your help will be very much appreciated.


Thank you in advance.

Regards,
Wyatt


OTL Log:

OTL logfile created on: 29/8/2012 11:58:06 AM - Run 1
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Users\Wyatt\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00004409 | Country: Malaysia | Language: ENM | Date Format: d/M/yyyy

5.91 Gb Total Physical Memory | 3.75 Gb Available Physical Memory | 63.49% Memory free
11.82 Gb Paging File | 9.39 Gb Available in Paging File | 79.43% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 304.53 Gb Total Space | 243.04 Gb Free Space | 79.81% Space Free | Partition Type: NTFS
Drive E: | 146.48 Gb Total Space | 144.52 Gb Free Space | 98.66% Space Free | Partition Type: NTFS

Computer Name: WYATTPC | User Name: Wyatt | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/08/29 11:48:57 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Users\Wyatt\Desktop\OTL.exe
PRC - [2012/07/27 13:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/06/08 13:49:08 | 001,079,216 | ---- | M] (Shenzhen QVOD Technology Co.,Ltd) -- C:\Program Files (x86)\QvodPlayer\QvodTerminal.exe
PRC - [2012/06/04 10:01:23 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2012/05/25 02:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Users\Wyatt\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2011/10/01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011/10/01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011/09/07 01:29:20 | 004,259,648 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
PRC - [2011/08/18 23:05:54 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
PRC - [2011/08/18 23:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
PRC - [2011/08/02 01:56:48 | 000,460,096 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
PRC - [2011/05/19 15:16:48 | 000,995,392 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
PRC - [2011/05/19 15:16:36 | 000,921,664 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2011/05/13 11:35:27 | 000,054,568 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Dell\VideoStage\VSThumbParser.exe
PRC - [2011/04/23 00:13:00 | 002,009,704 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011/04/22 09:32:26 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010/11/06 13:54:22 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/10/06 11:04:12 | 002,655,768 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/10/06 11:04:08 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010/02/24 11:25:30 | 000,214,408 | ---- | M] (PPStream Inc) -- C:\PPStream\PPSAP.exe


========== Modules (No Company Name) ==========

MOD - [2012/06/13 21:50:35 | 014,340,608 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\0f59b7aebc4be73d5da020c88c72f33b\PresentationFramework.ni.dll
MOD - [2012/06/13 21:50:23 | 012,436,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\828e99a57411166ccc26d24be089ba44\System.Windows.Forms.ni.dll
MOD - [2012/06/13 21:50:18 | 001,591,808 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\502adc65e43b9d025cba1fd0bfa964a8\System.Drawing.ni.dll
MOD - [2012/06/13 21:50:15 | 012,237,824 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\a6fc17fd5d463a675fa6c9bb7ed1ab73\PresentationCore.ni.dll
MOD - [2012/05/16 20:44:36 | 002,297,856 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\7dfba5d1d4bb05f6e4ea95ffa0f359a9\System.Core.ni.dll
MOD - [2012/05/14 10:45:00 | 000,368,128 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\96a5c5331595b2dbc3a891ad1249e519\PresentationFramework.Aero.ni.dll
MOD - [2012/05/14 10:44:05 | 003,347,968 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\5b10c18a074132f1ae4a86d860cf9615\WindowsBase.ni.dll
MOD - [2012/05/14 10:44:00 | 005,452,800 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\cfb0e4de1afd3f2efbbf39a5e39f646a\System.Xml.ni.dll
MOD - [2012/05/14 10:43:57 | 000,971,264 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2a5cbab122112cd4291b684e67460c16\System.Configuration.ni.dll
MOD - [2012/05/14 10:43:56 | 007,967,232 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\9447bd5b21a91081d4275b4c4401b1f9\System.ni.dll
MOD - [2012/05/14 10:43:46 | 011,493,376 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\2ab531f4915cccb998c4e852fb7efd00\mscorlib.ni.dll
MOD - [2011/08/18 23:05:54 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
MOD - [2011/04/23 00:13:00 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll


========== Services (SafeList) ==========

SRV:64bit: - [2012/08/23 11:57:48 | 000,502,064 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\mcafee\virusscan\mcods.exe -- (McODS)
SRV:64bit: - [2012/05/27 16:36:14 | 000,040,048 | ---- | M] (SparkLabs) [Auto | Running] -- C:\Program Files\WiTopia\WiTopiaService.exe -- (WiTopiaService)
SRV:64bit: - [2012/03/20 13:11:30 | 000,162,192 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\WINDOWS\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2012/03/20 12:56:24 | 000,210,584 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2012/03/20 12:55:54 | 000,199,272 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2011/09/16 08:41:28 | 001,518,352 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2011/09/16 08:28:06 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2011/09/16 08:24:52 | 000,844,560 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2011/09/15 23:54:46 | 001,166,848 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV:64bit: - [2011/06/04 02:51:38 | 000,134,928 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
SRV:64bit: - [2011/03/09 07:00:50 | 000,224,704 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- c:\Program Files\mcafee\msc\McAWFwk.exe -- (McAWFwk)
SRV:64bit: - [2011/01/28 08:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:64bit: - [2011/01/28 08:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2011/01/28 08:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McOobeSv)
SRV:64bit: - [2011/01/28 08:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:64bit: - [2011/01/28 08:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2011/01/28 08:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:64bit: - [2011/01/28 08:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2011/01/25 17:57:18 | 000,296,448 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2010/11/30 05:00:56 | 000,149,504 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2010/09/23 08:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/14 09:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/03/03 18:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV - [2012/08/20 23:02:30 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/27 13:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/07/22 22:11:22 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/07/03 13:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/05/13 19:51:50 | 000,024,576 | ---- | M] (Apache Software Foundation) [On_Demand | Stopped] -- c:\wamp\bin\apache\apache2.4.2\bin\httpd.exe -- (wampapache)
SRV - [2012/04/19 15:45:02 | 009,693,696 | ---- | M] () [On_Demand | Stopped] -- c:\wamp\bin\mysql\mysql5.5.24\bin\mysqld.exe -- (wampmysqld)
SRV - [2012/04/05 13:08:34 | 002,143,552 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011/10/01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011/08/18 23:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService)
SRV - [2011/05/19 15:16:48 | 000,995,392 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2011/05/19 15:16:46 | 001,335,360 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service)
SRV - [2011/05/19 15:16:36 | 000,921,664 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2011/04/23 00:13:00 | 002,009,704 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011/04/22 09:32:26 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010/11/06 13:54:22 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/10/06 11:04:12 | 002,655,768 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/10/06 11:04:08 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/08/26 10:28:54 | 002,823,000 | ---- | M] (Dell, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe -- (NOBU)
SRV - [2010/03/19 03:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/06/11 05:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/05/27 16:36:34 | 000,038,368 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\visctap0901.sys -- (visctap0901)
DRV:64bit: - [2012/03/01 14:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/22 13:29:46 | 000,647,208 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2012/02/22 13:29:46 | 000,487,296 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2012/02/22 13:29:46 | 000,289,664 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2012/02/22 13:29:46 | 000,229,528 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2012/02/22 13:29:46 | 000,160,792 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2012/02/22 13:29:46 | 000,100,912 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2012/02/22 13:29:46 | 000,075,936 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\mfenlfk.sys -- (mfenlfk)
DRV:64bit: - [2012/02/22 13:29:46 | 000,065,264 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2012/02/15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/12/09 19:45:00 | 000,060,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\iBtFltCoex.sys -- (iBtFltCoex)
DRV:64bit: - [2011/11/15 01:13:00 | 000,327,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\btmhsf.sys -- (btmhsf)
DRV:64bit: - [2011/10/01 08:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011/10/01 08:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011/10/01 08:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011/10/01 08:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011/09/18 16:26:52 | 008,604,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2011/09/15 23:48:24 | 000,299,008 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\AmpPal.sys -- (AMPPALP)
DRV:64bit: - [2011/09/15 23:48:24 | 000,299,008 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\AmpPal.sys -- (AMPPAL)
DRV:64bit: - [2011/08/02 16:38:44 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:64bit: - [2011/07/21 06:21:50 | 000,406,336 | ---- | M] (Texas Instruments Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\tixhci.sys -- (tixhci)
DRV:64bit: - [2011/07/21 06:21:50 | 000,136,000 | ---- | M] (Texas Instruments Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\tihub3.sys -- (tihub3)
DRV:64bit: - [2011/06/22 05:19:14 | 000,025,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2011/06/22 05:19:12 | 000,034,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2011/06/10 06:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/05/19 15:17:04 | 000,053,248 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\btmaux.sys -- (btmaux)
DRV:64bit: - [2011/05/19 15:17:02 | 000,051,712 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\btmaud.sys -- (btmaudio)
DRV:64bit: - [2011/05/13 16:28:46 | 000,363,856 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2011/04/23 00:13:00 | 000,025,960 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2011/04/20 03:07:48 | 001,930,240 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\athurx.sys -- (athur)
DRV:64bit: - [2011/04/11 03:51:06 | 012,223,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/03/11 14:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 14:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/04 13:29:20 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011/01/25 17:57:18 | 000,520,192 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2011/01/21 01:20:46 | 000,176,096 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2010/11/30 05:00:04 | 000,016,120 | ---- | M] (Intel® Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2010/11/21 11:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/21 11:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/21 11:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/07 07:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/10/30 08:11:42 | 000,250,984 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/10/19 23:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/03/19 17:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/07/14 09:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 09:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 09:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 08:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/11 04:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/11 04:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/11 04:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/11 04:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2008/09/25 10:36:14 | 000,238,848 | ---- | M] (Sensible Vision ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\facap.sys -- (FACAP)
DRV:64bit: - [2006/11/02 02:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2012/03/29 16:32:12 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2009/07/14 09:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}: "URL" = http://www.bing.com/...rc=IE-SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com.my/
IE - HKCU\..\SearchScopes,DefaultScope = {1FF7973D-AB0A-496d-82C1-4EADBBA11E7B}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 78.46.186.201:8080

========== FireFox ==========

FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_3_300_271.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.3.1: C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.3.1: C:\Program Files (x86)\Oracle\JavaFX 2.0 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~2\mcafee\msc\npmcsn~1.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@qvod.com/QvodInsert: C:\Program Files (x86)\QvodPlayer\npQvodInsert.dll (Shenzhen QVOD Technology Co.,Ltd)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@spoon.net/Spoon Plugin 3.33: C:\Program Files (x86)\Spoon\3.33.0.13\npMozillaSpoonPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Wyatt\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Wyatt\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/06/04 10:01:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore [2012/07/09 09:43:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/07/22 22:11:24 | 000,000,000 | ---D | M]

[2012/07/08 20:07:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Wyatt\AppData\Roaming\Mozilla\Extensions
[2012/08/04 16:07:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Wyatt\AppData\Roaming\Mozilla\Firefox\Profiles\lhiax2av.default\extensions
[2012/07/17 19:00:36 | 000,000,000 | ---D | M] (Live HTTP Headers) -- C:\Users\Wyatt\AppData\Roaming\Mozilla\Firefox\Profiles\lhiax2av.default\extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}
[2012/07/08 20:07:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/07/22 22:11:24 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/06/15 06:19:40 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/06/15 06:19:40 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.chromefans.org/
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Wyatt\AppData\Local\Google\Chrome\Application\21.0.1180.83\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Wyatt\AppData\Local\Google\Chrome\Application\21.0.1180.83\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Wyatt\AppData\Local\Google\Chrome\Application\21.0.1180.83\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Wyatt\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Orbit Downloader (Enabled) = C:\Users\Wyatt\AppData\Local\Google\Chrome\Application\plugins\nporbit.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Java™ Platform SE 7 U3 (Enabled) = C:\Program Files (x86)\Oracle\JavaFX 2.0 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.30.255 (Enabled) = C:\windows\system32\npDeployJava1.dll
CHR - plugin: QvodInsert (Enabled) = C:\Program Files (x86)\QvodPlayer\npQvodInsert.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: RealNetworks™ Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Wyatt\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: McAfee SecurityCenter (Enabled) = c:\progra~2\mcafee\msc\npmcsn~1.dll
CHR - Extension: Awesome Screenshot: Capture & Annotate = C:\Users\Wyatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\alelhddbbhepgpmgidjdcjakblofbmce\3.3.7_0\
CHR - Extension: YouTube = C:\Users\Wyatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Wyatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: User-Agent Switcher for Chrome = C:\Users\Wyatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\djflhoibgkdhkhhcedjiklpkjnoahfmg\1.0.17_0\
CHR - Extension: Silver Bird = C:\Users\Wyatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\encaiiljifbdbjlphpgpiimidegddhic\1.9.8.12_0\
CHR - Extension: PageSpeed Insights (by Google) = C:\Users\Wyatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\gplegfbjlmmehdoakndmohflojccocli\2.0.1.0_0\
CHR - Extension: Andrew@ChromeFans = C:\Users\Wyatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdkkfheckcdppiaiabobmennhijkknn\4.7.9_0\
CHR - Extension: Eye Dropper = C:\Users\Wyatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmdcmlfkchdmnmnmheododdhjedfccka\0.2.6_0\
CHR - Extension: Adobe Shadow = C:\Users\Wyatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijoeapleklopieoejahbpdnhkjjgddem\1.0.295_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Wyatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Power Editor = C:\Users\Wyatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgbefhffiiongohodpopckdcalediegk\1.1_0\
CHR - Extension: Keyword Researcher = C:\Users\Wyatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnbgfbemdoolmminolmdjdkaehibphme\1.3.5_0\
CHR - Extension: Session Manager = C:\Users\Wyatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\mghenlmbmjcpehccoangkdpagbcbkdpc\3.4.3_0\
CHR - Extension: Google Mail Checker = C:\Users\Wyatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\3.2_0\
CHR - Extension: Ghostery = C:\Users\Wyatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\4.0.0_0\
CHR - Extension: SEO for Chrome = C:\Users\Wyatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\oangcciaeihlfmhppegpdceadpfaoclj\0.9.5_0\
CHR - Extension: Bolt Save and Share = C:\Users\Wyatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofmipocdiiichlijcngflajilbpkkfhj\7.2_0\
CHR - Extension: Google Global = C:\Users\Wyatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojgmigafbpedhdilmemphfklkbghlphi\1.0_0\
CHR - Extension: Gmail = C:\Users\Wyatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/07/01 19:34:53 | 000,000,997 | ---- | M]) - C:\WINDOWS\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 p202backup1
O1 - Hosts: 127.0.0.1 secure.tune-up.com
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\mcafee\systemcore\ScriptSn.20120615120604.dll (McAfee, Inc.)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\mcafee\SystemCore\ScriptSn.20120708221926.dll (McAfee, Inc.)
O2 - BHO: (QvodExtend) - {A8502600-B272-4F68-A67B-A0305D46D297} - C:\Program Files (x86)\QvodPlayer\QvodExtend.dll (Shenzhen QVOD Technology Co.,Ltd)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.0 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\WINDOWS\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelPAN] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\WINDOWS\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [QvodTerminal] C:\Program Files (x86)\QvodPlayer\QvodTerminal.exe (Shenzhen QVOD Technology Co.,Ltd)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [cXaGIRs26G] C:\ProgramData\tPpoMGqKOlVS7\lkLHEhzuYyFh9QtR\6bnrnMQT68p26\fgtOcmiAiFWjDr\hyARX5gJ5Q4ojs7D\yfqhk7WLIwISFCY\CLu5kdOYgh.exe ()
O4 - HKCU..\Run: [PPS Accelerator] C:\PPStream\PPSAP.exe (PPStream Inc)
O4 - Startup: C:\Users\Wyatt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Wyatt\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Wyatt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PPS.lnk = C:\PPStream\PPStream.exe (PPStream Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: &Download by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8:64bit: - Extra context menu item: &Grab video by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8:64bit: - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8:64bit: - Extra context menu item: Down&load all by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: &Download by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: &Grab video by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Down&load all by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.1.0)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_01)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} https://support.dell...r/SysProExe.CAB (WMI Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.3.1)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_03)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{23CEA19E-5F6E-4926-9576-4A14C5FD2D1D}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4DEFA122-E95D-462F-9299-AD5B16D1B808}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E013816E-E046-4682-912F-95A931CA0CA5}: DhcpNameServer = 8.8.8.8 10.118.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F3A7F187-D150-424B-AC10-752DA5E5DA6B}: DhcpNameServer = 203.82.64.129 203.82.64.145
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\WINDOWS\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\WINDOWS\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\WINDOWS\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/08/29 11:57:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2012/08/29 11:48:47 | 000,598,528 | ---- | C] (OldTimer Tools) -- C:\Users\Wyatt\Desktop\OTL.exe
[2012/08/29 10:41:16 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\Desktop\2012_08_29
[2012/08/29 01:48:52 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\Desktop\GeoIP-111_20120821
[2012/08/29 01:41:57 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\Desktop\stm-mobile-tracker-v1.0
[2012/08/29 00:56:42 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{E37FF305-0D3D-4AD6-BBAC-F080B3462F69}
[2012/08/28 20:46:05 | 000,000,000 | ---D | C] -- C:\ProgramData\WLSetup
[2012/08/28 18:51:19 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\Desktop\DingFengOnline.com
[2012/08/28 12:43:03 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\Desktop\assaulter___android_app___at_t_only___us
[2012/08/28 10:15:15 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{6E6A61B7-ED67-4F5D-A4BB-050BB12BF8F2}
[2012/08/27 20:56:23 | 000,000,000 | -HSD | C] -- C:\ProgramData\tPpoMGqKOlVS7
[2012/08/27 20:53:00 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{068D4653-AA93-462E-A88A-2FA4E8CB38FA}
[2012/08/27 13:07:46 | 028,206,113 | ---- | C] (Nrsft) -- C:\ProgramData\39G9JuXb.exe
[2012/08/27 10:17:28 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{3E426EB7-DA06-46C0-ACA6-288515C88210}
[2012/08/25 15:23:04 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{2EC0C6D7-1030-46D5-8185-698F6D991424}
[2012/08/24 22:01:17 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{75659C52-77FA-452C-AED5-30EB4C60A5D9}
[2012/08/24 10:21:05 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Support Center
[2012/08/24 10:21:04 | 000,000,000 | ---D | C] -- C:\ProgramData\PC-Doctor for Windows
[2012/08/24 10:00:34 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{59AE2A81-17B9-400F-B27C-9E553CFB51F6}
[2012/08/23 10:01:44 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{E506D366-44D3-4B57-AF0A-B35B4F76C425}
[2012/08/22 20:42:54 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{F14E26B8-8ADF-4ED1-BA58-2500EEA5759F}
[2012/08/22 10:11:48 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{31700CF1-9944-4574-99C0-918E2106651A}
[2012/08/21 14:59:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PPStream
[2012/08/20 21:52:31 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{6729ABF3-5BA8-44C3-B62A-FC4ED010F6F2}
[2012/08/13 09:57:32 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{57C438A8-546E-4EB0-A5E3-2592B94105F9}
[2012/08/13 09:57:11 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{68BD906A-E5F5-4EF1-8146-F486819A20B6}
[2012/08/12 15:18:37 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{4B3A59F8-D53B-46EE-A3CE-203B1A06B051}
[2012/08/12 15:18:25 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{1E0B16BC-D5D3-4E74-90FA-0D41E806927E}
[2012/08/11 21:38:56 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{7A59877F-0C00-4919-BF8D-1FADF7A93512}
[2012/08/11 21:38:43 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{10442D2B-910E-4BE8-9BAB-D847B1174D27}
[2012/08/11 18:22:34 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{F2AC72C0-094F-47D8-95A8-5AD7BB7922D2}
[2012/08/10 20:28:46 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{14E3FDAA-E7E8-47E5-846E-C20DED3F5437}
[2012/08/10 20:28:20 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{B8C23830-99D6-417B-A5BF-C5A532264467}
[2012/08/10 00:05:38 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{41BE42AC-B3CA-44CD-83E2-44D643B94753}
[2012/08/10 00:04:59 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{F8B6EA29-56A0-47CE-B622-A5F801C1B50A}
[2012/08/09 10:05:06 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{CB42FCB7-DCC7-495B-BC71-CE700ABB4FD3}
[2012/08/09 10:04:41 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{33CE7BAA-21B0-443A-90DA-2D88B6EE69D1}
[2012/08/08 22:04:01 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{46944525-46C5-4D83-822C-04D2B774CA5A}
[2012/08/08 22:03:38 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{A951F826-FEAE-49EF-8BC6-F786334D42BC}
[2012/08/08 10:01:24 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{E24C71D0-A26D-41EA-BEF8-AD44387734AC}
[2012/08/08 10:00:00 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{2008F4C5-A3B8-4266-B7E4-4C7A9A7CAF8D}
[2012/08/07 11:28:26 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\Documents\Ding Feng Online Sdn. Bhd. Expenses
[2012/08/07 10:04:12 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{86D812CA-4BCF-494A-AC1F-54AC66C08F56}
[2012/08/07 10:03:57 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{B5B75F53-936B-406B-848E-7A28BB3FE33F}
[2012/08/06 19:45:10 | 000,000,000 | -HSD | C] -- C:\found.000
[2012/08/06 09:55:53 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{1B41E7E8-E78B-415C-88F6-B2EFD8ECECEC}
[2012/08/06 09:55:32 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{C7037975-82CC-4666-8F51-9B1CCEAD4958}
[2012/08/05 19:32:21 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{53697573-42BF-4508-9532-AAAD00FD2780}
[2012/08/05 19:32:08 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{5423C077-9459-499C-A04D-0B56D3F80D0F}
[2012/08/05 01:01:12 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{D39B384D-D044-4E86-AE7A-3DF9263A317B}
[2012/08/05 01:00:58 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{A81C6659-579D-44DF-93FB-D8C561BDE51D}
[2012/08/03 22:35:14 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{1D526AE9-6AE0-447A-9A4D-56B2BA1DA209}
[2012/08/03 22:34:34 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{3CB31B0C-9EAF-46B8-A742-D8BE4D8BEE4E}
[2012/08/03 14:37:06 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\Desktop\Mobile Campaigns
[2012/08/03 09:56:51 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{B2FD9365-2FD1-4789-B6C4-40B1F10DCC2F}
[2012/08/03 09:56:13 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{99011B57-85B0-487F-961E-66DC20DE2B29}
[2012/08/02 23:26:38 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\Desktop\WAP - Sweepstakes - English
[2012/08/02 21:52:47 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{77596EE1-A471-4D14-9FD7-9455632151B0}
[2012/08/02 21:52:31 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{18D44C6E-FF44-4992-9B11-6A81BDC87F8D}
[2012/08/02 09:51:59 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{55E0A88A-744F-4614-B3ED-A18F0B192706}
[2012/08/02 09:51:22 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{1C45EA2E-1732-4D4E-B36A-A475B9025980}
[2012/08/01 18:59:44 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{587829B2-DB8D-444A-8855-4FFC79B7ACF5}
[2012/08/01 18:59:26 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{8DDDB56F-E4CC-4893-8E9B-A6C78B002DDE}
[2012/07/31 22:28:37 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{C0869E73-AA1E-409D-A754-E0DF99A26E72}
[2012/07/31 22:28:24 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{23DF5E08-9E66-42D1-BBF3-6B064A2C52B6}
[2012/07/31 10:26:59 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{A09AAD2F-BFA9-43B0-977D-A880A801289A}
[2012/07/31 10:26:10 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{BB40EBD5-2EAF-4754-9B4F-5B1F25F717B2}
[2012/07/30 16:21:33 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{02A8F06A-03AD-4E2D-9694-2F3EE006E9D8}
[2012/07/30 16:21:07 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{9EE2AA0B-A40A-4263-B181-F2087B380D7B}
[2012/07/30 15:54:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Shadow
[1 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/08/29 12:02:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2012/08/29 12:01:56 | 000,020,928 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/29 12:01:56 | 000,020,928 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/29 11:57:00 | 000,000,908 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1415409250-421658165-2567368482-1001UA.job
[2012/08/29 11:52:35 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/08/29 11:52:29 | 464,711,679 | -HS- | M] () -- C:\hiberfil.sys
[2012/08/29 11:48:57 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Users\Wyatt\Desktop\OTL.exe
[2012/08/29 10:36:19 | 000,000,000 | ---- | M] () -- C:\windows\tasks\wdc.dll
[2012/08/29 10:36:01 | 029,949,449 | ---- | M] () -- C:\ProgramData\CmU4kIPXlQ6g.cpl
[2012/08/29 10:32:26 | 000,193,953 | ---- | M] () -- C:\Users\Wyatt\Desktop\Surge Portal IO 140118 (2012-08-24).pdf
[2012/08/29 01:58:45 | 000,040,549 | ---- | M] () -- C:\Users\Wyatt\Desktop\Server Usage.jpg
[2012/08/29 01:48:56 | 085,337,936 | ---- | M] () -- C:\Users\Wyatt\Desktop\GeoIP-113_20120807.zip
[2012/08/29 01:48:11 | 063,100,819 | ---- | M] () -- C:\Users\Wyatt\Desktop\GeoIP-111_20120821.tar.gz
[2012/08/29 01:34:57 | 002,621,072 | ---- | M] () -- C:\Users\Wyatt\Desktop\stm-mobile-tracker-v1.0.zip
[2012/08/29 01:24:04 | 000,034,533 | ---- | M] () -- C:\Users\Wyatt\Desktop\namecheap-order7026225.pdf
[2012/08/28 22:40:33 | 000,018,216 | ---- | M] () -- C:\Users\Wyatt\Desktop\28 August.pdf
[2012/08/28 20:46:04 | 028,055,177 | ---- | M] () -- C:\ProgramData\OWoE1QVAj.cpl
[2012/08/28 17:59:25 | 000,012,297 | ---- | M] () -- C:\Users\Wyatt\Desktop\Invoice-71233.pdf
[2012/08/28 15:08:55 | 000,783,940 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2012/08/28 15:08:55 | 000,655,542 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2012/08/28 15:08:55 | 000,122,156 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2012/08/27 20:56:23 | 000,000,216 | ---- | M] () -- C:\ProgramData\e264e8fd60264f390a09782012019fad12372fe4
[2012/08/27 19:10:26 | 000,001,456 | ---- | M] () -- C:\Users\Wyatt\AppData\Local\Adobe Save for Web 12.0 Prefs
[2012/08/27 13:08:08 | 000,403,456 | ---- | M] () -- C:\ProgramData\6xCC8Jcn.exe
[2012/08/27 13:07:57 | 028,206,113 | ---- | M] (Nrsft) -- C:\ProgramData\39G9JuXb.exe
[2012/08/26 19:57:03 | 000,000,856 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1415409250-421658165-2567368482-1001Core.job
[2012/08/24 11:38:58 | 000,001,034 | ---- | M] () -- C:\Users\Wyatt\Desktop\AIM.lnk
[2012/08/22 10:59:36 | 000,002,413 | ---- | M] () -- C:\Users\Wyatt\Desktop\Google Chrome.lnk
[2012/08/21 15:32:00 | 004,969,960 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2012/08/21 14:59:09 | 000,000,706 | ---- | M] () -- C:\Users\Wyatt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PPS.lnk
[2012/08/21 14:59:07 | 000,000,678 | ---- | M] () -- C:\Users\Wyatt\Application Data\Microsoft\Internet Explorer\Quick Launch\PPS影音.lnk
[2012/08/21 14:59:07 | 000,000,654 | ---- | M] () -- C:\Users\Public\Desktop\PPS影音.lnk
[2012/08/02 15:12:16 | 000,000,989 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/08/01 19:16:24 | 000,284,291 | ---- | M] () -- C:\Users\Wyatt\Desktop\DF Online.jpg
[2012/07/30 16:23:49 | 000,000,955 | ---- | M] () -- C:\Users\Wyatt\Desktop\Adobe Shadow.lnk
[1 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/08/29 10:36:19 | 000,000,000 | ---- | C] () -- C:\windows\tasks\wdc.dll
[2012/08/29 10:36:00 | 029,949,449 | ---- | C] () -- C:\ProgramData\CmU4kIPXlQ6g.cpl
[2012/08/29 10:32:26 | 000,193,953 | ---- | C] () -- C:\Users\Wyatt\Desktop\Surge Portal IO 140118 (2012-08-24).pdf
[2012/08/29 01:58:45 | 000,040,549 | ---- | C] () -- C:\Users\Wyatt\Desktop\Server Usage.jpg
[2012/08/29 01:44:40 | 085,337,936 | ---- | C] () -- C:\Users\Wyatt\Desktop\GeoIP-113_20120807.zip
[2012/08/29 01:44:28 | 063,100,819 | ---- | C] () -- C:\Users\Wyatt\Desktop\GeoIP-111_20120821.tar.gz
[2012/08/29 01:34:48 | 002,621,072 | ---- | C] () -- C:\Users\Wyatt\Desktop\stm-mobile-tracker-v1.0.zip
[2012/08/29 01:24:03 | 000,034,533 | ---- | C] () -- C:\Users\Wyatt\Desktop\namecheap-order7026225.pdf
[2012/08/28 22:40:32 | 000,018,216 | ---- | C] () -- C:\Users\Wyatt\Desktop\28 August.pdf
[2012/08/28 20:46:04 | 028,055,177 | ---- | C] () -- C:\ProgramData\OWoE1QVAj.cpl
[2012/08/28 17:59:25 | 000,012,297 | ---- | C] () -- C:\Users\Wyatt\Desktop\Invoice-71233.pdf
[2012/08/27 13:08:36 | 000,000,216 | ---- | C] () -- C:\ProgramData\e264e8fd60264f390a09782012019fad12372fe4
[2012/08/27 13:08:04 | 000,403,456 | ---- | C] () -- C:\ProgramData\6xCC8Jcn.exe
[2012/08/21 14:59:10 | 000,000,666 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PPS 影音.lnk
[2012/08/21 14:59:09 | 000,000,706 | ---- | C] () -- C:\Users\Wyatt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PPS.lnk
[2012/08/21 14:59:07 | 000,000,678 | ---- | C] () -- C:\Users\Wyatt\Application Data\Microsoft\Internet Explorer\Quick Launch\PPS影音.lnk
[2012/08/21 14:59:07 | 000,000,654 | ---- | C] () -- C:\Users\Public\Desktop\PPS影音.lnk
[2012/08/01 19:16:23 | 000,284,291 | ---- | C] () -- C:\Users\Wyatt\Desktop\DF Online.jpg
[2012/07/30 16:23:49 | 000,000,955 | ---- | C] () -- C:\Users\Wyatt\Desktop\Adobe Shadow.lnk
[2012/06/26 22:43:57 | 000,187,432 | -H-- | C] () -- C:\windows\SysWow64\mlfcache.dat
[2012/06/06 12:15:56 | 000,000,248 | ---- | C] () -- C:\windows\Brpfx04a.ini
[2012/06/06 12:15:56 | 000,000,094 | ---- | C] () -- C:\windows\brpcfx.ini
[2012/06/06 12:15:32 | 000,003,303 | ---- | C] () -- C:\windows\BRPARAM.INI
[2012/06/06 12:13:45 | 000,045,056 | ---- | C] () -- C:\windows\SysWow64\BRTCPCON.DLL
[2012/06/06 12:13:41 | 000,000,114 | ---- | C] () -- C:\windows\SysWow64\BRLMW03A.INI
[2012/05/04 17:39:10 | 000,001,456 | ---- | C] () -- C:\Users\Wyatt\AppData\Local\Adobe Save for Web 12.0 Prefs
[2012/04/18 21:41:28 | 000,645,632 | ---- | C] () -- C:\windows\SysWow64\xvidcore.dll
[2012/04/18 21:41:28 | 000,240,640 | ---- | C] () -- C:\windows\SysWow64\xvidvfw.dll
[2012/02/01 13:52:34 | 000,963,116 | ---- | C] () -- C:\windows\SysWow64\igkrng600.bin
[2012/02/01 13:52:34 | 000,218,304 | ---- | C] () -- C:\windows\SysWow64\igfcg600m.bin
[2012/02/01 13:52:34 | 000,056,832 | ---- | C] () -- C:\windows\SysWow64\igdde32.dll
[2012/02/01 13:52:33 | 013,356,032 | ---- | C] () -- C:\windows\SysWow64\ig4icd32.dll
[2012/02/01 13:52:33 | 000,145,804 | ---- | C] () -- C:\windows\SysWow64\igcompkrng600.bin
[2012/02/01 12:28:00 | 000,017,776 | ---- | C] () -- C:\windows\EvtMessage.dll
[2012/02/01 12:23:20 | 000,008,192 | ---- | C] () -- C:\windows\SysWow64\drivers\IntelMEFWVer.dll
[2011/11/17 04:49:04 | 000,000,096 | ---- | C] () -- C:\windows\LaunApp.ini
[2011/11/17 04:49:01 | 000,000,325 | ---- | C] () -- C:\windows\Prelaunch.ini
[2011/11/17 04:49:01 | 000,000,271 | ---- | C] () -- C:\windows\WisPriority.ini
[2011/11/17 04:49:01 | 000,000,035 | ---- | C] () -- C:\windows\DELL_LANGCODE.ini
[2011/11/17 04:49:01 | 000,000,033 | ---- | C] () -- C:\windows\DELL_OSTYPE.ini
[2011/11/17 04:49:01 | 000,000,032 | ---- | C] () -- C:\windows\WisHWDest.ini
[2011/11/17 04:49:01 | 000,000,028 | ---- | C] () -- C:\windows\WisLangCode.ini
[2011/11/17 04:49:01 | 000,000,023 | ---- | C] () -- C:\windows\WisSysInfo.ini
[2011/11/17 03:25:01 | 000,778,156 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI

========== LOP Check ==========

[2012/06/06 12:04:23 | 000,000,000 | ---D | M] -- C:\Users\Wyatt\AppData\Roaming\Canon
[2012/07/05 17:25:34 | 000,000,000 | ---D | M] -- C:\Users\Wyatt\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012/07/11 03:09:07 | 000,000,000 | ---D | M] -- C:\Users\Wyatt\AppData\Roaming\com.springbox.mobilizer
[2012/06/02 16:56:22 | 000,000,000 | ---D | M] -- C:\Users\Wyatt\AppData\Roaming\DiskAid
[2012/08/29 11:55:02 | 000,000,000 | ---D | M] -- C:\Users\Wyatt\AppData\Roaming\Dropbox
[2012/07/19 13:20:26 | 000,000,000 | ---D | M] -- C:\Users\Wyatt\AppData\Roaming\FileZilla
[2012/04/18 20:36:18 | 000,000,000 | ---D | M] -- C:\Users\Wyatt\AppData\Roaming\Fingertapps
[2012/06/27 14:43:54 | 000,000,000 | ---D | M] -- C:\Users\Wyatt\AppData\Roaming\IDT
[2012/06/26 22:41:25 | 000,000,000 | ---D | M] -- C:\Users\Wyatt\AppData\Roaming\MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1
[2012/04/24 19:14:46 | 000,000,000 | ---D | M] -- C:\Users\Wyatt\AppData\Roaming\Notepad++
[2012/06/21 21:39:52 | 000,000,000 | ---D | M] -- C:\Users\Wyatt\AppData\Roaming\Orbit
[2012/04/18 21:05:10 | 000,000,000 | ---D | M] -- C:\Users\Wyatt\AppData\Roaming\PCDr
[2012/08/29 11:54:00 | 000,000,000 | ---D | M] -- C:\Users\Wyatt\AppData\Roaming\PPStream
[2012/04/18 21:27:54 | 000,000,000 | ---D | M] -- C:\Users\Wyatt\AppData\Roaming\ProgSense
[2012/05/11 18:05:23 | 000,000,000 | ---D | M] -- C:\Users\Wyatt\AppData\Roaming\SoftGrid Client
[2012/07/16 17:40:59 | 000,000,000 | ---D | M] -- C:\Users\Wyatt\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012/04/18 21:14:00 | 000,000,000 | ---D | M] -- C:\Users\Wyatt\AppData\Roaming\TP
[2012/08/07 18:09:29 | 000,000,000 | ---D | M] -- C:\Users\Wyatt\AppData\Roaming\TuneUp Software
[2012/07/14 02:05:59 | 000,000,000 | ---D | M] -- C:\Users\Wyatt\AppData\Roaming\WiTopia
[2012/08/09 10:01:39 | 000,032,598 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT
[2012/08/29 10:36:19 | 000,000,000 | ---- | M] () -- C:\windows\Tasks\wdc.dll

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2012/07/18 22:50:29 | 000,000,040 | ---- | M] ()(C:\windows\SysNative\@?) -- C:\windows\SysNative\@Ñ
[2012/07/18 22:50:29 | 000,000,040 | ---- | C] ()(C:\windows\SysNative\@?) -- C:\windows\SysNative\@Ñ

< End of report >

Edited by WyffGoaL, 28 August 2012 - 10:30 PM.

  • 0

Advertisements

#2
maliprog
Posted 28 August 2012 - 11:40 PM

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hello Wyatt and welcome to my office here at G2G! :)

My nick is maliprog and I'll be your technical support on this issue. Before we start please read my notes carefully:

NOTES:
  • Malware removal is NOT instantaneous, most infections require several courses of action to completely eradicate.
  • Absence of symptoms does not always mean the computer is clean
  • Kindly follow my instructions in the order posted. Order is crucial in cleaning process.
  • Please DO NOT run any scans or fix on your own without my direction.
  • Please read all of my response through at least once before attempting to follow the procedures described.
  • If there's anything you don't understand or isn't totally clear, please come back to me for clarification.
  • Please do not attach any log files to your replies unless I specifically ask you. Instead please copy and paste it to include the log in your reply.
  • You must reply within 3 days or your topic will be closed

Step 1

NOTE: This fix is custom made for this system only and for current system state! Don't try to run it on another system!

Please close all running programs and Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 78.46.186.201:8080
    O4 - HKCU..\Run: [cXaGIRs26G] C:\ProgramData\tPpoMGqKOlVS7\lkLHEhzuYyFh9QtR\6bnrnMQT68p26\fgtOcmiAiFWjDr\hyARX5gJ5Q4ojs7D\yfqhk7WLIwISFCY\CLu5kdOYgh.exe ()
    [2012/08/29 00:56:42 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{E37FF305-0D3D-4AD6-BBAC-F080B3462F69}
    [2012/08/28 10:15:15 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{6E6A61B7-ED67-4F5D-A4BB-050BB12BF8F2}
    [2012/08/27 20:56:23 | 000,000,000 | -HSD | C] -- C:\ProgramData\tPpoMGqKOlVS7
    [2012/08/27 20:53:00 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{068D4653-AA93-462E-A88A-2FA4E8CB38FA}
    [2012/08/27 13:07:46 | 028,206,113 | ---- | C] (Nrsft) -- C:\ProgramData\39G9JuXb.exe
    [2012/08/27 10:17:28 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{3E426EB7-DA06-46C0-ACA6-288515C88210}
    [2012/08/25 15:23:04 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{2EC0C6D7-1030-46D5-8185-698F6D991424}
    [2012/08/24 22:01:17 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{75659C52-77FA-452C-AED5-30EB4C60A5D9}
    [2012/08/24 10:00:34 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{59AE2A81-17B9-400F-B27C-9E553CFB51F6}
    [2012/08/23 10:01:44 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{E506D366-44D3-4B57-AF0A-B35B4F76C425}
    [2012/08/22 20:42:54 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{F14E26B8-8ADF-4ED1-BA58-2500EEA5759F}
    [2012/08/22 10:11:48 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{31700CF1-9944-4574-99C0-918E2106651A}
    [2012/08/20 21:52:31 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{6729ABF3-5BA8-44C3-B62A-FC4ED010F6F2}
    [2012/08/13 09:57:32 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{57C438A8-546E-4EB0-A5E3-2592B94105F9}
    [2012/08/13 09:57:11 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{68BD906A-E5F5-4EF1-8146-F486819A20B6}
    [2012/08/12 15:18:37 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{4B3A59F8-D53B-46EE-A3CE-203B1A06B051}
    [2012/08/12 15:18:25 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{1E0B16BC-D5D3-4E74-90FA-0D41E806927E}
    [2012/08/11 21:38:56 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{7A59877F-0C00-4919-BF8D-1FADF7A93512}
    [2012/08/11 21:38:43 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{10442D2B-910E-4BE8-9BAB-D847B1174D27}
    [2012/08/11 18:22:34 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{F2AC72C0-094F-47D8-95A8-5AD7BB7922D2}
    [2012/08/10 20:28:46 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{14E3FDAA-E7E8-47E5-846E-C20DED3F5437}
    [2012/08/10 20:28:20 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{B8C23830-99D6-417B-A5BF-C5A532264467}
    [2012/08/10 00:05:38 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{41BE42AC-B3CA-44CD-83E2-44D643B94753}
    [2012/08/10 00:04:59 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{F8B6EA29-56A0-47CE-B622-A5F801C1B50A}
    [2012/08/09 10:05:06 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{CB42FCB7-DCC7-495B-BC71-CE700ABB4FD3}
    [2012/08/09 10:04:41 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{33CE7BAA-21B0-443A-90DA-2D88B6EE69D1}
    [2012/08/08 22:04:01 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{46944525-46C5-4D83-822C-04D2B774CA5A}
    [2012/08/08 22:03:38 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{A951F826-FEAE-49EF-8BC6-F786334D42BC}
    [2012/08/08 10:01:24 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{E24C71D0-A26D-41EA-BEF8-AD44387734AC}
    [2012/08/08 10:00:00 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{2008F4C5-A3B8-4266-B7E4-4C7A9A7CAF8D}
    [2012/08/07 10:04:12 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{86D812CA-4BCF-494A-AC1F-54AC66C08F56}
    [2012/08/07 10:03:57 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{B5B75F53-936B-406B-848E-7A28BB3FE33F}
    [2012/08/06 09:55:53 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{1B41E7E8-E78B-415C-88F6-B2EFD8ECECEC}
    [2012/08/06 09:55:32 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{C7037975-82CC-4666-8F51-9B1CCEAD4958}
    [2012/08/05 19:32:21 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{53697573-42BF-4508-9532-AAAD00FD2780}
    [2012/08/05 19:32:08 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{5423C077-9459-499C-A04D-0B56D3F80D0F}
    [2012/08/05 01:01:12 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{D39B384D-D044-4E86-AE7A-3DF9263A317B}
    [2012/08/05 01:00:58 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{A81C6659-579D-44DF-93FB-D8C561BDE51D}
    [2012/08/03 22:35:14 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{1D526AE9-6AE0-447A-9A4D-56B2BA1DA209}
    [2012/08/03 22:34:34 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{3CB31B0C-9EAF-46B8-A742-D8BE4D8BEE4E}
    [2012/08/03 09:56:51 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{B2FD9365-2FD1-4789-B6C4-40B1F10DCC2F}
    [2012/08/03 09:56:13 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{99011B57-85B0-487F-961E-66DC20DE2B29}
    [2012/08/02 21:52:47 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{77596EE1-A471-4D14-9FD7-9455632151B0}
    [2012/08/02 21:52:31 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{18D44C6E-FF44-4992-9B11-6A81BDC87F8D}
    [2012/08/02 09:51:59 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{55E0A88A-744F-4614-B3ED-A18F0B192706}
    [2012/08/02 09:51:22 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{1C45EA2E-1732-4D4E-B36A-A475B9025980}
    [2012/08/01 18:59:44 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{587829B2-DB8D-444A-8855-4FFC79B7ACF5}
    [2012/08/01 18:59:26 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{8DDDB56F-E4CC-4893-8E9B-A6C78B002DDE}
    [2012/07/31 22:28:37 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{C0869E73-AA1E-409D-A754-E0DF99A26E72}
    [2012/07/31 22:28:24 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{23DF5E08-9E66-42D1-BBF3-6B064A2C52B6}
    [2012/07/31 10:26:59 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{A09AAD2F-BFA9-43B0-977D-A880A801289A}
    [2012/07/31 10:26:10 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{BB40EBD5-2EAF-4754-9B4F-5B1F25F717B2}
    [2012/07/30 16:21:33 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{02A8F06A-03AD-4E2D-9694-2F3EE006E9D8}
    [2012/07/30 16:21:07 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\AppData\Local\{9EE2AA0B-A40A-4263-B181-F2087B380D7B}
    [2012/08/29 10:36:19 | 000,000,000 | ---- | M] () -- C:\windows\tasks\wdc.dll
    [2012/08/29 10:36:01 | 029,949,449 | ---- | M] () -- C:\ProgramData\CmU4kIPXlQ6g.cpl
    [2012/08/28 20:46:04 | 028,055,177 | ---- | M] () -- C:\ProgramData\OWoE1QVAj.cpl
    [2012/08/27 20:56:23 | 000,000,216 | ---- | M] () -- C:\ProgramData\e264e8fd60264f390a09782012019fad12372fe4
    [2012/08/27 13:08:08 | 000,403,456 | ---- | M] () -- C:\ProgramData\6xCC8Jcn.exe
    [2012/08/27 13:07:57 | 028,206,113 | ---- | M] (Nrsft) -- C:\ProgramData\39G9JuXb.exe
    [2012/08/27 13:08:36 | 000,000,216 | ---- | C] () -- C:\ProgramData\e264e8fd60264f390a09782012019fad12372fe4
    [2012/08/27 13:08:04 | 000,403,456 | ---- | C] () -- C:\ProgramData\6xCC8Jcn.exe

    :Files
    C:\ProgramData\e264e8fd60264f390a09782012019fad12372fe4
    C:\ProgramData\tPpoMGqKOlVS7

    :Commands
    [purity]
    [resethosts]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Post the fix log it produces in your next reply or you can find it in C:\_OTL\MovedFiles

Step 2

Please update your Malwarebytes and do Quick Scan. Remove all findings and post log here for me.

Step 3

Please don't forget to include these items in your reply:

  • OTL fix log
  • Malwarebytes log
It would be helpful if you could post each log in separate post using "Add Reply" button
  • 0

#3
WyffGoaL
Posted 29 August 2012 - 12:11 AM

WyffGoaL

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts
Hi maliprog,

Thank you so much for assisting me.

I have already done exactly what you instructed, and the log files are as below:


OTL fix log:

========== OTL ==========
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully!
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\cXaGIRs26G deleted successfully.
C:\ProgramData\tPpoMGqKOlVS7\lkLHEhzuYyFh9QtR\6bnrnMQT68p26\fgtOcmiAiFWjDr\hyARX5gJ5Q4ojs7D\yfqhk7WLIwISFCY\CLu5kdOYgh.exe moved successfully.
C:\Users\Wyatt\AppData\Local\{E37FF305-0D3D-4AD6-BBAC-F080B3462F69} folder moved successfully.
C:\Users\Wyatt\AppData\Local\{6E6A61B7-ED67-4F5D-A4BB-050BB12BF8F2} folder moved successfully.
C:\ProgramData\tPpoMGqKOlVS7\lkLHEhzuYyFh9QtR\6bnrnMQT68p26\fgtOcmiAiFWjDr\hyARX5gJ5Q4ojs7D\yfqhk7WLIwISFCY folder moved successfully.
C:\ProgramData\tPpoMGqKOlVS7\lkLHEhzuYyFh9QtR\6bnrnMQT68p26\fgtOcmiAiFWjDr\hyARX5gJ5Q4ojs7D folder moved successfully.
C:\ProgramData\tPpoMGqKOlVS7\lkLHEhzuYyFh9QtR\6bnrnMQT68p26\fgtOcmiAiFWjDr folder moved successfully.
C:\ProgramData\tPpoMGqKOlVS7\lkLHEhzuYyFh9QtR\6bnrnMQT68p26 folder moved successfully.
C:\ProgramData\tPpoMGqKOlVS7\lkLHEhzuYyFh9QtR folder moved successfully.
C:\ProgramData\tPpoMGqKOlVS7 folder moved successfully.
C:\Users\Wyatt\AppData\Local\{068D4653-AA93-462E-A88A-2FA4E8CB38FA} folder moved successfully.
C:\ProgramData\39G9JuXb.exe moved successfully.
C:\Users\Wyatt\AppData\Local\{3E426EB7-DA06-46C0-ACA6-288515C88210} folder moved successfully.
C:\Users\Wyatt\AppData\Local\{2EC0C6D7-1030-46D5-8185-698F6D991424} folder moved successfully.
C:\Users\Wyatt\AppData\Local\{75659C52-77FA-452C-AED5-30EB4C60A5D9} folder moved successfully.
C:\Users\Wyatt\AppData\Local\{59AE2A81-17B9-400F-B27C-9E553CFB51F6} folder moved successfully.
C:\Users\Wyatt\AppData\Local\{E506D366-44D3-4B57-AF0A-B35B4F76C425} folder moved successfully.
C:\Users\Wyatt\AppData\Local\{F14E26B8-8ADF-4ED1-BA58-2500EEA5759F} folder moved successfully.
C:\Users\Wyatt\AppData\Local\{31700CF1-9944-4574-99C0-918E2106651A} folder moved successfully.
C:\Users\Wyatt\AppData\Local\{6729ABF3-5BA8-44C3-B62A-FC4ED010F6F2} folder moved successfully.
C:\Users\Wyatt\AppData\Local\{57C438A8-546E-4EB0-A5E3-2592B94105F9} folder moved successfully.
C:\Users\Wyatt\AppData\Local\{68BD906A-E5F5-4EF1-8146-F486819A20B6} folder moved successfully.
C:\Users\Wyatt\AppData\Local\{4B3A59F8-D53B-46EE-A3CE-203B1A06B051} folder moved successfully.
C:\Users\Wyatt\AppData\Local\{1E0B16BC-D5D3-4E74-90FA-0D41E806927E} folder moved successfully.
C:\Users\Wyatt\AppData\Local\{7A59877F-0C00-4919-BF8D-1FADF7A93512} folder moved successfully.
C:\Users\Wyatt\AppData\Local\{10442D2B-910E-4BE8-9BAB-D847B1174D27} folder moved successfully.
C:\Users\Wyatt\AppData\Local\{F2AC72C0-094F-47D8-95A8-5AD7BB7922D2} folder moved successfully.
C:\Users\Wyatt\AppData\Local\{14E3FDAA-E7E8-47E5-846E-C20DED3F5437} folder moved successfully.
C:\Users\Wyatt\AppData\Local\{B8C23830-99D6-417B-A5BF-C5A532264467} folder moved successfully.
C:\Users\Wyatt\AppData\Local\{41BE42AC-B3CA-44CD-83E2-44D643B94753} folder moved successfully.
C:\Users\Wyatt\AppData\Local\{F8B6EA29-56A0-47CE-B622-A5F801C1B50A} folder moved successfully.
C:\Users\Wyatt\AppData\Local\{CB42FCB7-DCC7-495B-BC71-CE700ABB4FD3} folder moved successfully.
C:\Users\Wyatt\AppData\Local\{33CE7BAA-21B0-443A-90DA-2D88B6EE69D1} folder moved successfully.
C:\Users\Wyatt\AppData\Local\{46944525-46C5-4D83-822C-04D2B774CA5A} folder moved successfully.
C:\Users\Wyatt\AppData\Local\{A951F826-FEAE-49EF-8BC6-F786334D42BC} folder moved successfully.
C:\Users\Wyatt\AppData\Local\{E24C71D0-A26D-41EA-BEF8-AD44387734AC} folder moved successfully.
C:\Users\Wyatt\AppData\Local\{2008F4C5-A3B8-4266-B7E4-4C7A9A7CAF8D} folder moved successfully.
C:\Users\Wyatt\AppData\Local\{86D812CA-4BCF-494A-AC1F-54AC66C08F56} folder moved successfully.
C:\Users\Wyatt\AppData\Local\{B5B75F53-936B-406B-848E-7A28BB3FE33F} folder moved successfully.
C:\Users\Wyatt\AppData\Local\{1B41E7E8-E78B-415C-88F6-B2EFD8ECECEC} folder moved successfully.
C:\Users\Wyatt\AppData\Local\{C7037975-82CC-4666-8F51-9B1CCEAD4958} folder moved successfully.
C:\Users\Wyatt\AppData\Local\{53697573-42BF-4508-9532-AAAD00FD2780} folder moved successfully.
C:\Users\Wyatt\AppData\Local\{5423C077-9459-499C-A04D-0B56D3F80D0F} folder moved successfully.
C:\Users\Wyatt\AppData\Local\{D39B384D-D044-4E86-AE7A-3DF9263A317B} folder moved successfully.
C:\Users\Wyatt\AppData\Local\{A81C6659-579D-44DF-93FB-D8C561BDE51D} folder moved successfully.
C:\Users\Wyatt\AppData\Local\{1D526AE9-6AE0-447A-9A4D-56B2BA1DA209} folder moved successfully.
C:\Users\Wyatt\AppData\Local\{3CB31B0C-9EAF-46B8-A742-D8BE4D8BEE4E} folder moved successfully.
C:\Users\Wyatt\AppData\Local\{B2FD9365-2FD1-4789-B6C4-40B1F10DCC2F} folder moved successfully.
C:\Users\Wyatt\AppData\Local\{99011B57-85B0-487F-961E-66DC20DE2B29} folder moved successfully.
C:\Users\Wyatt\AppData\Local\{77596EE1-A471-4D14-9FD7-9455632151B0} folder moved successfully.
C:\Users\Wyatt\AppData\Local\{18D44C6E-FF44-4992-9B11-6A81BDC87F8D} folder moved successfully.
C:\Users\Wyatt\AppData\Local\{55E0A88A-744F-4614-B3ED-A18F0B192706} folder moved successfully.
C:\Users\Wyatt\AppData\Local\{1C45EA2E-1732-4D4E-B36A-A475B9025980} folder moved successfully.
C:\Users\Wyatt\AppData\Local\{587829B2-DB8D-444A-8855-4FFC79B7ACF5} folder moved successfully.
C:\Users\Wyatt\AppData\Local\{8DDDB56F-E4CC-4893-8E9B-A6C78B002DDE} folder moved successfully.
C:\Users\Wyatt\AppData\Local\{C0869E73-AA1E-409D-A754-E0DF99A26E72} folder moved successfully.
C:\Users\Wyatt\AppData\Local\{23DF5E08-9E66-42D1-BBF3-6B064A2C52B6} folder moved successfully.
C:\Users\Wyatt\AppData\Local\{A09AAD2F-BFA9-43B0-977D-A880A801289A} folder moved successfully.
C:\Users\Wyatt\AppData\Local\{BB40EBD5-2EAF-4754-9B4F-5B1F25F717B2} folder moved successfully.
C:\Users\Wyatt\AppData\Local\{02A8F06A-03AD-4E2D-9694-2F3EE006E9D8} folder moved successfully.
C:\Users\Wyatt\AppData\Local\{9EE2AA0B-A40A-4263-B181-F2087B380D7B} folder moved successfully.
C:\WINDOWS\Tasks\wdc.dll moved successfully.
C:\ProgramData\CmU4kIPXlQ6g.cpl moved successfully.
C:\ProgramData\OWoE1QVAj.cpl moved successfully.
C:\ProgramData\e264e8fd60264f390a09782012019fad12372fe4 moved successfully.
C:\ProgramData\6xCC8Jcn.exe moved successfully.
File C:\ProgramData\39G9JuXb.exe not found.
File C:\ProgramData\e264e8fd60264f390a09782012019fad12372fe4 not found.
File C:\ProgramData\6xCC8Jcn.exe not found.
========== FILES ==========
File\Folder C:\ProgramData\e264e8fd60264f390a09782012019fad12372fe4 not found.
File\Folder C:\ProgramData\tPpoMGqKOlVS7 not found.
========== COMMANDS ==========
C:\windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.59.1 log created on 08292012_135419




Malwarebytes log:

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.29.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Wyatt :: WYATTPC [administrator]

29/8/2012 2:00:26 PM
mbam-log-2012-08-29 (14-00-26).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 215125
Time elapsed: 7 minute(s), 39 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)



I'm looking forward to your further help.

Once again, thank you so much for helping me out.

Cheers,
Wyatt
  • 0

#4
maliprog
Posted 29 August 2012 - 12:18 AM

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
How is your system now? Can you open Firefox and Chrome now?

  • Run OTL.
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open notepad window. OTL.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of this file, and post it with your next reply.

  • 0

#5
WyffGoaL
Posted 29 August 2012 - 01:20 AM

WyffGoaL

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts
Hi maliprog,

Thanks once again for the prompt reply.

I'm still not able to open Chrome/FireFox, when I click on Chrome/Firefox's icon, it always open IE instead of the actual browser which is super weird.

I'm going to do the OTL scan now.

Thanks.
  • 0

#6
WyffGoaL
Posted 29 August 2012 - 01:32 AM

WyffGoaL

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts
OTL Log:

OTL logfile created on: 29/8/2012 3:21:06 PM - Run 2
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Users\Wyatt\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00004409 | Country: Malaysia | Language: ENM | Date Format: d/M/yyyy

5.91 Gb Total Physical Memory | 4.58 Gb Available Physical Memory | 77.42% Memory free
11.82 Gb Paging File | 9.72 Gb Available in Paging File | 82.22% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 304.53 Gb Total Space | 242.74 Gb Free Space | 79.71% Space Free | Partition Type: NTFS
Drive E: | 146.48 Gb Total Space | 144.52 Gb Free Space | 98.66% Space Free | Partition Type: NTFS

Computer Name: WYATTPC | User Name: Wyatt | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/08/29 11:48:57 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Users\Wyatt\Desktop\OTL.exe
PRC - [2012/07/27 13:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/06/04 10:01:23 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2011/10/01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011/10/01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011/09/07 01:29:20 | 004,259,648 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
PRC - [2011/08/18 23:05:54 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
PRC - [2011/08/18 23:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
PRC - [2011/08/02 01:56:48 | 000,460,096 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
PRC - [2011/05/19 15:16:48 | 000,995,392 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
PRC - [2011/05/19 15:16:36 | 000,921,664 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2011/04/23 00:13:00 | 002,009,704 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011/04/22 09:32:26 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010/11/06 13:54:22 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/10/06 11:04:12 | 002,655,768 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/10/06 11:04:08 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe


========== Modules (No Company Name) ==========

MOD - [2012/06/13 21:50:35 | 014,340,608 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\0f59b7aebc4be73d5da020c88c72f33b\PresentationFramework.ni.dll
MOD - [2012/06/13 21:50:23 | 012,436,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\828e99a57411166ccc26d24be089ba44\System.Windows.Forms.ni.dll
MOD - [2012/06/13 21:50:18 | 001,591,808 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\502adc65e43b9d025cba1fd0bfa964a8\System.Drawing.ni.dll
MOD - [2012/06/13 21:50:15 | 012,237,824 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\a6fc17fd5d463a675fa6c9bb7ed1ab73\PresentationCore.ni.dll
MOD - [2012/05/16 20:44:36 | 002,297,856 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\7dfba5d1d4bb05f6e4ea95ffa0f359a9\System.Core.ni.dll
MOD - [2012/05/14 10:45:00 | 000,368,128 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\96a5c5331595b2dbc3a891ad1249e519\PresentationFramework.Aero.ni.dll
MOD - [2012/05/14 10:44:05 | 003,347,968 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\5b10c18a074132f1ae4a86d860cf9615\WindowsBase.ni.dll
MOD - [2012/05/14 10:44:00 | 005,452,800 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\cfb0e4de1afd3f2efbbf39a5e39f646a\System.Xml.ni.dll
MOD - [2012/05/14 10:43:57 | 000,971,264 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2a5cbab122112cd4291b684e67460c16\System.Configuration.ni.dll
MOD - [2012/05/14 10:43:56 | 007,967,232 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\9447bd5b21a91081d4275b4c4401b1f9\System.ni.dll
MOD - [2012/05/14 10:43:46 | 011,493,376 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\2ab531f4915cccb998c4e852fb7efd00\mscorlib.ni.dll
MOD - [2011/08/18 23:05:54 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
MOD - [2011/04/23 00:13:00 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll


========== Services (SafeList) ==========

SRV:64bit: - [2012/08/23 11:57:48 | 000,502,064 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\mcafee\virusscan\mcods.exe -- (McODS)
SRV:64bit: - [2012/05/27 16:36:14 | 000,040,048 | ---- | M] (SparkLabs) [Auto | Running] -- C:\Program Files\WiTopia\WiTopiaService.exe -- (WiTopiaService)
SRV:64bit: - [2012/03/20 13:11:30 | 000,162,192 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\WINDOWS\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2012/03/20 12:56:24 | 000,210,584 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2012/03/20 12:55:54 | 000,199,272 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2011/09/16 08:41:28 | 001,518,352 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2011/09/16 08:28:06 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2011/09/16 08:24:52 | 000,844,560 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2011/09/15 23:54:46 | 001,166,848 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV:64bit: - [2011/06/04 02:51:38 | 000,134,928 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
SRV:64bit: - [2011/03/09 07:00:50 | 000,224,704 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- c:\Program Files\mcafee\msc\McAWFwk.exe -- (McAWFwk)
SRV:64bit: - [2011/01/28 08:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:64bit: - [2011/01/28 08:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2011/01/28 08:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McOobeSv)
SRV:64bit: - [2011/01/28 08:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:64bit: - [2011/01/28 08:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2011/01/28 08:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:64bit: - [2011/01/28 08:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2011/01/25 17:57:18 | 000,296,448 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2010/11/30 05:00:56 | 000,149,504 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2010/09/23 08:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/14 09:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/03/03 18:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV - [2012/08/20 23:02:30 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/27 13:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/07/22 22:11:22 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/07/03 13:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/05/13 19:51:50 | 000,024,576 | ---- | M] (Apache Software Foundation) [On_Demand | Stopped] -- c:\wamp\bin\apache\apache2.4.2\bin\httpd.exe -- (wampapache)
SRV - [2012/04/19 15:45:02 | 009,693,696 | ---- | M] () [On_Demand | Stopped] -- c:\wamp\bin\mysql\mysql5.5.24\bin\mysqld.exe -- (wampmysqld)
SRV - [2012/04/05 13:08:34 | 002,143,552 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011/10/01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011/08/18 23:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService)
SRV - [2011/05/19 15:16:48 | 000,995,392 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2011/05/19 15:16:46 | 001,335,360 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service)
SRV - [2011/05/19 15:16:36 | 000,921,664 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2011/04/23 00:13:00 | 002,009,704 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011/04/22 09:32:26 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010/11/06 13:54:22 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/10/06 11:04:12 | 002,655,768 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/10/06 11:04:08 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/08/26 10:28:54 | 002,823,000 | ---- | M] (Dell, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe -- (NOBU)
SRV - [2010/03/19 03:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/06/11 05:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/05/27 16:36:34 | 000,038,368 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\visctap0901.sys -- (visctap0901)
DRV:64bit: - [2012/03/01 14:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/22 13:29:46 | 000,647,208 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2012/02/22 13:29:46 | 000,487,296 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2012/02/22 13:29:46 | 000,289,664 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2012/02/22 13:29:46 | 000,229,528 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2012/02/22 13:29:46 | 000,160,792 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2012/02/22 13:29:46 | 000,100,912 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2012/02/22 13:29:46 | 000,075,936 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\mfenlfk.sys -- (mfenlfk)
DRV:64bit: - [2012/02/22 13:29:46 | 000,065,264 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2012/02/15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/12/09 19:45:00 | 000,060,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\iBtFltCoex.sys -- (iBtFltCoex)
DRV:64bit: - [2011/11/15 01:13:00 | 000,327,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\btmhsf.sys -- (btmhsf)
DRV:64bit: - [2011/10/01 08:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011/10/01 08:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011/10/01 08:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011/10/01 08:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011/09/18 16:26:52 | 008,604,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2011/09/15 23:48:24 | 000,299,008 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\AmpPal.sys -- (AMPPALP)
DRV:64bit: - [2011/09/15 23:48:24 | 000,299,008 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\AmpPal.sys -- (AMPPAL)
DRV:64bit: - [2011/08/02 16:38:44 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:64bit: - [2011/07/21 06:21:50 | 000,406,336 | ---- | M] (Texas Instruments Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\tixhci.sys -- (tixhci)
DRV:64bit: - [2011/07/21 06:21:50 | 000,136,000 | ---- | M] (Texas Instruments Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\tihub3.sys -- (tihub3)
DRV:64bit: - [2011/06/22 05:19:14 | 000,025,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2011/06/22 05:19:12 | 000,034,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2011/06/10 06:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/05/19 15:17:04 | 000,053,248 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\btmaux.sys -- (btmaux)
DRV:64bit: - [2011/05/19 15:17:02 | 000,051,712 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\btmaud.sys -- (btmaudio)
DRV:64bit: - [2011/05/13 16:28:46 | 000,363,856 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2011/04/23 00:13:00 | 000,025,960 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2011/04/20 03:07:48 | 001,930,240 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\athurx.sys -- (athur)
DRV:64bit: - [2011/04/11 03:51:06 | 012,223,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/03/11 14:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 14:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/04 13:29:20 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011/01/25 17:57:18 | 000,520,192 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2011/01/21 01:20:46 | 000,176,096 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2010/11/30 05:00:04 | 000,016,120 | ---- | M] (Intel® Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2010/11/21 11:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/21 11:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/21 11:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/07 07:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/10/30 08:11:42 | 000,250,984 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/10/19 23:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/03/19 17:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/07/14 09:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 09:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 09:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 08:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/11 04:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/11 04:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/11 04:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/11 04:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2008/09/25 10:36:14 | 000,238,848 | ---- | M] (Sensible Vision ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\facap.sys -- (FACAP)
DRV:64bit: - [2006/11/02 02:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2012/03/29 16:32:12 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2009/07/14 09:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}: "URL" = http://www.bing.com/...rc=IE-SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com.my/
IE - HKCU\..\SearchScopes,DefaultScope = {1FF7973D-AB0A-496d-82C1-4EADBBA11E7B}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_3_300_271.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.3.1: C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.3.1: C:\Program Files (x86)\Oracle\JavaFX 2.0 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~2\mcafee\msc\npmcsn~1.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@qvod.com/QvodInsert: C:\Program Files (x86)\QvodPlayer\npQvodInsert.dll (Shenzhen QVOD Technology Co.,Ltd)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@spoon.net/Spoon Plugin 3.33: C:\Program Files (x86)\Spoon\3.33.0.13\npMozillaSpoonPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Wyatt\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Wyatt\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/06/04 10:01:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore [2012/07/09 09:43:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/07/22 22:11:24 | 000,000,000 | ---D | M]

[2012/07/08 20:07:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Wyatt\AppData\Roaming\Mozilla\Extensions
[2012/08/04 16:07:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Wyatt\AppData\Roaming\Mozilla\Firefox\Profiles\lhiax2av.default\extensions
[2012/07/17 19:00:36 | 000,000,000 | ---D | M] (Live HTTP Headers) -- C:\Users\Wyatt\AppData\Roaming\Mozilla\Firefox\Profiles\lhiax2av.default\extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}
[2012/07/08 20:07:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/07/22 22:11:24 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/06/15 06:19:40 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/06/15 06:19:40 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.chromefans.org/
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Wyatt\AppData\Local\Google\Chrome\Application\21.0.1180.83\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Wyatt\AppData\Local\Google\Chrome\Application\21.0.1180.83\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Wyatt\AppData\Local\Google\Chrome\Application\21.0.1180.83\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Wyatt\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Orbit Downloader (Enabled) = C:\Users\Wyatt\AppData\Local\Google\Chrome\Application\plugins\nporbit.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Java™ Platform SE 7 U3 (Enabled) = C:\Program Files (x86)\Oracle\JavaFX 2.0 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.30.255 (Enabled) = C:\windows\system32\npDeployJava1.dll
CHR - plugin: QvodInsert (Enabled) = C:\Program Files (x86)\QvodPlayer\npQvodInsert.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: RealNetworks™ Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Wyatt\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: McAfee SecurityCenter (Enabled) = c:\progra~2\mcafee\msc\npmcsn~1.dll
CHR - Extension: Awesome Screenshot: Capture & Annotate = C:\Users\Wyatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\alelhddbbhepgpmgidjdcjakblofbmce\3.3.7_0\
CHR - Extension: YouTube = C:\Users\Wyatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Wyatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: User-Agent Switcher for Chrome = C:\Users\Wyatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\djflhoibgkdhkhhcedjiklpkjnoahfmg\1.0.17_0\
CHR - Extension: Silver Bird = C:\Users\Wyatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\encaiiljifbdbjlphpgpiimidegddhic\1.9.8.12_0\
CHR - Extension: PageSpeed Insights (by Google) = C:\Users\Wyatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\gplegfbjlmmehdoakndmohflojccocli\2.0.1.0_0\
CHR - Extension: Andrew@ChromeFans = C:\Users\Wyatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdkkfheckcdppiaiabobmennhijkknn\4.7.9_0\
CHR - Extension: Eye Dropper = C:\Users\Wyatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmdcmlfkchdmnmnmheododdhjedfccka\0.2.6_0\
CHR - Extension: Adobe Shadow = C:\Users\Wyatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijoeapleklopieoejahbpdnhkjjgddem\1.0.295_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Wyatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Power Editor = C:\Users\Wyatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgbefhffiiongohodpopckdcalediegk\1.1_0\
CHR - Extension: Keyword Researcher = C:\Users\Wyatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnbgfbemdoolmminolmdjdkaehibphme\1.3.5_0\
CHR - Extension: Session Manager = C:\Users\Wyatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\mghenlmbmjcpehccoangkdpagbcbkdpc\3.4.3_0\
CHR - Extension: Google Mail Checker = C:\Users\Wyatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\3.2_0\
CHR - Extension: Ghostery = C:\Users\Wyatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\4.0.0_0\
CHR - Extension: SEO for Chrome = C:\Users\Wyatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\oangcciaeihlfmhppegpdceadpfaoclj\0.9.5_0\
CHR - Extension: Bolt Save and Share = C:\Users\Wyatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofmipocdiiichlijcngflajilbpkkfhj\7.2_0\
CHR - Extension: Google Global = C:\Users\Wyatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojgmigafbpedhdilmemphfklkbghlphi\1.0_0\
CHR - Extension: Gmail = C:\Users\Wyatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/08/29 13:54:38 | 000,000,098 | ---- | M]) - C:\WINDOWS\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\mcafee\systemcore\ScriptSn.20120615120604.dll (McAfee, Inc.)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\mcafee\SystemCore\ScriptSn.20120708221926.dll (McAfee, Inc.)
O2 - BHO: (QvodExtend) - {A8502600-B272-4F68-A67B-A0305D46D297} - C:\Program Files (x86)\QvodPlayer\QvodExtend.dll (Shenzhen QVOD Technology Co.,Ltd)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.0 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\WINDOWS\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelPAN] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\WINDOWS\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [QvodTerminal] C:\Program Files (x86)\QvodPlayer\QvodTerminal.exe (Shenzhen QVOD Technology Co.,Ltd)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [PPS Accelerator] C:\PPStream\PPSAP.exe (PPStream Inc)
O4 - Startup: C:\Users\Wyatt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Wyatt\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Wyatt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PPS.lnk = C:\PPStream\PPStream.exe (PPStream Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: &Download by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8:64bit: - Extra context menu item: &Grab video by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8:64bit: - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8:64bit: - Extra context menu item: Down&load all by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: &Download by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: &Grab video by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Down&load all by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.1.0)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_01)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} https://support.dell...r/SysProExe.CAB (WMI Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.3.1)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_03)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{23CEA19E-5F6E-4926-9576-4A14C5FD2D1D}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4DEFA122-E95D-462F-9299-AD5B16D1B808}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E013816E-E046-4682-912F-95A931CA0CA5}: DhcpNameServer = 8.8.8.8 10.118.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F3A7F187-D150-424B-AC10-752DA5E5DA6B}: DhcpNameServer = 203.82.64.129 203.82.64.145
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\WINDOWS\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\WINDOWS\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\WINDOWS\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/08/29 14:00:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2012/08/29 13:54:19 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/08/29 11:48:47 | 000,598,528 | ---- | C] (OldTimer Tools) -- C:\Users\Wyatt\Desktop\OTL.exe
[2012/08/29 10:41:16 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\Desktop\2012_08_29
[2012/08/29 01:48:52 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\Desktop\GeoIP-111_20120821
[2012/08/29 01:41:57 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\Desktop\stm-mobile-tracker-v1.0
[2012/08/28 20:46:05 | 000,000,000 | ---D | C] -- C:\ProgramData\WLSetup
[2012/08/28 18:51:19 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\Desktop\DingFengOnline.com
[2012/08/28 12:43:03 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\Desktop\assaulter___android_app___at_t_only___us
[2012/08/24 10:21:05 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Support Center
[2012/08/24 10:21:04 | 000,000,000 | ---D | C] -- C:\ProgramData\PC-Doctor for Windows
[2012/08/21 14:59:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PPStream
[2012/08/07 11:28:26 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\Documents\Ding Feng Online Sdn. Bhd. Expenses
[2012/08/06 19:45:10 | 000,000,000 | -HSD | C] -- C:\found.000
[2012/08/03 14:37:06 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\Desktop\Mobile Campaigns
[2012/08/02 23:26:38 | 000,000,000 | ---D | C] -- C:\Users\Wyatt\Desktop\WAP - Sweepstakes - English
[2012/07/30 15:54:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Shadow
[1 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/08/29 15:02:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2012/08/29 14:57:05 | 000,000,908 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1415409250-421658165-2567368482-1001UA.job
[2012/08/29 14:03:25 | 000,020,928 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/29 14:03:25 | 000,020,928 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/29 13:55:37 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/08/29 13:55:30 | 464,711,679 | -HS- | M] () -- C:\hiberfil.sys
[2012/08/29 13:54:38 | 000,000,098 | ---- | M] () -- C:\windows\SysNative\drivers\etc\Hosts
[2012/08/29 11:48:57 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Users\Wyatt\Desktop\OTL.exe
[2012/08/29 10:32:26 | 000,193,953 | ---- | M] () -- C:\Users\Wyatt\Desktop\Surge Portal IO 140118 (2012-08-24).pdf
[2012/08/29 01:58:45 | 000,040,549 | ---- | M] () -- C:\Users\Wyatt\Desktop\Server Usage.jpg
[2012/08/29 01:48:56 | 085,337,936 | ---- | M] () -- C:\Users\Wyatt\Desktop\GeoIP-113_20120807.zip
[2012/08/29 01:48:11 | 063,100,819 | ---- | M] () -- C:\Users\Wyatt\Desktop\GeoIP-111_20120821.tar.gz
[2012/08/29 01:34:57 | 002,621,072 | ---- | M] () -- C:\Users\Wyatt\Desktop\stm-mobile-tracker-v1.0.zip
[2012/08/29 01:24:04 | 000,034,533 | ---- | M] () -- C:\Users\Wyatt\Desktop\namecheap-order7026225.pdf
[2012/08/28 22:40:33 | 000,018,216 | ---- | M] () -- C:\Users\Wyatt\Desktop\28 August.pdf
[2012/08/28 17:59:25 | 000,012,297 | ---- | M] () -- C:\Users\Wyatt\Desktop\Invoice-71233.pdf
[2012/08/28 15:08:55 | 000,783,940 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2012/08/28 15:08:55 | 000,655,542 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2012/08/28 15:08:55 | 000,122,156 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2012/08/27 19:10:26 | 000,001,456 | ---- | M] () -- C:\Users\Wyatt\AppData\Local\Adobe Save for Web 12.0 Prefs
[2012/08/26 19:57:03 | 000,000,856 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1415409250-421658165-2567368482-1001Core.job
[2012/08/24 11:38:58 | 000,001,034 | ---- | M] () -- C:\Users\Wyatt\Desktop\AIM.lnk
[2012/08/22 10:59:36 | 000,002,413 | ---- | M] () -- C:\Users\Wyatt\Desktop\Google Chrome.lnk
[2012/08/21 15:32:00 | 004,969,960 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2012/08/21 14:59:09 | 000,000,706 | ---- | M] () -- C:\Users\Wyatt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PPS.lnk
[2012/08/21 14:59:07 | 000,000,678 | ---- | M] () -- C:\Users\Wyatt\Application Data\Microsoft\Internet Explorer\Quick Launch\PPS影音.lnk
[2012/08/21 14:59:07 | 000,000,654 | ---- | M] () -- C:\Users\Public\Desktop\PPS影音.lnk
[2012/08/02 15:12:16 | 000,000,989 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/08/01 19:16:24 | 000,284,291 | ---- | M] () -- C:\Users\Wyatt\Desktop\DF Online.jpg
[2012/07/30 16:23:49 | 000,000,955 | ---- | M] () -- C:\Users\Wyatt\Desktop\Adobe Shadow.lnk
[1 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/08/29 10:32:26 | 000,193,953 | ---- | C] () -- C:\Users\Wyatt\Desktop\Surge Portal IO 140118 (2012-08-24).pdf
[2012/08/29 01:58:45 | 000,040,549 | ---- | C] () -- C:\Users\Wyatt\Desktop\Server Usage.jpg
[2012/08/29 01:44:40 | 085,337,936 | ---- | C] () -- C:\Users\Wyatt\Desktop\GeoIP-113_20120807.zip
[2012/08/29 01:44:28 | 063,100,819 | ---- | C] () -- C:\Users\Wyatt\Desktop\GeoIP-111_20120821.tar.gz
[2012/08/29 01:34:48 | 002,621,072 | ---- | C] () -- C:\Users\Wyatt\Desktop\stm-mobile-tracker-v1.0.zip
[2012/08/29 01:24:03 | 000,034,533 | ---- | C] () -- C:\Users\Wyatt\Desktop\namecheap-order7026225.pdf
[2012/08/28 22:40:32 | 000,018,216 | ---- | C] () -- C:\Users\Wyatt\Desktop\28 August.pdf
[2012/08/28 17:59:25 | 000,012,297 | ---- | C] () -- C:\Users\Wyatt\Desktop\Invoice-71233.pdf
[2012/08/21 14:59:10 | 000,000,666 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PPS 影音.lnk
[2012/08/21 14:59:09 | 000,000,706 | ---- | C] () -- C:\Users\Wyatt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PPS.lnk
[2012/08/21 14:59:07 | 000,000,678 | ---- | C] () -- C:\Users\Wyatt\Application Data\Microsoft\Internet Explorer\Quick Launch\PPS影音.lnk
[2012/08/21 14:59:07 | 000,000,654 | ---- | C] () -- C:\Users\Public\Desktop\PPS影音.lnk
[2012/08/01 19:16:23 | 000,284,291 | ---- | C] () -- C:\Users\Wyatt\Desktop\DF Online.jpg
[2012/07/30 16:23:49 | 000,000,955 | ---- | C] () -- C:\Users\Wyatt\Desktop\Adobe Shadow.lnk
[2012/06/26 22:43:57 | 000,187,432 | -H-- | C] () -- C:\windows\SysWow64\mlfcache.dat
[2012/06/06 12:15:56 | 000,000,248 | ---- | C] () -- C:\windows\Brpfx04a.ini
[2012/06/06 12:15:56 | 000,000,094 | ---- | C] () -- C:\windows\brpcfx.ini
[2012/06/06 12:15:32 | 000,003,303 | ---- | C] () -- C:\windows\BRPARAM.INI
[2012/06/06 12:13:45 | 000,045,056 | ---- | C] () -- C:\windows\SysWow64\BRTCPCON.DLL
[2012/06/06 12:13:41 | 000,000,114 | ---- | C] () -- C:\windows\SysWow64\BRLMW03A.INI
[2012/05/04 17:39:10 | 000,001,456 | ---- | C] () -- C:\Users\Wyatt\AppData\Local\Adobe Save for Web 12.0 Prefs
[2012/04/18 21:41:28 | 000,645,632 | ---- | C] () -- C:\windows\SysWow64\xvidcore.dll
[2012/04/18 21:41:28 | 000,240,640 | ---- | C] () -- C:\windows\SysWow64\xvidvfw.dll
[2012/02/01 13:52:34 | 000,963,116 | ---- | C] () -- C:\windows\SysWow64\igkrng600.bin
[2012/02/01 13:52:34 | 000,218,304 | ---- | C] () -- C:\windows\SysWow64\igfcg600m.bin
[2012/02/01 13:52:34 | 000,056,832 | ---- | C] () -- C:\windows\SysWow64\igdde32.dll
[2012/02/01 13:52:33 | 013,356,032 | ---- | C] () -- C:\windows\SysWow64\ig4icd32.dll
[2012/02/01 13:52:33 | 000,145,804 | ---- | C] () -- C:\windows\SysWow64\igcompkrng600.bin
[2012/02/01 12:28:00 | 000,017,776 | ---- | C] () -- C:\windows\EvtMessage.dll
[2012/02/01 12:23:20 | 000,008,192 | ---- | C] () -- C:\windows\SysWow64\drivers\IntelMEFWVer.dll
[2011/11/17 04:49:04 | 000,000,096 | ---- | C] () -- C:\windows\LaunApp.ini
[2011/11/17 04:49:01 | 000,000,325 | ---- | C] () -- C:\windows\Prelaunch.ini
[2011/11/17 04:49:01 | 000,000,271 | ---- | C] () -- C:\windows\WisPriority.ini
[2011/11/17 04:49:01 | 000,000,035 | ---- | C] () -- C:\windows\DELL_LANGCODE.ini
[2011/11/17 04:49:01 | 000,000,033 | ---- | C] () -- C:\windows\DELL_OSTYPE.ini
[2011/11/17 04:49:01 | 000,000,032 | ---- | C] () -- C:\windows\WisHWDest.ini
[2011/11/17 04:49:01 | 000,000,028 | ---- | C] () -- C:\windows\WisLangCode.ini
[2011/11/17 04:49:01 | 000,000,023 | ---- | C] () -- C:\windows\WisSysInfo.ini
[2011/11/17 03:25:01 | 000,778,156 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI

========== LOP Check ==========

[2012/06/06 12:04:23 | 000,000,000 | ---D | M] -- C:\Users\Wyatt\AppData\Roaming\Canon
[2012/07/05 17:25:34 | 000,000,000 | ---D | M] -- C:\Users\Wyatt\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012/07/11 03:09:07 | 000,000,000 | ---D | M] -- C:\Users\Wyatt\AppData\Roaming\com.springbox.mobilizer
[2012/06/02 16:56:22 | 000,000,000 | ---D | M] -- C:\Users\Wyatt\AppData\Roaming\DiskAid
[2012/08/29 13:56:54 | 000,000,000 | ---D | M] -- C:\Users\Wyatt\AppData\Roaming\Dropbox
[2012/07/19 13:20:26 | 000,000,000 | ---D | M] -- C:\Users\Wyatt\AppData\Roaming\FileZilla
[2012/04/18 20:36:18 | 000,000,000 | ---D | M] -- C:\Users\Wyatt\AppData\Roaming\Fingertapps
[2012/06/27 14:43:54 | 000,000,000 | ---D | M] -- C:\Users\Wyatt\AppData\Roaming\IDT
[2012/06/26 22:41:25 | 000,000,000 | ---D | M] -- C:\Users\Wyatt\AppData\Roaming\MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1
[2012/04/24 19:14:46 | 000,000,000 | ---D | M] -- C:\Users\Wyatt\AppData\Roaming\Notepad++
[2012/06/21 21:39:52 | 000,000,000 | ---D | M] -- C:\Users\Wyatt\AppData\Roaming\Orbit
[2012/04/18 21:05:10 | 000,000,000 | ---D | M] -- C:\Users\Wyatt\AppData\Roaming\PCDr
[2012/08/29 13:57:08 | 000,000,000 | ---D | M] -- C:\Users\Wyatt\AppData\Roaming\PPStream
[2012/04/18 21:27:54 | 000,000,000 | ---D | M] -- C:\Users\Wyatt\AppData\Roaming\ProgSense
[2012/05/11 18:05:23 | 000,000,000 | ---D | M] -- C:\Users\Wyatt\AppData\Roaming\SoftGrid Client
[2012/07/16 17:40:59 | 000,000,000 | ---D | M] -- C:\Users\Wyatt\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012/04/18 21:14:00 | 000,000,000 | ---D | M] -- C:\Users\Wyatt\AppData\Roaming\TP
[2012/08/07 18:09:29 | 000,000,000 | ---D | M] -- C:\Users\Wyatt\AppData\Roaming\TuneUp Software
[2012/07/14 02:05:59 | 000,000,000 | ---D | M] -- C:\Users\Wyatt\AppData\Roaming\WiTopia
[2012/08/09 10:01:39 | 000,032,598 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2012/07/18 22:50:29 | 000,000,040 | ---- | M] ()(C:\windows\SysNative\@?) -- C:\windows\SysNative\@Ñ
[2012/07/18 22:50:29 | 000,000,040 | ---- | C] ()(C:\windows\SysNative\@?) -- C:\windows\SysNative\@Ñ

< End of report >
  • 0

#7
maliprog
Posted 29 August 2012 - 01:40 AM

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
OK. OTL log looks clean. Let's do custom scan.

Run OTL again

  • Double click on the icon to run it (If running Vista or Windows 7, right click on it and select "Run as an Administrator"). Make sure all other windows are closed and to let it run uninterrupted.
  • Press button named None Posted Image
  • Under the Custom Scan/Fixes box paste this in

    hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open OTL.txt. This file is also saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of this file and post it here to me

  • 0

#8
WyffGoaL
Posted 29 August 2012 - 01:47 AM

WyffGoaL

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts
Hey maliprog,

Thanks for the prompt reply again.


OTL Log:

OTL logfile created on: 29/8/2012 3:45:37 PM - Run 3
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Users\Wyatt\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00004409 | Country: Malaysia | Language: ENM | Date Format: d/M/yyyy

5.91 Gb Total Physical Memory | 4.42 Gb Available Physical Memory | 74.74% Memory free
11.82 Gb Paging File | 9.64 Gb Available in Paging File | 81.60% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 304.53 Gb Total Space | 242.73 Gb Free Space | 79.71% Space Free | Partition Type: NTFS
Drive E: | 146.48 Gb Total Space | 144.52 Gb Free Space | 98.66% Space Free | Partition Type: NTFS

Computer Name: WYATTPC | User Name: Wyatt | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

========== Custom Scans ==========

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/07/22 22:11:18 | 000,865,776 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/07/22 22:11:18 | 000,865,776 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/07/22 22:11:18 | 000,865,776 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files (x86)\Mozilla Firefox\firefox.exe [2012/08/29 10:36:20 | 000,117,248 | ---- | M] (Mozilla)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -preferences [2012/08/29 10:36:20 | 000,117,248 | ---- | M] (Mozilla)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -safe-mode [2012/08/29 10:36:20 | 000,117,248 | ---- | M] (Mozilla)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Users\Wyatt\AppData\Local\Google\Chrome\Application\chrome.exe" --show-icons [2012/08/29 10:36:20 | 000,054,272 | ---- | M] ()
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Users\Wyatt\AppData\Local\Google\Chrome\Application\chrome.exe" --hide-icons [2012/08/29 10:36:20 | 000,054,272 | ---- | M] ()
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Users\Wyatt\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/08/29 10:36:20 | 000,054,272 | ---- | M] ()
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Users\Wyatt\AppData\Local\Google\Chrome\Application\chrome.exe" [2012/08/29 10:36:20 | 000,054,272 | ---- | M] ()
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2012/02/01 12:25:28 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2012/02/01 12:25:28 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2012/02/01 12:25:28 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -extoff [2012/06/29 09:00:47 | 000,748,664 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files (x86)\Internet Explorer\iexplore.exe [2012/06/29 09:00:47 | 000,748,664 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /HIDESHORTCUTS [2012/07/22 22:11:18 | 000,865,776 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SHOWSHORTCUTS [2012/07/22 22:11:18 | 000,865,776 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SETASDEFAULTAPPGLOBAL [2012/07/22 22:11:18 | 000,865,776 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE [2012/08/29 10:36:20 | 000,117,248 | ---- | M] (Mozilla)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -PREFERENCES [2012/08/29 10:36:20 | 000,117,248 | ---- | M] (Mozilla)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -SAFE-MODE [2012/08/29 10:36:20 | 000,117,248 | ---- | M] (Mozilla)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\USERS\WYATT\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --SHOW-ICONS [2012/08/29 10:36:20 | 000,054,272 | ---- | M] ()
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\USERS\WYATT\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --HIDE-ICONS [2012/08/29 10:36:20 | 000,054,272 | ---- | M] ()
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\USERS\WYATT\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --MAKE-DEFAULT-BROWSER [2012/08/29 10:36:20 | 000,054,272 | ---- | M] ()
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\USERS\WYATT\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE" [2012/08/29 10:36:20 | 000,054,272 | ---- | M] ()
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2012/02/01 12:25:28 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2012/02/01 12:25:28 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2012/02/01 12:25:28 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2012/06/29 09:00:47 | 000,748,664 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE [2012/06/29 09:00:47 | 000,748,664 | ---- | M] (Microsoft Corporation)

< End of report >
  • 0

#9
maliprog
Posted 29 August 2012 - 02:57 AM

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Let's try something.

Right click an empty spot on the Desktop and select New then Shortcut from the
menu.

In the "Type the location of the item" line place the following:

"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"

Make sure to including the quotes and space (just like in code box above)

Click Next then click Finish.

Double click this shortcut to start Firefox. Just let me know did it start Firefox this time.
  • 0

#10
WyffGoaL
Posted 29 August 2012 - 03:06 AM

WyffGoaL

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts
Hi maliprog,

I've followed everything to the T, too bad it still opens IE instead when I click on the new created firefox shortcut, same goes to Google Chrome. It seems like IE is overlapping every browser though.

It's really weird.

Thanks once again.

Cheers,
Wyatt

Edited by WyffGoaL, 29 August 2012 - 03:06 AM.

  • 0

Advertisements

#11
WyffGoaL
Posted 29 August 2012 - 03:09 AM

WyffGoaL

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts
Hi maliprog,

I've discovered another thing, if a user sends me a URL/Hyperlink via instant messenger like MSN Live Messenger or Skype, it won't open the actual URL/Link and it will always go to the "Home Page" I set.

Hope you could really help me find out what's actually going on with my PC, it's mostly a nasty malware infected my PC.

Thanks once again.

Cheers,
Wyatt
  • 0

#12
maliprog
Posted 29 August 2012 - 03:15 AM

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Yes. This is really really weird... I'll do some more scans and try to figure out what is hiding in there.

Step 1

Can you try to reinstall Firefox. Please download latest version from Here and install it. Try to start Firefox after installation.

Let me know results.

Step 2

Download the latest version of TDSSKiller from here and save it to your Desktop.

  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  • Check the boxes beside:

    • Verify Driver Digital Signature
    • Detect TDLFS file system
  • then click OK.
  • Click the Start Scan button to start the scan.
  • If a suspicious object is detected, the default action will be Skip
  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure Cure is selected for malicious objects

    Posted Image
  • Click Continue then Reboot now to finish the cleaning process.
  • Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

Step 3

Download GMER from Here. Note the file's name and save it to your root folder, such as C:.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security program drivers will not conflict with this file.
  • Click on this link to see a list of programs that should be disabled.
  • Double-click on the downloaded file to start the program. (If running Vista, right click on it and select "Run as an Administrator")
  • Allow the driver to load if asked.
  • You may be prompted to scan immediately if it detects rootkit activity.
  • If you are prompted to scan your system click "No", save the log and post back the results.
  • If not prompted, click the "Rootkit/Malware" tab.
  • On the right-side, all items to be scanned should be checked by default except for "Show All". Leave that box unchecked.
  • Select all drives that are connected to your system to be scanned.
  • Click the Scan button to begin. (Please be patient as it can take some time to complete)
  • When the scan is finished, click Save to save the scan results to your Desktop.
  • Save the file as Results.log and copy/paste the contents in your next reply.
  • Exit the program and re-enable all active protection when done.

Step 4

Please don't forget to include these items in your reply:

  • TDSSKiller log
  • GMER log
It would be helpful if you could post each log in separate post using "Add Reply" button
  • 0

#13
WyffGoaL
Posted 29 August 2012 - 04:45 AM

WyffGoaL

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts
Hi maliprog,

Thanks for the prompt support again.

I've done step 1 and now I'm able to open the latest version of FireFox without any problem, but too bad I'm still having problem with Google Chrome. I can't reinstall a fresh Chrome as it's attached with so many important things like Addon/extension and bookmarks that I have no backup with. I really do hope that you could help me solve my Chrome's problem, it's most probably my PC is infected by some nasty malwares or something.

Please kindly look for the logs below.


TDSSKiller log:

18:05:29.0677 7004 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
18:05:30.0956 7004 ============================================================
18:05:30.0956 7004 Current date / time: 2012/08/29 18:05:30.0956
18:05:30.0956 7004 SystemInfo:
18:05:30.0956 7004
18:05:30.0956 7004 OS Version: 6.1.7601 ServicePack: 1.0
18:05:30.0956 7004 Product type: Workstation
18:05:30.0956 7004 ComputerName: WYATTPC
18:05:30.0956 7004 UserName: Wyatt
18:05:30.0956 7004 Windows directory: C:\windows
18:05:30.0956 7004 System windows directory: C:\windows
18:05:30.0956 7004 Running under WOW64
18:05:30.0956 7004 Processor architecture: Intel x64
18:05:30.0956 7004 Number of processors: 8
18:05:30.0956 7004 Page size: 0x1000
18:05:30.0956 7004 Boot type: Normal boot
18:05:30.0956 7004 ============================================================
18:05:31.0861 7004 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:05:31.0876 7004 ============================================================
18:05:31.0876 7004 \Device\Harddisk0\DR0:
18:05:31.0876 7004 MBR partitions:
18:05:31.0876 7004 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D4C000
18:05:31.0876 7004 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D7E800, BlocksNum 0x2610F030
18:05:31.0892 7004 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x27E8E800, BlocksNum 0x124F7000
18:05:31.0892 7004 ============================================================
18:05:31.0954 7004 C: <-> \Device\Harddisk0\DR0\Partition2
18:05:32.0064 7004 E: <-> \Device\Harddisk0\DR0\Partition3
18:05:32.0064 7004 ============================================================
18:05:32.0064 7004 Initialize success
18:05:32.0064 7004 ============================================================
18:06:05.0339 4968 ============================================================
18:06:05.0339 4968 Scan started
18:06:05.0339 4968 Mode: Manual; SigCheck; TDLFS;
18:06:05.0339 4968 ============================================================
18:06:05.0885 4968 ================ Scan system memory ========================
18:06:05.0885 4968 System memory - ok
18:06:05.0885 4968 ================ Scan services =============================
18:06:06.0212 4968 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
18:06:06.0415 4968 1394ohci - ok
18:06:06.0462 4968 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
18:06:06.0509 4968 ACPI - ok
18:06:06.0524 4968 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
18:06:06.0618 4968 AcpiPmi - ok
18:06:06.0711 4968 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:06:06.0743 4968 AdobeARMservice - ok
18:06:06.0883 4968 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:06:06.0914 4968 AdobeFlashPlayerUpdateSvc - ok
18:06:07.0008 4968 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
18:06:07.0055 4968 adp94xx - ok
18:06:07.0117 4968 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\drivers\adpahci.sys
18:06:07.0164 4968 adpahci - ok
18:06:07.0179 4968 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\drivers\adpu320.sys
18:06:07.0226 4968 adpu320 - ok
18:06:07.0273 4968 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
18:06:07.0429 4968 AeLookupSvc - ok
18:06:07.0601 4968 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe
18:06:07.0679 4968 AESTFilters - ok
18:06:07.0772 4968 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
18:06:07.0850 4968 AFD - ok
18:06:07.0928 4968 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
18:06:07.0959 4968 agp440 - ok
18:06:07.0991 4968 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
18:06:08.0115 4968 ALG - ok
18:06:08.0162 4968 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
18:06:08.0193 4968 aliide - ok
18:06:08.0209 4968 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
18:06:08.0240 4968 amdide - ok
18:06:08.0256 4968 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
18:06:08.0303 4968 AmdK8 - ok
18:06:08.0318 4968 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\drivers\amdppm.sys
18:06:08.0349 4968 AmdPPM - ok
18:06:08.0396 4968 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
18:06:08.0427 4968 amdsata - ok
18:06:08.0459 4968 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\drivers\amdsbs.sys
18:06:08.0505 4968 amdsbs - ok
18:06:08.0521 4968 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
18:06:08.0677 4968 amdxata - ok
18:06:08.0724 4968 [ 3BC90482A834F998C3B7A9C934A20342 ] AMPPAL C:\windows\system32\DRIVERS\AMPPAL.sys
18:06:08.0802 4968 AMPPAL - ok
18:06:08.0817 4968 [ 3BC90482A834F998C3B7A9C934A20342 ] AMPPALP C:\windows\system32\DRIVERS\amppal.sys
18:06:08.0849 4968 AMPPALP - ok
18:06:08.0911 4968 [ A47D7FEBD9381D34DDB4FF38B15A67FE ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
18:06:09.0005 4968 AMPPALR3 - ok
18:06:09.0161 4968 [ 24ED0EB2B2558970176ECEE680F8F806 ] ApfiltrService C:\windows\system32\DRIVERS\Apfiltr.sys
18:06:09.0192 4968 ApfiltrService - ok
18:06:09.0223 4968 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
18:06:09.0473 4968 AppID - ok
18:06:09.0519 4968 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
18:06:09.0629 4968 AppIDSvc - ok
18:06:09.0675 4968 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
18:06:09.0785 4968 Appinfo - ok
18:06:09.0863 4968 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:06:09.0878 4968 Apple Mobile Device - ok
18:06:09.0909 4968 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\drivers\arc.sys
18:06:09.0941 4968 arc - ok
18:06:09.0987 4968 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\drivers\arcsas.sys
18:06:10.0019 4968 arcsas - ok
18:06:10.0143 4968 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:06:10.0175 4968 aspnet_state - ok
18:06:10.0206 4968 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
18:06:10.0331 4968 AsyncMac - ok
18:06:10.0362 4968 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
18:06:10.0393 4968 atapi - ok
18:06:10.0487 4968 [ EA0AF9B866DF07E8FE6C2342585788B0 ] athur C:\windows\system32\DRIVERS\athurx.sys
18:06:10.0611 4968 athur - ok
18:06:10.0689 4968 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
18:06:10.0799 4968 AudioEndpointBuilder - ok
18:06:10.0830 4968 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
18:06:10.0939 4968 AudioSrv - ok
18:06:10.0970 4968 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
18:06:11.0064 4968 AxInstSV - ok
18:06:11.0126 4968 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
18:06:11.0220 4968 b06bdrv - ok
18:06:11.0329 4968 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
18:06:11.0391 4968 b57nd60a - ok
18:06:11.0485 4968 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
18:06:11.0547 4968 BDESVC - ok
18:06:11.0563 4968 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
18:06:11.0735 4968 Beep - ok
18:06:11.0781 4968 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll
18:06:11.0906 4968 BFE - ok
18:06:11.0969 4968 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\System32\qmgr.dll
18:06:12.0093 4968 BITS - ok
18:06:12.0140 4968 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
18:06:12.0203 4968 blbdrive - ok
18:06:12.0296 4968 [ 5FF7B9916A10E8E69E7C0D16F0B4787A ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
18:06:12.0359 4968 Bluetooth Device Monitor ( UnsignedFile.Multi.Generic ) - warning
18:06:12.0359 4968 Bluetooth Device Monitor - detected UnsignedFile.Multi.Generic (1)
18:06:12.0405 4968 [ E43D73CAF1023976EFBA1D0F0E69E271 ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
18:06:12.0499 4968 Bluetooth Media Service ( UnsignedFile.Multi.Generic ) - warning
18:06:12.0499 4968 Bluetooth Media Service - detected UnsignedFile.Multi.Generic (1)
18:06:12.0546 4968 [ 20427929646784A482DF34EF8C4FED23 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
18:06:12.0593 4968 Bluetooth OBEX Service ( UnsignedFile.Multi.Generic ) - warning
18:06:12.0593 4968 Bluetooth OBEX Service - detected UnsignedFile.Multi.Generic (1)
18:06:12.0639 4968 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:06:12.0686 4968 Bonjour Service - ok
18:06:12.0780 4968 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
18:06:12.0842 4968 bowser - ok
18:06:12.0889 4968 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
18:06:12.0998 4968 BrFiltLo - ok
18:06:13.0014 4968 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
18:06:13.0076 4968 BrFiltUp - ok
18:06:13.0123 4968 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
18:06:13.0185 4968 Browser - ok
18:06:13.0248 4968 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
18:06:13.0341 4968 Brserid - ok
18:06:13.0373 4968 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
18:06:13.0419 4968 BrSerWdm - ok
18:06:13.0497 4968 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
18:06:13.0560 4968 BrUsbMdm - ok
18:06:13.0575 4968 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
18:06:13.0622 4968 BrUsbSer - ok
18:06:13.0700 4968 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\windows\system32\drivers\BthEnum.sys
18:06:13.0794 4968 BthEnum - ok
18:06:13.0809 4968 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
18:06:13.0872 4968 BTHMODEM - ok
18:06:13.0903 4968 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
18:06:13.0965 4968 BthPan - ok
18:06:14.0012 4968 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
18:06:14.0075 4968 BTHPORT - ok
18:06:14.0121 4968 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
18:06:14.0231 4968 bthserv - ok
18:06:14.0277 4968 [ 9E2AF97302B9F4BF97E952A865EB31AE ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
18:06:14.0309 4968 BTHSSecurityMgr - ok
18:06:14.0387 4968 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
18:06:14.0433 4968 BTHUSB - ok
18:06:14.0543 4968 [ 274E47BD9C1367BDBFA9DF10C2E6C544 ] btmaudio C:\windows\system32\drivers\btmaud.sys
18:06:14.0605 4968 btmaudio - ok
18:06:14.0621 4968 [ 75EAB5AAF6E9F83739249CE60B4B9C39 ] btmaux C:\windows\system32\DRIVERS\btmaux.sys
18:06:14.0667 4968 btmaux - ok
18:06:14.0699 4968 [ 40C6FEC49D1CC4D112368A2BCD2BCBB7 ] btmhsf C:\windows\system32\DRIVERS\btmhsf.sys
18:06:14.0777 4968 btmhsf - ok
18:06:14.0808 4968 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
18:06:14.0917 4968 cdfs - ok
18:06:14.0979 4968 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
18:06:15.0026 4968 cdrom - ok
18:06:15.0057 4968 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
18:06:15.0167 4968 CertPropSvc - ok
18:06:15.0213 4968 [ 274CE03459896006F7A5069266E0469E ] cfwids C:\windows\system32\drivers\cfwids.sys
18:06:15.0245 4968 cfwids - ok
18:06:15.0276 4968 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\drivers\circlass.sys
18:06:15.0323 4968 circlass - ok
18:06:15.0354 4968 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
18:06:15.0401 4968 CLFS - ok
18:06:15.0447 4968 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:06:15.0479 4968 clr_optimization_v2.0.50727_32 - ok
18:06:15.0525 4968 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:06:15.0557 4968 clr_optimization_v2.0.50727_64 - ok
18:06:15.0666 4968 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:06:15.0697 4968 clr_optimization_v4.0.30319_32 - ok
18:06:15.0728 4968 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:06:15.0759 4968 clr_optimization_v4.0.30319_64 - ok
18:06:15.0791 4968 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
18:06:15.0884 4968 CmBatt - ok
18:06:15.0900 4968 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
18:06:15.0931 4968 cmdide - ok
18:06:15.0993 4968 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys
18:06:16.0056 4968 CNG - ok
18:06:16.0087 4968 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\drivers\compbatt.sys
18:06:16.0118 4968 Compbatt - ok
18:06:16.0149 4968 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
18:06:16.0243 4968 CompositeBus - ok
18:06:16.0259 4968 COMSysApp - ok
18:06:16.0305 4968 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
18:06:16.0337 4968 crcdisk - ok
18:06:16.0399 4968 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\windows\system32\cryptsvc.dll
18:06:16.0477 4968 CryptSvc - ok
18:06:16.0524 4968 [ BC3D4F90978CD7C8EABD1BAF3BF7873A ] CtClsFlt C:\windows\system32\DRIVERS\CtClsFlt.sys
18:06:16.0586 4968 CtClsFlt - ok
18:06:16.0711 4968 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
18:06:16.0773 4968 cvhsvc - ok
18:06:16.0836 4968 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
18:06:16.0976 4968 DcomLaunch - ok
18:06:17.0023 4968 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
18:06:17.0132 4968 defragsvc - ok
18:06:17.0163 4968 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
18:06:17.0273 4968 DfsC - ok
18:06:17.0319 4968 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
18:06:17.0429 4968 Dhcp - ok
18:06:17.0460 4968 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
18:06:17.0585 4968 discache - ok
18:06:17.0631 4968 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\drivers\disk.sys
18:06:17.0663 4968 Disk - ok
18:06:17.0725 4968 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
18:06:17.0772 4968 Dnscache - ok
18:06:17.0803 4968 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
18:06:17.0912 4968 dot3svc - ok
18:06:17.0975 4968 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\windows\system32\DRIVERS\Dot4.sys
18:06:18.0021 4968 Dot4 - ok
18:06:18.0037 4968 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\windows\system32\DRIVERS\Dot4Prt.sys
18:06:18.0084 4968 Dot4Print - ok
18:06:18.0115 4968 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\windows\system32\DRIVERS\dot4usb.sys
18:06:18.0162 4968 dot4usb - ok
18:06:18.0193 4968 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
18:06:18.0349 4968 DPS - ok
18:06:18.0380 4968 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
18:06:18.0474 4968 drmkaud - ok
18:06:18.0536 4968 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
18:06:18.0599 4968 DXGKrnl - ok
18:06:18.0645 4968 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
18:06:18.0817 4968 EapHost - ok
18:06:18.0926 4968 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\drivers\evbda.sys
18:06:19.0051 4968 ebdrv - ok
18:06:19.0098 4968 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
18:06:19.0191 4968 EFS - ok
18:06:19.0301 4968 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
18:06:19.0394 4968 ehRecvr - ok
18:06:19.0410 4968 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
18:06:19.0457 4968 ehSched - ok
18:06:19.0503 4968 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\drivers\elxstor.sys
18:06:19.0550 4968 elxstor - ok
18:06:19.0581 4968 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
18:06:19.0628 4968 ErrDev - ok
18:06:19.0737 4968 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
18:06:19.0862 4968 EventSystem - ok
18:06:19.0971 4968 [ B20A788579E443F768AAB1A24F705D0A ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
18:06:20.0065 4968 EvtEng - ok
18:06:20.0096 4968 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
18:06:20.0190 4968 exfat - ok
18:06:20.0252 4968 [ 2C1D443E14F376E8331F52F135DCA9EF ] FACAP C:\windows\system32\DRIVERS\facap.sys
18:06:20.0283 4968 FACAP - ok
18:06:20.0346 4968 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
18:06:20.0455 4968 fastfat - ok
18:06:20.0517 4968 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
18:06:20.0595 4968 Fax - ok
18:06:20.0689 4968 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\drivers\fdc.sys
18:06:20.0751 4968 fdc - ok
18:06:20.0767 4968 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
18:06:20.0876 4968 fdPHost - ok
18:06:20.0892 4968 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
18:06:21.0001 4968 FDResPub - ok
18:06:21.0048 4968 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
18:06:21.0079 4968 FileInfo - ok
18:06:21.0095 4968 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
18:06:21.0204 4968 Filetrace - ok
18:06:21.0219 4968 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\drivers\flpydisk.sys
18:06:21.0266 4968 flpydisk - ok
18:06:21.0282 4968 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
18:06:21.0329 4968 FltMgr - ok
18:06:21.0375 4968 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll
18:06:21.0485 4968 FontCache - ok
18:06:21.0547 4968 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:06:21.0578 4968 FontCache3.0.0.0 - ok
18:06:21.0609 4968 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
18:06:21.0641 4968 FsDepends - ok
18:06:21.0703 4968 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
18:06:21.0734 4968 Fs_Rec - ok
18:06:21.0750 4968 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
18:06:21.0812 4968 fvevol - ok
18:06:21.0828 4968 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
18:06:21.0859 4968 gagp30kx - ok
18:06:21.0953 4968 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
18:06:21.0984 4968 GEARAspiWDM - ok
18:06:22.0031 4968 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
18:06:22.0140 4968 gpsvc - ok
18:06:22.0155 4968 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
18:06:22.0218 4968 hcw85cir - ok
18:06:22.0327 4968 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
18:06:22.0389 4968 HdAudAddService - ok
18:06:22.0483 4968 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
18:06:22.0545 4968 HDAudBus - ok
18:06:22.0577 4968 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\drivers\HidBatt.sys
18:06:22.0670 4968 HidBatt - ok
18:06:22.0701 4968 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\drivers\hidbth.sys
18:06:22.0748 4968 HidBth - ok
18:06:22.0795 4968 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\drivers\hidir.sys
18:06:22.0842 4968 HidIr - ok
18:06:22.0873 4968 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll
18:06:22.0982 4968 hidserv - ok
18:06:23.0029 4968 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
18:06:23.0076 4968 HidUsb - ok
18:06:23.0123 4968 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
18:06:23.0232 4968 hkmsvc - ok
18:06:23.0263 4968 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
18:06:23.0341 4968 HomeGroupListener - ok
18:06:23.0403 4968 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
18:06:23.0450 4968 HomeGroupProvider - ok
18:06:23.0497 4968 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
18:06:23.0528 4968 HpSAMD - ok
18:06:23.0606 4968 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
18:06:23.0731 4968 HTTP - ok
18:06:23.0762 4968 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
18:06:23.0793 4968 hwpolicy - ok
18:06:23.0825 4968 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
18:06:23.0856 4968 i8042prt - ok
18:06:23.0887 4968 [ D7921D5A870B11CC1ADAB198A519D50A ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
18:06:23.0934 4968 iaStor - ok
18:06:23.0996 4968 [ 8FFF9083252C16FE3960173722605E9E ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
18:06:24.0012 4968 IAStorDataMgrSvc - ok
18:06:24.0059 4968 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
18:06:24.0105 4968 iaStorV - ok
18:06:24.0199 4968 [ FC47F5CF561BF0FD897EFD1A9604DCCF ] iBtFltCoex C:\windows\system32\DRIVERS\iBtFltCoex.sys
18:06:24.0246 4968 iBtFltCoex - ok
18:06:24.0293 4968 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:06:24.0355 4968 idsvc - ok
18:06:24.0745 4968 [ 174BCAC474DE13B2650E444CF124828E ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
18:06:25.0291 4968 igfx - ok
18:06:25.0338 4968 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\drivers\iirsp.sys
18:06:25.0369 4968 iirsp - ok
18:06:25.0431 4968 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
18:06:25.0556 4968 IKEEXT - ok
18:06:25.0619 4968 [ CADDF0927DAC63EDAE48F5C35A61D87D ] intaud_WaveExtensible C:\windows\system32\drivers\intelaud.sys
18:06:25.0650 4968 intaud_WaveExtensible - ok
18:06:25.0665 4968 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
18:06:25.0697 4968 intelide - ok
18:06:25.0728 4968 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
18:06:25.0775 4968 intelppm - ok
18:06:25.0868 4968 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
18:06:25.0977 4968 IPBusEnum - ok
18:06:26.0009 4968 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
18:06:26.0102 4968 IpFilterDriver - ok
18:06:26.0149 4968 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
18:06:26.0305 4968 iphlpsvc - ok
18:06:26.0321 4968 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
18:06:26.0383 4968 IPMIDRV - ok
18:06:26.0430 4968 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
18:06:26.0586 4968 IPNAT - ok
18:06:26.0664 4968 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
18:06:26.0726 4968 iPod Service - ok
18:06:26.0757 4968 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
18:06:26.0804 4968 IRENUM - ok
18:06:26.0851 4968 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
18:06:26.0882 4968 isapnp - ok
18:06:26.0913 4968 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
18:06:26.0945 4968 iScsiPrt - ok
18:06:26.0991 4968 [ 716F66336F10885D935B08174DC54242 ] iwdbus C:\windows\system32\DRIVERS\iwdbus.sys
18:06:27.0023 4968 iwdbus - ok
18:06:27.0069 4968 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
18:06:27.0101 4968 kbdclass - ok
18:06:27.0116 4968 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
18:06:27.0179 4968 kbdhid - ok
18:06:27.0257 4968 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
18:06:27.0288 4968 KeyIso - ok
18:06:27.0319 4968 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
18:06:27.0350 4968 KSecDD - ok
18:06:27.0381 4968 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
18:06:27.0428 4968 KSecPkg - ok
18:06:27.0428 4968 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
18:06:27.0553 4968 ksthunk - ok
18:06:27.0600 4968 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
18:06:27.0709 4968 KtmRm - ok
18:06:27.0818 4968 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\system32\srvsvc.dll
18:06:27.0927 4968 LanmanServer - ok
18:06:27.0959 4968 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
18:06:28.0068 4968 LanmanWorkstation - ok
18:06:28.0130 4968 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
18:06:28.0239 4968 lltdio - ok
18:06:28.0286 4968 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
18:06:28.0395 4968 lltdsvc - ok
18:06:28.0411 4968 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
18:06:28.0520 4968 lmhosts - ok
18:06:28.0583 4968 [ 0803906D607A9B83184447B75B60ECC2 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
18:06:28.0629 4968 LMS - ok
18:06:28.0661 4968 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
18:06:28.0707 4968 LSI_FC - ok
18:06:28.0754 4968 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
18:06:28.0785 4968 LSI_SAS - ok
18:06:28.0910 4968 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
18:06:28.0941 4968 LSI_SAS2 - ok
18:06:28.0973 4968 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
18:06:29.0004 4968 LSI_SCSI - ok
18:06:29.0019 4968 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
18:06:29.0144 4968 luafv - ok
18:06:29.0285 4968 [ 9504F1DDA1B67FB8D526FD4F8CC882F3 ] McAWFwk c:\PROGRA~1\mcafee\msc\mcawfwk.exe
18:06:29.0331 4968 McAWFwk - ok
18:06:29.0394 4968 [ ACB01BF1A905356AB7F978C7FE852209 ] McMPFSvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
18:06:29.0425 4968 McMPFSvc - ok
18:06:29.0472 4968 [ ACB01BF1A905356AB7F978C7FE852209 ] mcmscsvc C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
18:06:29.0519 4968 mcmscsvc - ok
18:06:29.0534 4968 [ ACB01BF1A905356AB7F978C7FE852209 ] McNaiAnn C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
18:06:29.0565 4968 McNaiAnn - ok
18:06:29.0597 4968 [ ACB01BF1A905356AB7F978C7FE852209 ] McNASvc C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
18:06:29.0628 4968 McNASvc - ok
18:06:29.0753 4968 [ 44D0DA102FA7A1BE22FD7499E80DCF9B ] McODS C:\Program Files\mcafee\VirusScan\mcods.exe
18:06:29.0815 4968 McODS - ok
18:06:29.0862 4968 [ ACB01BF1A905356AB7F978C7FE852209 ] McOobeSv C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
18:06:29.0909 4968 McOobeSv - ok
18:06:29.0924 4968 [ ACB01BF1A905356AB7F978C7FE852209 ] McProxy C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
18:06:29.0955 4968 McProxy - ok
18:06:30.0018 4968 [ E998E3B12101288D716558466CBF6AE1 ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
18:06:30.0049 4968 McShield - ok
18:06:30.0080 4968 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
18:06:30.0127 4968 Mcx2Svc - ok
18:06:30.0174 4968 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\drivers\megasas.sys
18:06:30.0205 4968 megasas - ok
18:06:30.0252 4968 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
18:06:30.0299 4968 MegaSR - ok
18:06:30.0345 4968 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\windows\system32\DRIVERS\HECIx64.sys
18:06:30.0377 4968 MEIx64 - ok
18:06:30.0439 4968 [ 01884CB7655C8908B43FF5E364FE6FD2 ] mfeapfk C:\windows\system32\drivers\mfeapfk.sys
18:06:30.0486 4968 mfeapfk - ok
18:06:30.0533 4968 [ DAB9A9CDFB04E4D68924492AA043019D ] mfeavfk C:\windows\system32\drivers\mfeavfk.sys
18:06:30.0579 4968 mfeavfk - ok
18:06:30.0611 4968 mfeavfk01 - ok
18:06:30.0642 4968 [ B26782C3D6045B4464017D7926877560 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
18:06:30.0673 4968 mfefire - ok
18:06:30.0689 4968 [ CE9A3680675C0907ADE16404CA967B49 ] mfefirek C:\windows\system32\drivers\mfefirek.sys
18:06:30.0751 4968 mfefirek - ok
18:06:30.0829 4968 [ 60CF67458DD29CD17E77F2327B1A9A54 ] mfehidk C:\windows\system32\drivers\mfehidk.sys
18:06:31.0047 4968 mfehidk - ok
18:06:31.0110 4968 [ A8129CFB919347F8533C934B365E9202 ] mfenlfk C:\windows\system32\DRIVERS\mfenlfk.sys
18:06:31.0172 4968 mfenlfk - ok
18:06:31.0203 4968 [ 5041FA2BD2B3A2693B015771BFBF6DCA ] mferkdet C:\windows\system32\drivers\mferkdet.sys
18:06:31.0422 4968 mferkdet - ok
18:06:31.0469 4968 [ 723A5EB6CEF7F408C3D0F15A82A6BFF8 ] mfevtp C:\Windows\system32\mfevtps.exe
18:06:31.0562 4968 mfevtp - ok
18:06:31.0593 4968 [ 919C56DB14A0E1E2AB6DA5D2821DC26E ] mfewfpk C:\windows\system32\drivers\mfewfpk.sys
18:06:31.0640 4968 mfewfpk - ok
18:06:31.0937 4968 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
18:06:31.0999 4968 Microsoft Office Groove Audit Service - ok
18:06:32.0108 4968 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
18:06:32.0233 4968 MMCSS - ok
18:06:32.0264 4968 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
18:06:32.0373 4968 Modem - ok
18:06:32.0405 4968 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
18:06:32.0498 4968 monitor - ok
18:06:32.0529 4968 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
18:06:32.0561 4968 mouclass - ok
18:06:32.0576 4968 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
18:06:32.0685 4968 mouhid - ok
18:06:32.0717 4968 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
18:06:32.0732 4968 mountmgr - ok
18:06:32.0841 4968 [ E8D79312373F254DC13F3965BDB3D521 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:06:32.0857 4968 MozillaMaintenance - ok
18:06:32.0888 4968 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
18:06:32.0919 4968 mpio - ok
18:06:32.0919 4968 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
18:06:32.0997 4968 mpsdrv - ok
18:06:33.0029 4968 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll
18:06:33.0185 4968 MpsSvc - ok
18:06:33.0200 4968 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
18:06:33.0263 4968 MRxDAV - ok
18:06:33.0294 4968 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
18:06:33.0356 4968 mrxsmb - ok
18:06:33.0387 4968 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
18:06:33.0434 4968 mrxsmb10 - ok
18:06:33.0450 4968 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
18:06:33.0497 4968 mrxsmb20 - ok
18:06:33.0497 4968 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\drivers\msahci.sys
18:06:33.0528 4968 msahci - ok
18:06:33.0559 4968 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
18:06:33.0590 4968 msdsm - ok
18:06:33.0621 4968 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
18:06:33.0668 4968 MSDTC - ok
18:06:33.0699 4968 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
18:06:33.0793 4968 Msfs - ok
18:06:33.0809 4968 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
18:06:33.0918 4968 mshidkmdf - ok
18:06:33.0933 4968 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
18:06:33.0965 4968 msisadrv - ok
18:06:33.0996 4968 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
18:06:34.0089 4968 MSiSCSI - ok
18:06:34.0105 4968 msiserver - ok
18:06:34.0136 4968 [ ACB01BF1A905356AB7F978C7FE852209 ] MSK80Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
18:06:34.0167 4968 MSK80Service - ok
18:06:34.0214 4968 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
18:06:34.0308 4968 MSKSSRV - ok
18:06:34.0323 4968 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
18:06:34.0417 4968 MSPCLOCK - ok
18:06:34.0433 4968 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
18:06:34.0557 4968 MSPQM - ok
18:06:34.0589 4968 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
18:06:34.0635 4968 MsRPC - ok
18:06:34.0682 4968 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
18:06:34.0713 4968 mssmbios - ok
18:06:34.0729 4968 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
18:06:34.0838 4968 MSTEE - ok
18:06:34.0854 4968 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\drivers\MTConfig.sys
18:06:34.0885 4968 MTConfig - ok
18:06:34.0901 4968 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
18:06:34.0947 4968 Mup - ok
18:06:34.0979 4968 [ F217D7718FD7577AF331E89910B2D21E ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
18:06:35.0025 4968 MyWiFiDHCPDNS - ok
18:06:35.0072 4968 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
18:06:35.0197 4968 napagent - ok
18:06:35.0244 4968 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
18:06:35.0306 4968 NativeWifiP - ok
18:06:35.0353 4968 [ C38B8AE57F78915905064A9A24DC1586 ] NDIS C:\windows\system32\drivers\ndis.sys
18:06:35.0431 4968 NDIS - ok
18:06:35.0478 4968 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
18:06:35.0587 4968 NdisCap - ok
18:06:35.0618 4968 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
18:06:35.0712 4968 NdisTapi - ok
18:06:35.0727 4968 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
18:06:35.0837 4968 Ndisuio - ok
18:06:35.0868 4968 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
18:06:35.0977 4968 NdisWan - ok
18:06:36.0008 4968 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
18:06:36.0102 4968 NDProxy - ok
18:06:36.0164 4968 [ D5AC41AE382738483FAFFBD7E373D49A ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
18:06:36.0258 4968 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
18:06:36.0258 4968 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
18:06:36.0289 4968 [ 6F4607E2333FE21E9E3FF8133A88B35B ] Netaapl C:\windows\system32\DRIVERS\netaapl64.sys
18:06:36.0351 4968 Netaapl - ok
18:06:36.0383 4968 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
18:06:36.0492 4968 NetBIOS - ok
18:06:36.0539 4968 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
18:06:36.0632 4968 NetBT - ok
18:06:36.0663 4968 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
18:06:36.0695 4968 Netlogon - ok
18:06:36.0726 4968 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
18:06:36.0851 4968 Netman - ok
18:06:36.0882 4968 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:06:36.0913 4968 NetMsmqActivator - ok
18:06:36.0944 4968 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:06:36.0975 4968 NetPipeActivator - ok
18:06:37.0022 4968 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
18:06:37.0147 4968 netprofm - ok
18:06:37.0147 4968 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:06:37.0178 4968 NetTcpActivator - ok
18:06:37.0194 4968 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:06:37.0225 4968 NetTcpPortSharing - ok
18:06:37.0475 4968 [ 9FD1BE1881446D954FF77244AE58FBCB ] NETwNs64 C:\windows\system32\DRIVERS\NETwNs64.sys
18:06:37.0849 4968 NETwNs64 - ok
18:06:37.0911 4968 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
18:06:37.0958 4968 nfrd960 - ok
18:06:37.0989 4968 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\windows\System32\nlasvc.dll
18:06:38.0145 4968 NlaSvc - ok
18:06:38.0348 4968 [ B9B72FAAAA41D59B73B88FE3DD737ED1 ] NOBU C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
18:06:38.0489 4968 NOBU - ok
18:06:38.0520 4968 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
18:06:38.0613 4968 Npfs - ok
18:06:38.0660 4968 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
18:06:38.0816 4968 nsi - ok
18:06:38.0847 4968 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
18:06:38.0941 4968 nsiproxy - ok
18:06:38.0988 4968 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
18:06:39.0097 4968 Ntfs - ok
18:06:39.0113 4968 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
18:06:39.0206 4968 Null - ok
18:06:39.0331 4968 [ F2662FDC20518EE8A8EED4F61BA42349 ] NVHDA C:\windows\system32\drivers\nvhda64v.sys
18:06:39.0362 4968 NVHDA - ok
18:06:39.0752 4968 [ 573B0941A37AEBEE96085D56A103F57B ] nvlddmkm C:\windows\system32\DRIVERS\nvlddmkm.sys
18:06:40.0376 4968 nvlddmkm - ok
18:06:40.0423 4968 [ 43AF7EBEAC2AB623468E32CADDCB61A4 ] nvpciflt C:\windows\system32\DRIVERS\nvpciflt.sys
18:06:40.0454 4968 nvpciflt - ok
18:06:40.0485 4968 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
18:06:40.0517 4968 nvraid - ok
18:06:40.0548 4968 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
18:06:40.0579 4968 nvstor - ok
18:06:40.0704 4968 [ C500760572C6059918FB0C960967695B ] NVSvc C:\windows\system32\nvvsvc.exe
18:06:40.0782 4968 NVSvc - ok
18:06:40.0891 4968 [ F28169A7ADF7B41809CF92D369E744F0 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
18:06:41.0000 4968 nvUpdatusService - ok
18:06:41.0063 4968 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
18:06:41.0094 4968 nv_agp - ok
18:06:41.0187 4968 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:06:41.0234 4968 odserv - ok
18:06:41.0265 4968 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
18:06:41.0297 4968 ohci1394 - ok
18:06:41.0359 4968 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:06:41.0390 4968 ose - ok
18:06:41.0593 4968 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:06:41.0858 4968 osppsvc - ok
18:06:41.0921 4968 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
18:06:42.0045 4968 p2pimsvc - ok
18:06:42.0077 4968 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
18:06:42.0123 4968 p2psvc - ok
18:06:42.0139 4968 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\drivers\parport.sys
18:06:42.0186 4968 Parport - ok
18:06:42.0217 4968 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
18:06:42.0248 4968 partmgr - ok
18:06:42.0264 4968 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
18:06:42.0326 4968 PcaSvc - ok
18:06:42.0342 4968 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
18:06:42.0389 4968 pci - ok
18:06:42.0420 4968 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\drivers\pciide.sys
18:06:42.0451 4968 pciide - ok
18:06:42.0467 4968 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\drivers\pcmcia.sys
18:06:42.0513 4968 pcmcia - ok
18:06:42.0513 4968 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
18:06:42.0560 4968 pcw - ok
18:06:42.0591 4968 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
18:06:42.0716 4968 PEAUTH - ok
18:06:42.0825 4968 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
18:06:42.0872 4968 PerfHost - ok
18:06:42.0950 4968 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
18:06:43.0091 4968 pla - ok
18:06:43.0231 4968 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
18:06:43.0325 4968 PlugPlay - ok
18:06:43.0371 4968 [ 37F6046CDC630442D7DC087501FF6FC6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
18:06:43.0403 4968 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
18:06:43.0403 4968 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
18:06:43.0434 4968 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
18:06:43.0481 4968 PNRPAutoReg - ok
18:06:43.0496 4968 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
18:06:43.0543 4968 PNRPsvc - ok
18:06:43.0590 4968 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
18:06:43.0699 4968 PolicyAgent - ok
18:06:43.0746 4968 [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power C:\windows\system32\umpo.dll
18:06:43.0824 4968 Power - ok
18:06:43.0855 4968 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
18:06:43.0964 4968 PptpMiniport - ok
18:06:43.0995 4968 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\drivers\processr.sys
18:06:44.0042 4968 Processor - ok
18:06:44.0073 4968 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
18:06:44.0167 4968 ProfSvc - ok
18:06:44.0198 4968 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
18:06:44.0245 4968 ProtectedStorage - ok
18:06:44.0261 4968 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
18:06:44.0370 4968 Psched - ok
18:06:44.0432 4968 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\windows\system32\Drivers\PxHlpa64.sys
18:06:44.0463 4968 PxHlpa64 - ok
18:06:44.0526 4968 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\drivers\ql2300.sys
18:06:44.0619 4968 ql2300 - ok
18:06:44.0635 4968 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\drivers\ql40xx.sys
18:06:44.0682 4968 ql40xx - ok
18:06:44.0713 4968 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
18:06:44.0760 4968 QWAVE - ok
18:06:44.0791 4968 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
18:06:44.0853 4968 QWAVEdrv - ok
18:06:44.0869 4968 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
18:06:44.0963 4968 RasAcd - ok
18:06:45.0009 4968 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
18:06:45.0103 4968 RasAgileVpn - ok
18:06:45.0134 4968 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
18:06:45.0243 4968 RasAuto - ok
18:06:45.0259 4968 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
18:06:45.0368 4968 Rasl2tp - ok
18:06:45.0415 4968 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
18:06:45.0509 4968 RasMan - ok
18:06:45.0524 4968 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
18:06:45.0633 4968 RasPppoe - ok
18:06:45.0665 4968 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
18:06:45.0774 4968 RasSstp - ok
18:06:45.0805 4968 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
18:06:45.0914 4968 rdbss - ok
18:06:45.0930 4968 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\drivers\rdpbus.sys
18:06:46.0039 4968 rdpbus - ok
18:06:46.0070 4968 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
18:06:46.0164 4968 RDPCDD - ok
18:06:46.0164 4968 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
18:06:46.0289 4968 RDPENCDD - ok
18:06:46.0289 4968 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
18:06:46.0398 4968 RDPREFMP - ok
18:06:46.0445 4968 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
18:06:46.0491 4968 RDPWD - ok
18:06:46.0538 4968 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
18:06:46.0569 4968 rdyboost - ok
18:06:46.0663 4968 [ B9A0810D16EA7935B10A5499ABA61DC3 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
18:06:46.0710 4968 RegSrvc - ok
18:06:46.0741 4968 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
18:06:46.0881 4968 RemoteAccess - ok
18:06:47.0037 4968 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
18:06:47.0459 4968 RemoteRegistry - ok
18:06:47.0599 4968 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
18:06:47.0739 4968 RFCOMM - ok
18:06:48.0145 4968 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
18:06:48.0270 4968 RpcEptMapper - ok
18:06:48.0317 4968 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
18:06:48.0348 4968 RpcLocator - ok
18:06:48.0395 4968 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
18:06:48.0488 4968 RpcSs - ok
18:06:48.0566 4968 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
18:06:48.0613 4968 rspndr - ok
18:06:48.0987 4968 [ BE29B0A3AC1E8BD02FFAB8CEE86BADFA ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys
18:06:49.0003 4968 RSUSBSTOR - ok
18:06:49.0081 4968 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
18:06:49.0112 4968 RTL8167 - ok
18:06:49.0143 4968 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
18:06:49.0159 4968 SamSs - ok
18:06:49.0190 4968 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
18:06:49.0221 4968 sbp2port - ok
18:06:49.0253 4968 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
18:06:49.0315 4968 SCardSvr - ok
18:06:49.0331 4968 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
18:06:49.0393 4968 scfilter - ok
18:06:49.0424 4968 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
18:06:49.0533 4968 Schedule - ok
18:06:49.0580 4968 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
18:06:49.0674 4968 SCPolicySvc - ok
18:06:49.0689 4968 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
18:06:49.0783 4968 SDRSVC - ok
18:06:49.0814 4968 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
18:06:49.0970 4968 secdrv - ok
18:06:49.0986 4968 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
18:06:50.0079 4968 seclogon - ok
18:06:50.0126 4968 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll
18:06:50.0220 4968 SENS - ok
18:06:50.0251 4968 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
18:06:50.0329 4968 SensrSvc - ok
18:06:50.0376 4968 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\drivers\serenum.sys
18:06:50.0438 4968 Serenum - ok
18:06:50.0469 4968 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\drivers\serial.sys
18:06:50.0579 4968 Serial - ok
18:06:50.0610 4968 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\drivers\sermouse.sys
18:06:50.0657 4968 sermouse - ok
18:06:50.0703 4968 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
18:06:50.0813 4968 SessionEnv - ok
18:06:50.0828 4968 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
18:06:50.0891 4968 sffdisk - ok
18:06:50.0891 4968 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
18:06:50.0953 4968 sffp_mmc - ok
18:06:50.0969 4968 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
18:06:51.0015 4968 sffp_sd - ok
18:06:51.0031 4968 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
18:06:51.0078 4968 sfloppy - ok
18:06:51.0156 4968 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\windows\system32\DRIVERS\Sftfslh.sys
18:06:51.0203 4968 Sftfs - ok
18:06:51.0281 4968 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
18:06:51.0327 4968 sftlist - ok
18:06:51.0374 4968 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\windows\system32\DRIVERS\Sftplaylh.sys
18:06:51.0405 4968 Sftplay - ok
18:06:51.0421 4968 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\windows\system32\DRIVERS\Sftredirlh.sys
18:06:51.0452 4968 Sftredir - ok
18:06:51.0546 4968 [ 74EC60E20516AAA573BE74F31175270F ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
18:06:51.0639 4968 SftService - ok
18:06:51.0655 4968 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\windows\system32\DRIVERS\Sftvollh.sys
18:06:51.0686 4968 Sftvol - ok
18:06:51.0733 4968 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
18:06:51.0764 4968 sftvsa - ok
18:06:51.0795 4968 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
18:06:51.0905 4968 SharedAccess - ok
18:06:51.0951 4968 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
18:06:52.0076 4968 ShellHWDetection - ok
18:06:52.0107 4968 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
18:06:52.0139 4968 SiSRaid2 - ok
18:06:52.0185 4968 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
18:06:52.0217 4968 SiSRaid4 - ok
18:06:52.0295 4968 [ EA396139541706B4B433641D62EA53CE ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
18:06:52.0326 4968 SkypeUpdate - ok
18:06:52.0388 4968 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
18:06:52.0482 4968 Smb - ok
18:06:52.0544 4968 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
18:06:52.0591 4968 SNMPTRAP - ok
18:06:52.0622 4968 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
18:06:52.0653 4968 spldr - ok
18:06:52.0700 4968 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe
18:06:52.0778 4968 Spooler - ok
18:06:52.0887 4968 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
18:06:53.0090 4968 sppsvc - ok
18:06:53.0137 4968 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
18:06:53.0231 4968 sppuinotify - ok
18:06:53.0309 4968 [ 3F1292E8ABF33070BF5A3838D85DF121 ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
18:06:53.0340 4968 SQLWriter - ok
18:06:53.0387 4968 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
18:06:53.0465 4968 srv - ok
18:06:53.0480 4968 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
18:06:53.0527 4968 srv2 - ok
18:06:53.0543 4968 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
18:06:53.0574 4968 srvnet - ok
18:06:53.0636 4968 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
18:06:53.0745 4968 SSDPSRV - ok
18:06:53.0761 4968 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
18:06:53.0870 4968 SstpSvc - ok
18:06:53.0917 4968 [ B2D8B364A831427A5741F6C408FA8AE3 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
18:06:53.0979 4968 STacSV - ok
18:06:54.0042 4968 [ 0683504BBB3FFC0A73D9D217B63DD0E0 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
18:06:54.0073 4968 Stereo Service - ok
18:06:54.0120 4968 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\drivers\stexstor.sys
18:06:54.0151 4968 stexstor - ok
18:06:54.0198 4968 [ EF5ACDE92BA3F691BBFEF781CB063501 ] STHDA C:\windows\system32\DRIVERS\stwrt64.sys
18:06:54.0260 4968 STHDA - ok
18:06:54.0323 4968 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\windows\system32\DRIVERS\serscan.sys
18:06:54.0354 4968 StillCam - ok
18:06:54.0432 4968 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
18:06:54.0494 4968 stisvc - ok
18:06:54.0525 4968 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\DRIVERS\swenum.sys
18:06:54.0557 4968 swenum - ok
18:06:54.0681 4968 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
18:06:54.0728 4968 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
18:06:54.0728 4968 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
18:06:54.0775 4968 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
18:06:54.0931 4968 swprv - ok
18:06:54.0993 4968 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
18:06:55.0103 4968 SysMain - ok
18:06:55.0134 4968 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
18:06:55.0259 4968 TabletInputService - ok
18:06:55.0290 4968 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
18:06:55.0399 4968 TapiSrv - ok
18:06:55.0446 4968 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
18:06:55.0539 4968 TBS - ok
18:06:55.0617 4968 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\windows\system32\drivers\tcpip.sys
18:06:55.0742 4968 Tcpip - ok
18:06:55.0789 4968 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
18:06:55.0898 4968 TCPIP6 - ok
18:06:55.0929 4968 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
18:06:56.0039 4968 tcpipreg - ok
18:06:56.0054 4968 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
18:06:56.0117 4968 TDPIPE - ok
18:06:56.0163 4968 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
18:06:56.0210 4968 TDTCP - ok
18:06:56.0226 4968 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
18:06:56.0319 4968 tdx - ok
18:06:56.0335 4968 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\DRIVERS\termdd.sys
18:06:56.0366 4968 TermDD - ok
18:06:56.0429 4968 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
18:06:56.0569 4968 TermService - ok
18:06:56.0600 4968 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
18:06:56.0647 4968 Themes - ok
18:06:56.0678 4968 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
18:06:56.0787 4968 THREADORDER - ok
18:06:56.0834 4968 [ 68FE3D89829E27D4FD5EEA7BD2C41985 ] tihub3 C:\windows\system32\DRIVERS\tihub3.sys
18:06:56.0865 4968 tihub3 - ok
18:06:56.0897 4968 [ 0102C9633CE1F18A6AC021F28B734DB5 ] tixhci C:\windows\system32\DRIVERS\tixhci.sys
18:06:56.0943 4968 tixhci - ok
18:06:56.0975 4968 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
18:06:57.0099 4968 TrkWks - ok
18:06:57.0162 4968 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
18:06:57.0333 4968 TrustedInstaller - ok
18:06:57.0365 4968 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
18:06:57.0474 4968 tssecsrv - ok
18:06:57.0521 4968 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
18:06:57.0583 4968 TsUsbFlt - ok
18:06:57.0630 4968 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
18:06:57.0661 4968 TsUsbGD - ok
18:06:57.0770 4968 [ 8D4CC6A5C51ACB30F801F78F694C7EA5 ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
18:06:57.0879 4968 TuneUp.UtilitiesSvc - ok
18:06:57.0926 4968 [ DCC94C51D27C7EC0DADECA8F64C94FCF ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys
18:06:57.0957 4968 TuneUpUtilitiesDrv - ok
18:06:58.0035 4968 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
18:06:58.0145 4968 tunnel - ok
18:06:58.0191 4968 [ FD24F98D2898BE093FE926604BE7DB99 ] TurboB C:\windows\system32\DRIVERS\TurboB.sys
18:06:58.0223 4968 TurboB - ok
18:06:58.0285 4968 [ 600B406A04D90F577FEA8A88D7379F08 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
18:06:58.0316 4968 TurboBoost - ok
18:06:58.0347 4968 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\drivers\uagp35.sys
18:06:58.0379 4968 uagp35 - ok
18:06:58.0394 4968 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
18:06:58.0519 4968 udfs - ok
18:06:58.0566 4968 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
18:06:58.0597 4968 UI0Detect - ok
18:06:58.0644 4968 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
18:06:58.0675 4968 uliagpkx - ok
18:06:58.0691 4968 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys
18:06:58.0753 4968 umbus - ok
18:06:58.0784 4968 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\drivers\umpass.sys
18:06:58.0831 4968 UmPass - ok
18:06:59.0003 4968 [ EB79C6C91A99930015EF29AE7FA802D1 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
18:06:59.0127 4968 UNS - ok
18:06:59.0159 4968 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
18:06:59.0283 4968 upnphost - ok
18:06:59.0346 4968 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys
18:06:59.0455 4968 USBAAPL64 - ok
18:06:59.0502 4968 [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
18:06:59.0611 4968 usbccgp - ok
18:06:59.0642 4968 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
18:06:59.0689 4968 usbcir - ok
18:06:59.0720 4968 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
18:06:59.0767 4968 usbehci - ok
18:06:59.0798 4968 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
18:06:59.0861 4968 usbhub - ok
18:06:59.0876 4968 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\drivers\usbohci.sys
18:06:59.0907 4968 usbohci - ok
18:06:59.0954 4968 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
18:07:00.0063 4968 usbprint - ok
18:07:00.0095 4968 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
18:07:00.0141 4968 usbscan - ok
18:07:00.0173 4968 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
18:07:00.0235 4968 USBSTOR - ok
18:07:00.0266 4968 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys
18:07:00.0313 4968 usbuhci - ok
18:07:00.0360 4968 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
18:07:00.0407 4968 usbvideo - ok
18:07:00.0422 4968 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
18:07:00.0594 4968 UxSms - ok
18:07:00.0625 4968 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
18:07:00.0656 4968 VaultSvc - ok
18:07:00.0687 4968 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
18:07:00.0719 4968 vdrvroot - ok
18:07:00.0765 4968 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
18:07:00.0890 4968 vds - ok
18:07:00.0921 4968 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
18:07:00.0968 4968 vga - ok
18:07:00.0999 4968 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
18:07:01.0093 4968 VgaSave - ok
18:07:01.0124 4968 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
18:07:01.0171 4968 vhdmp - ok
18:07:01.0171 4968 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
18:07:01.0202 4968 viaide - ok
18:07:01.0249 4968 [ A886FA72EED1164D91527387DBEE2E02 ] visctap0901 C:\windows\system32\DRIVERS\visctap0901.sys
18:07:01.0280 4968 visctap0901 - ok
18:07:01.0327 4968 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
18:07:01.0358 4968 volmgr - ok
18:07:01.0374 4968 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
18:07:01.0421 4968 volmgrx - ok
18:07:01.0452 4968 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\windows\system32\drivers\volsnap.sys
18:07:01.0483 4968 volsnap - ok
18:07:01.0514 4968 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\drivers\vsmraid.sys
18:07:01.0561 4968 vsmraid - ok
18:07:01.0623 4968 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
18:07:01.0779 4968 VSS - ok
18:07:01.0795 4968 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
18:07:01.0842 4968 vwifibus - ok
18:07:01.0935 4968 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
18:07:01.0982 4968 vwififlt - ok
18:07:01.0998 4968 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
18:07:02.0045 4968 vwifimp - ok
18:07:02.0091 4968 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
18:07:02.0201 4968 W32Time - ok
18:07:02.0232 4968 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\drivers\wacompen.sys
18:07:02.0279 4968 WacomPen - ok
18:07:02.0357 4968 [ C8E546516E0BF477DB2AFC46B1065786 ] wampapache c:\wamp\bin\apache\apache2.4.2\bin\httpd.exe
18:07:02.0419 4968 wampapache ( UnsignedFile.Multi.Generic ) - warning
18:07:02.0419 4968 wampapache - detected UnsignedFile.Multi.Generic (1)
18:07:02.0481 4968 wampmysqld - ok
18:07:02.0544 4968 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
18:07:02.0684 4968 WANARP - ok
18:07:02.0700 4968 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
18:07:02.0793 4968 Wanarpv6 - ok
18:07:02.0887 4968 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
18:07:02.0965 4968 WatAdminSvc - ok
18:07:03.0027 4968 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
18:07:03.0152 4968 wbengine - ok
18:07:03.0230 4968 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
18:07:03.0277 4968 WbioSrvc - ok
18:07:03.0308 4968 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
18:07:03.0386 4968 wcncsvc - ok
18:07:03.0417 4968 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
18:07:03.0480 4968 WcsPlugInService - ok
18:07:03.0527 4968 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\drivers\wd.sys
18:07:03.0558 4968 Wd - ok
18:07:03.0589 4968 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
18:07:03.0651 4968 Wdf01000 - ok
18:07:03.0683 4968 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
18:07:03.0807 4968 WdiServiceHost - ok
18:07:03.0807 4968 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
18:07:03.0870 4968 WdiSystemHost - ok
18:07:03.0901 4968 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
18:07:03.0979 4968 WebClient - ok
18:07:04.0010 4968 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
18:07:04.0119 4968 Wecsvc - ok
18:07:04.0135 4968 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
18:07:04.0244 4968 wercplsupport - ok
18:07:04.0275 4968 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
18:07:04.0385 4968 WerSvc - ok
18:07:04.0416 4968 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
18:07:04.0509 4968 WfpLwf - ok
18:07:04.0525 4968 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\windows\system32\DRIVERS\wimfltr.sys
18:07:04.0572 4968 WimFltr - ok
18:07:04.0603 4968 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
18:07:04.0634 4968 WIMMount - ok
18:07:04.0650 4968 WinDefend - ok
18:07:04.0743 4968 WinHttpAutoProxySvc - ok
18:07:04.0821 4968 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
18:07:04.0915 4968 Winmgmt - ok
18:07:04.0993 4968 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
18:07:05.0149 4968 WinRM - ok
18:07:05.0227 4968 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
18:07:05.0274 4968 WinUsb - ok
18:07:05.0399 4968 [ BCDCA2C65A685E54C5F9F7EE769A3CE0 ] WiTopiaService C:\Program Files\WiTopia\WiTopiaService.exe
18:07:05.0430 4968 WiTopiaService - ok
18:07:05.0477 4968 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
18:07:05.0570 4968 Wlansvc - ok
18:07:05.0617 4968 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
18:07:05.0648 4968 wlcrasvc - ok
18:07:05.0835 4968 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:07:05.0960 4968 wlidsvc - ok
18:07:05.0991 4968 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\DRIVERS\wmiacpi.sys
18:07:06.0101 4968 WmiAcpi - ok
18:07:06.0132 4968 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
18:07:06.0194 4968 wmiApSrv - ok
18:07:06.0272 4968 WMPNetworkSvc - ok
18:07:06.0303 4968 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
18:07:06.0350 4968 WPCSvc - ok
18:07:06.0366 4968 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
18:07:06.0413 4968 WPDBusEnum - ok
18:07:06.0459 4968 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
18:07:06.0553 4968 ws2ifsl - ok
18:07:06.0569 4968 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\System32\wscsvc.dll
18:07:06.0647 4968 wscsvc - ok
18:07:06.0647 4968 WSearch - ok
18:07:06.0740 4968 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
18:07:06.0865 4968 wuauserv - ok
18:07:06.0896 4968 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\windows\system32\drivers\WudfPf.sys
18:07:06.0990 4968 WudfPf - ok
18:07:07.0037 4968 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
18:07:07.0161 4968 WUDFRd - ok
18:07:07.0193 4968 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\windows\System32\WUDFSvc.dll
18:07:07.0286 4968 wudfsvc - ok
18:07:07.0317 4968 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
18:07:07.0395 4968 WwanSvc - ok
18:07:07.0458 4968 ================ Scan global ===============================
18:07:07.0505 4968 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
18:07:07.0536 4968 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\windows\system32\winsrv.dll
18:07:07.0551 4968 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\windows\system32\winsrv.dll
18:07:07.0598 4968 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
18:07:07.0645 4968 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
18:07:07.0645 4968 [Global] - ok
18:07:07.0645 4968 ================ Scan MBR ==================================
18:07:07.0661 4968 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:07:08.0035 4968 \Device\Harddisk0\DR0 - ok
18:07:08.0035 4968 ================ Scan VBR ==================================
18:07:08.0035 4968 [ B4A651EA79A9998884DA67ECFFB5E2E7 ] \Device\Harddisk0\DR0\Partition1
18:07:08.0051 4968 \Device\Harddisk0\DR0\Partition1 - ok
18:07:08.0082 4968 [ 71CCB192E8F0C77BE4F7C14C9FAACED1 ] \Device\Harddisk0\DR0\Partition2
18:07:08.0082 4968 \Device\Harddisk0\DR0\Partition2 - ok
18:07:08.0097 4968 [ A0E1C259565AE1E1DF6F1A5F3E9DBE31 ] \Device\Harddisk0\DR0\Partition3
18:07:08.0113 4968 \Device\Harddisk0\DR0\Partition3 - ok
18:07:08.0113 4968 ============================================================
18:07:08.0113 4968 Scan finished
18:07:08.0113 4968 ============================================================
18:07:08.0129 1592 Detected object count: 7
18:07:08.0129 1592 Actual detected object count: 7
18:07:57.0019 1592 Bluetooth Device Monitor ( UnsignedFile.Multi.Generic ) - skipped by user
18:07:57.0019 1592 Bluetooth Device Monitor ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:07:57.0019 1592 Bluetooth Media Service ( UnsignedFile.Multi.Generic ) - skipped by user
18:07:57.0019 1592 Bluetooth Media Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:07:57.0019 1592 Bluetooth OBEX Service ( UnsignedFile.Multi.Generic ) - skipped by user
18:07:57.0019 1592 Bluetooth OBEX Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:07:57.0019 1592 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
18:07:57.0019 1592 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:07:57.0019 1592 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
18:07:57.0019 1592 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:07:57.0035 1592 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
18:07:57.0035 1592 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:07:57.0035 1592 wampapache ( UnsignedFile.Multi.Generic ) - skipped by user
18:07:57.0035 1592 wampapache ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:08:04.0538 2688 Deinitialize success





GMER log:

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-08-29 18:40:04
Windows 6.1.7601 Service Pack 1
Running: 737uk422.exe


---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0015007f6c3b
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\4ceb4204d3d1
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\c0cb38d054a8
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0015007f6c3b (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\4ceb4204d3d1 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\c0cb38d054a8 (not active ControlSet)

---- Files - GMER 1.0.15 ----

File Q:\CPA Campaigns 0 bytes
File Q:\CPA Campaigns\Adwords - Robotboom 0 bytes
File Q:\CPA Campaigns\Adwords - Robotboom\Keywords 0 bytes
File Q:\CPA Campaigns\Adwords - Robotboom\Keywords\Keyword list 0 bytes
File Q:\CPA Campaigns\Adwords - Robotboom\Keywords\Keyword list\Master List.txt 23398 bytes
File Q:\CPA Campaigns\Adwords - Robotboom\Keywords\Seed Keywords Used - Only show ideas tick box 0 bytes
File Q:\CPA Campaigns\Adwords - Robotboom\Keywords\Seed Keywords Used - Only show ideas tick box\Seed Keywords Used (1).txt 861 bytes
File Q:\CPA Campaigns\Adwords - Robotboom\Keywords\Seed Keywords Used - Only show ideas tick box\Seed Keywords Used (2).txt 0 bytes
File Q:\CPA Campaigns\Adwords - Robotboom\Placements 0 bytes
File Q:\CPA Campaigns\Adwords - Robotboom\Placements\Domains Used on Mixrank 0 bytes
File Q:\CPA Campaigns\Adwords - Robotboom\Placements\Domains Used on Mixrank\Derived from Mixrank.txt 107 bytes
File Q:\CPA Campaigns\Adwords - Robotboom\Placements\Master Placement List 0 bytes
File Q:\CPA Campaigns\Adwords - Robotboom\Placements\Master Placement List\Master List.xlsx 111094 bytes
File Q:\CPA Campaigns\Adwords - Robotboom\Swf Creatives 0 bytes
File Q:\CPA Campaigns\Adwords - Robotboom\Swf Creatives\120x600 0 bytes
File Q:\CPA Campaigns\Adwords - Robotboom\Swf Creatives\120x600\120x600 (1).swf 18341 bytes
File Q:\CPA Campaigns\Adwords - Robotboom\Swf Creatives\120x600\120x600 (2).swf 16822 bytes
File Q:\CPA Campaigns\Adwords - Robotboom\Swf Creatives\120x600\120x600 (3).swf 19879 bytes
File Q:\CPA Campaigns\Adwords - Robotboom\Swf Creatives\120x600\120x600 (4).swf 14412 bytes
File Q:\CPA Campaigns\Adwords - Robotboom\Swf Creatives\160x600 0 bytes
File Q:\CPA Campaigns\Adwords - Robotboom\Swf Creatives\160x600\160x600 (1).swf 21962 bytes
File Q:\CPA Campaigns\Adwords - Robotboom\Swf Creatives\160x600\160x600 (2).swf 18687 bytes
File Q:\CPA Campaigns\Adwords - Robotboom\Swf Creatives\160x600\160x600 (3).swf 18865 bytes
File Q:\CPA Campaigns\Adwords - Robotboom\Swf Creatives\160x600\160x600 (4).swf 16593 bytes
File Q:\CPA Campaigns\Adwords - Robotboom\Swf Creatives\200x200 0 bytes
File Q:\CPA Campaigns\Adwords - Robotboom\Swf Creatives\200x200\200x200.swf 20424 bytes
File Q:\CPA Campaigns\Adwords - Robotboom\Swf Creatives\250x250 0 bytes
File Q:\CPA Campaigns\Adwords - Robotboom\Swf Creatives\250x250\250x250.swf 20689 bytes
File Q:\CPA Campaigns\Adwords - Robotboom\Swf Creatives\300x250 0 bytes
File Q:\CPA Campaigns\Adwords - Robotboom\Swf Creatives\300x250\300x250 (1).swf 21656 bytes
File Q:\CPA Campaigns\Adwords - Robotboom\Swf Creatives\300x250\300x250 (2).swf 16292 bytes
File Q:\CPA Campaigns\Adwords - Robotboom\Swf Creatives\300x250\300x250 (3).swf 24371 bytes
File Q:\CPA Campaigns\Adwords - Robotboom\Swf Creatives\300x250\300x250 (4).swf 25344 bytes
File Q:\CPA Campaigns\Adwords - Robotboom\Swf Creatives\336x280 0 bytes
File Q:\CPA Campaigns\Adwords - Robotboom\Swf Creatives\336x280\336x280 (1).swf 16299 bytes
File Q:\CPA Campaigns\Adwords - Robotboom\Swf Creatives\336x280\336x280 (2).swf 29405 bytes
File Q:\CPA Campaigns\Adwords - Robotboom\Swf Creatives\336x280\336x280 (3).swf 30285 bytes
File Q:\CPA Campaigns\Adwords - Robotboom\Swf Creatives\336x280\336x280 (4).swf 26657 bytes
File Q:\CPA Campaigns\Adwords - Robotboom\Swf Creatives\468x60 0 bytes
File Q:\CPA Campaigns\Adwords - Robotboom\Swf Creatives\468x60\468x60 (1).swf 12998 bytes
File Q:\CPA Campaigns\Adwords - Robotboom\Swf Creatives\468x60\468x60 (2).swf 14967 bytes
File Q:\CPA Campaigns\Adwords - Robotboom\Swf Creatives\468x60\468x60 (3).swf 12422 bytes
File Q:\CPA Campaigns\Adwords - Robotboom\Swf Creatives\468x60\468x60 (4).swf 15219 bytes
File Q:\CPA Campaigns\Adwords - Robotboom\Swf Creatives\728x90 0 bytes
File Q:\CPA Campaigns\Adwords - Robotboom\Swf Creatives\728x90\728x90 (1).swf 26120 bytes
File Q:\CPA Campaigns\Adwords - Robotboom\Swf Creatives\728x90\728x90 (2).swf 19549 bytes
File Q:\CPA Campaigns\Adwords - Robotboom\Swf Creatives\728x90\728x90 (3).swf 29082 bytes
File Q:\CPA Campaigns\Adwords - Robotboom\Swf Creatives\728x90\728x90 (4).swf 16575 bytes
File Q:\CPA Campaigns\Adwords Campaigns 0 bytes
File Q:\CPA Campaigns\Adwords Campaigns\Robotboom - MY 0 bytes
File Q:\CPA Campaigns\Adwords Campaigns\Robotboom - MY\Keywords Used to Get Keyword Ideas on Adwords.txt 312 bytes
File Q:\CPA Campaigns\Leadimpact 0 bytes
File Q:\CPA Campaigns\Leadimpact\Online Games - MMORPG 0 bytes
File Q:\CPA Campaigns\Leadimpact\Online Games - MMORPG\Adsimilis - 2824 - Martial Empires - DE 0 bytes
File Q:\CPA Campaigns\Leadimpact\Online Games - MMORPG\Adsimilis - 2824 - Martial Empires - DE\Google Adplanner 0 bytes
File Q:\CPA Campaigns\Leadimpact\Online Games - MMORPG\Adsimilis - 2824 - Martial Empires - DE\Google Adplanner\Google Adplanner - 1.csv 8422 bytes
File Q:\CPA Campaigns\Leadimpact\Online Games - MMORPG\Adsimilis - 2824 - Martial Empires - DE\Google Adplanner\Google Adplanner - 1.txt 125 bytes
File Q:\CPA Campaigns\Leadimpact\Online Games - MMORPG\Adsimilis - 2824 - Martial Empires - DE\Google.de Organic Search - Seed Keyword = MMORPG.txt 176 bytes
File Q:\CPA Campaigns\Leadimpact\Online Games - MMORPG\Adsimilis - 2824 - Martial Empires - DE\Google.de Paid Search - Seed Keyword = MMORPG.txt 1397 bytes
File Q:\CPA Campaigns\Leadimpact\Online Games - MMORPG\Adsimilis - 2824 - Martial Empires - DE\Master List.xlsx 131587 bytes
File Q:\CPA Campaigns\Leadimpact\Online Games - MMORPG\Adsimilis - 2824 - Martial Empires - DE\Mixrank - By Keyword = MMORPG 0 bytes
File Q:\CPA Campaigns\Leadimpact\Online Games - MMORPG\Adsimilis - 2824 - Martial Empires - DE\Mixrank - By Keyword = MMORPG\adsense-banner-101944-destinations.csv 143 bytes
File Q:\CPA Campaigns\Leadimpact\Online Games - MMORPG\Adsimilis - 2824 - Martial Empires - DE\Mixrank - By Keyword = MMORPG\adsense-banner-144413-destinations.csv 431 bytes
File Q:\CPA Campaigns\Leadimpact\Online Games - MMORPG\Adsimilis - 2824 - Martial Empires - DE\Mixrank - By Keyword = MMORPG\adsense-banner-1563454-destinations.csv 13400 bytes
File Q:\CPA Campaigns\Leadimpact\Online Games - MMORPG\Adsimilis - 2824 - Martial Empires - DE\Mixrank - By Keyword = MMORPG\adsense-banner-1563454-publishers.csv 228603 bytes
File Q:\CPA Campaigns\Leadimpact\Online Games - MMORPG\Adsimilis - 2824 - Martial Empires - DE\Mixrank - By Keyword = MMORPG\adsense-banner-2564317-destinations.csv 838 bytes
File Q:\CPA Campaigns\Leadimpact\Online Games - MMORPG\Adsimilis - 2824 - Martial Empires - DE\Mixrank - By Keyword = MMORPG\adsense-banner-3235766-destinations.csv 138 bytes
File Q:\CPA Campaigns\Leadimpact\Online Games - MMORPG\Adsimilis - 2824 - Martial Empires - DE\Mixrank - By Keyword = MMORPG\adsense-banner-3235766-publishers.csv 52294 bytes
File Q:\CPA Campaigns\Leadimpact\Online Games - MMORPG\Adsimilis - 2824 - Martial Empires - DE\Mixrank - By Keyword = MMORPG\adsense-banner-613-destinations.csv 382 bytes
File Q:\CPA Campaigns\Leadimpact\Online Games - MMORPG\Adsimilis - 2824 - Martial Empires - DE\Mixrank - By Keyword = MMORPG\adsense-banner-613-publishers.csv 259748 bytes
File Q:\CPA Campaigns\Leadimpact\Online Games - MMORPG\Adsimilis - 2824 - Martial Empires - DE\Mixrank - By Keyword = MMORPG\adsense-banner-88-destinations.csv 1345 bytes
File Q:\CPA Campaigns\Leadimpact\Online Games - MMORPG\Adsimilis - 2824 - Martial Empires - DE\Mixrank - By Keyword = MMORPG\battleon.com-publishers.csv 19305 bytes
File Q:\CPA Campaigns\Leadimpact\Online Games - MMORPG\Adsimilis - 2824 - Martial Empires - DE\Mixrank - By Keyword = MMORPG\kaneva.com-publishers.csv 25172 bytes
File Q:\CPA Campaigns\Leadimpact\Online Games - MMORPG\Adsimilis - 2824 - Martial Empires - DE\Mixrank - By Keyword = MMORPG\lordofultima.com-publishers.csv 43421 bytes
File Q:\CPA Campaigns\Leadimpact\Online Games - MMORPG\Adsimilis - 2824 - Martial Empires - DE\Mixrank - By Keyword = MMORPG\roblox.com-publishers.csv 215323 bytes
File Q:\$RECYCLE.BIN 0 bytes
File Q:\$RECYCLE.BIN\S-1-5-21-1415409250-421658165-2567368482-1001 0 bytes
File Q:\$RECYCLE.BIN\S-1-5-21-1415409250-421658165-2567368482-1001\desktop.ini 129 bytes
File Q:\Campaigns & Hosting Servers 0 bytes
File Q:\Campaigns & Hosting Servers\wmmtrack.com 0 bytes
File Q:\Campaigns & Hosting Servers\wmmtrack.com\acnecur3.com 0 bytes
File Q:\Campaigns & Hosting Servers\wmmtrack.com\acnecur3.com\Email Accounts.txt 36 bytes
File Q:\Campaigns & Hosting Servers\wmmtrack.com\acnecur3.com\Facebook account.txt 32 bytes
File Q:\Campaigns & Hosting Servers\wmmtrack.com\acnecur3.com\FTP.txt 24 bytes
File Q:\Campaigns & Hosting Servers\wmmtrack.com\acnecur3.com\Gmail Account.txt 32 bytes
File Q:\Campaigns & Hosting Servers\wmmtrack.com\acnecur3.com\Live Hotmail Account.txt 31 bytes
File Q:\Campaigns & Hosting Servers\wmmtrack.com\acnecur3.com\OptimizePress MySQL.txt 27 bytes
File Q:\Campaigns & Hosting Servers\wmmtrack.com\acnecur3.com\Wordpress MySQL.txt 27 bytes
File Q:\Campaigns & Hosting Servers\wmmtrack.com\cPanel Logins.txt 22 bytes
File Q:\Campaigns & Hosting Servers\wmmtrack.com\Email Accounts.txt 38 bytes
File Q:\Campaigns & Hosting Servers\wmmtrack.com\gasobs.com 0 bytes
File Q:\Campaigns & Hosting Servers\wmmtrack.com\gasobs.com\Bing & Google Webmaster Tools.txt 39 bytes
File Q:\Campaigns & Hosting Servers\wmmtrack.com\gasobs.com\Email account.txt 34 bytes
File Q:\Campaigns & Hosting Servers\wmmtrack.com\gasobs.com\FTP.txt 22 bytes
File Q:\Campaigns & Hosting Servers\wmmtrack.com\gasobs.com\Wordpress MySQL.txt 27 bytes
File Q:\Campaigns & Hosting Servers\wmmtrack.com\JustLif3.info 0 bytes
File Q:\Campaigns & Hosting Servers\wmmtrack.com\JustLif3.info\Coreg MySQL.txt 30 bytes
File Q:\Campaigns & Hosting Servers\wmmtrack.com\JustLif3.info\Email Account.txt 37 bytes
File Q:\Campaigns & Hosting Servers\wmmtrack.com\JustLif3.info\FTP.txt 24 bytes
File Q:\Campaigns & Hosting Servers\wmmtrack.com\JustLif3.info\Wordpress MySQL.txt 27 bytes
File Q:\Campaigns & Hosting Servers\wmmtrack.com\love2passion.com 0 bytes
File Q:\Campaigns & Hosting Servers\wmmtrack.com\love2passion.com\FTP details.txt 28 bytes
File Q:\Campaigns & Hosting Servers\wmmtrack.com\mobtk1.info 0 bytes
File Q:\Campaigns & Hosting Servers\wmmtrack.com\mobtk1.info\MySQL.txt 31 bytes
File Q:\Campaigns & Hosting Servers\wmmtrack.com\PrintFluid.com 0 bytes
File Q:\Campaigns & Hosting Servers\wmmtrack.com\PrintFluid.com\(5031) - Exclusive - 1ink.com - Coupon 0 bytes
File Q:\Campaigns & Hosting Servers\wmmtrack.com\PrintFluid.com\(5031) - Exclusive - 1ink.com - Coupon\Leadimpact 0 bytes
File Q:\Campaigns & Hosting Servers\wmmtrack.com\PrintFluid.com\(5031) - Exclusive - 1ink.com - Coupon\Leadimpact\Keywords Used on Google Keyword Tool.txt 24 bytes
File Q:\Campaigns & Hosting Servers\wmmtrack.com\PrintFluid.com\Wordpress MySQL.txt 27 bytes
File Q:\Campaigns & Hosting Servers\wmmtrack.com\RobotGalore.com 0 bytes
File Q:\Campaigns & Hosting Servers\wmmtrack.com\RobotGalore.com\Email Account.txt 128 bytes
File Q:\Campaigns & Hosting Servers\wmmtrack.com\RobotGalore.com\FTP.txt 27 bytes
File Q:\Campaigns & Hosting Servers\wmmtrack.com\RobotGalore.com\Social Media Accounts.txt 109 bytes
File Q:\Campaigns & Hosting Servers\wmmtrack.com\RobotGalore.com\Wordpress Login Password.txt 24 bytes
File Q:\Campaigns & Hosting Servers\wmmtrack.com\RobotGalore.com\Wordpress MySQL.txt 27 bytes
File Q:\Campaigns & Hosting Servers\wmmtrack.com\SyoTrack.com 0 bytes
File Q:\Campaigns & Hosting Servers\wmmtrack.com\SyoTrack.com\Email Accounts.txt 36 bytes
File Q:\Campaigns & Hosting Servers\wmmtrack.com\SyoTrack.com\FTP.txt 52 bytes
File Q:\Campaigns & Hosting Servers\wmmtrack.com\SyoTrack.com\MySQL.txt 27 bytes
File Q:\Campaigns & Hosting Servers\wmmtrack.com\SyoTrack.com\syo202.txt 31 bytes
File Q:\Campaigns & Hosting Servers\wmmtrack.com\SyoTrack.com\Wordpress login.txt 24 bytes
File Q:\Campaigns & Hosting Servers\wyffgoal.com 0 bytes
File Q:\Campaigns & Hosting Servers\wyffgoal.com\surgeportal.com 0 bytes
File Q:\Campaigns & Hosting Servers\wyffgoal.com\surgeportal.com\Email Account Password.txt 36 bytes
File Q:\Campaigns & Hosting Servers\wyffgoal.com\surgeportal.com\MySQL Wordpress.txt 27 bytes
File Q:\Coreg Stuff 0 bytes
File Q:\Coreg Stuff\Coreg Tutorial 0 bytes
File Q:\Coreg Stuff\Coreg Tutorial\Coreg Webinar.mp4 96353983 bytes
File Q:\Coreg Stuff\Coreg Tutorial\Part 1.mp4 13047572 bytes
File Q:\Coreg Stuff\Coreg Tutorial\Part 10.mp4 9672573 bytes
File Q:\Coreg Stuff\Coreg Tutorial\Part 2.mp4 13786635 bytes
File Q:\Coreg Stuff\Coreg Tutorial\Part 3.mp4 10297590 bytes
File Q:\Coreg Stuff\Coreg Tutorial\Part 4.mp4 12346962 bytes
File Q:\Coreg Stuff\Coreg Tutorial\Part 5.mp4 12518662 bytes
File Q:\Coreg Stuff\Coreg Tutorial\Part 6.mp4 12369658 bytes
File Q:\Coreg Stuff\Coreg Tutorial\Part 7.mp4 11346271 bytes
File Q:\Coreg Stuff\Coreg Tutorial\Part 8.mp4 11626498 bytes
File Q:\Coreg Stuff\Coreg Tutorial\Part 9.mp4 10950225 bytes
File Q:\Coreg Stuff\Coreg Tutorial\Silver Path.mp4 9672542 bytes
File Q:\Coreg Stuff\fake US mobile number.txt 45 bytes
File Q:\CPA Networks.txt 50 bytes
File Q:\Customize InReview Theme 0 bytes
File Q:\Customize InReview Theme\Change Reviewed By Text.txt 281 bytes
File Q:\Facebook Images 0 bytes
File Q:\Facebook Images\Edit Pending 0 bytes
File Q:\Facebook Images\Edit Pending\1 (2).jpg 42980 bytes
File Q:\Facebook Images\Edit Pending\1.jpg 78179 bytes
File Q:\Facebook Images\Edit Pending\10 (2).JPG 92325 bytes
File Q:\Facebook Images\Edit Pending\10.jpg 59035 bytes
File Q:\Facebook Images\Edit Pending\11 (2).jpg 24747 bytes
File Q:\Facebook Images\Edit Pending\11.jpg 37783 bytes
File Q:\Facebook Images\Edit Pending\12 (2).jpg 21061 bytes
File Q:\Facebook Images\Edit Pending\12.jpg 18656 bytes
File Q:\Facebook Images\Edit Pending\13 (2).jpg 21785 bytes
File Q:\Facebook Images\Edit Pending\13.jpg 10747 bytes
File Q:\Facebook Images\Edit Pending\14 (2).JPG 23843 bytes
File Q:\Facebook Images\Edit Pending\14.gif 16444 bytes
File Q:\Facebook Images\Edit Pending\14.jpg 7466 bytes
File Q:\Facebook Images\Edit Pending\15.jpg 15717 bytes
File Q:\Facebook Images\Edit Pending\16.jpg 47894 bytes
File Q:\Facebook Images\Edit Pending\16.png 14831 bytes
File Q:\Facebook Images\Edit Pending\17 (2).jpg 30118 bytes
File Q:\Facebook Images\Edit Pending\17.jpg 12069 bytes
File Q:\Facebook Images\Edit Pending\18 (2).jpg 28048 bytes
File Q:\Facebook Images\Edit Pending\18.jpg 15828 bytes
File Q:\Facebook Images\Edit Pending\19 (2).jpg 15027 bytes
File Q:\Facebook Images\Edit Pending\19.jpg 150152 bytes
File Q:\Facebook Images\Edit Pending\2.gif 3175 bytes
File Q:\Facebook Images\Edit Pending\2.jpg 19986 bytes
File Q:\Facebook Images\Edit Pending\20.jpg 32428 bytes
File Q:\Facebook Images\Edit Pending\20.png 13028 bytes
File Q:\Facebook Images\Edit Pending\21 (2).jpg 84150 bytes
File Q:\Facebook Images\Edit Pending\21.jpg 12189 bytes
File Q:\Facebook Images\Edit Pending\22 (2).jpg 126819 bytes
File Q:\Facebook Images\Edit Pending\22.jpg 19441 bytes
File Q:\Facebook Images\Edit Pending\23.jpg 192521 bytes
File Q:\Facebook Images\Edit Pending\23.png 52211 bytes
File Q:\Facebook Images\Edit Pending\24 (2).jpg 50468 bytes
File Q:\Facebook Images\Edit Pending\24.jpg 17815 bytes
File Q:\Facebook Images\Edit Pending\25 (2).jpg 48343 bytes
File Q:\Facebook Images\Edit Pending\25.jpg 41995 bytes
File Q:\Facebook Images\Edit Pending\26.gif 5941 bytes
File Q:\Facebook Images\Edit Pending\26.JPG 13564 bytes
File Q:\Facebook Images\Edit Pending\27.gif 118764 bytes
File Q:\Facebook Images\Edit Pending\27.jpg 46060 bytes
File Q:\Facebook Images\Edit Pending\28 (2).jpg 30688 bytes
File Q:\Facebook Images\Edit Pending\28.jpg 9011 bytes
File Q:\Facebook Images\Edit Pending\29.jpg 33877 bytes
File Q:\Facebook Images\Edit Pending\29.png 78522 bytes
File Q:\Facebook Images\Edit Pending\3.jpg 108422 bytes
File Q:\Facebook Images\Edit Pending\30.jpg 2551 bytes
File Q:\Facebook Images\Edit Pending\30.png 9798 bytes
File Q:\Facebook Images\Edit Pending\31.gif 13980 bytes
File Q:\Facebook Images\Edit Pending\31.jpg 9527 bytes
File Q:\Facebook Images\Edit Pending\32.gif 5481 bytes
File Q:\Facebook Images\Edit Pending\32.jpg 127001 bytes
File Q:\Facebook Images\Edit Pending\33.jpg 86472 bytes
File Q:\Facebook Images\Edit Pending\33.png 16720 bytes
File Q:\Facebook Images\Edit Pending\34.jpg 69638 bytes
File Q:\Facebook Images\Edit Pending\34.png 14324 bytes
File Q:\Facebook Images\Edit Pending\35.jpg 94492 bytes
File Q:\Facebook Images\Edit Pending\35.png 28487 bytes
File Q:\Facebook Images\Edit Pending\36 (2).png 23370 bytes
File Q:\Facebook Images\Edit Pending\36.png 108460 bytes
File Q:\Facebook Images\Edit Pending\37 (2).jpg 26679 bytes
File Q:\Facebook Images\Edit Pending\37.jpg 165506 bytes
File Q:\Facebook Images\Edit Pending\38 (2).jpg 55070 bytes
File Q:\Facebook Images\Edit Pending\38.jpg 9898 bytes
File Q:\Facebook Images\Edit Pending\39 (2).jpg 20303 bytes
File Q:\Facebook Images\Edit Pending\39.jpg 5251 bytes
File Q:\Facebook Images\Edit Pending\4.gif 4068 bytes
File Q:\Facebook Images\Edit Pending\4.jpg 601397 bytes
File Q:\Facebook Images\Edit Pending\40 (2).jpg 20485 bytes
File Q:\Facebook Images\Edit Pending\40.JPG 27111 bytes
File Q:\Facebook Images\Edit Pending\41 (2).jpg 38335 bytes
File Q:\Facebook Images\Edit Pending\41.jpg 132782 bytes
File Q:\Facebook Images\Edit Pending\42 (2).jpg 297108 bytes
File Q:\Facebook Images\Edit Pending\42.jpg 34549 bytes
File Q:\Facebook Images\Edit Pending\43.jpg 5205 bytes
File Q:\Facebook Images\Edit Pending\43.png 19167 bytes
File Q:\Facebook Images\Edit Pending\44.jpg 54932 bytes
File Q:\Facebook Images\Edit Pending\44.png 11858 bytes
File Q:\Facebook Images\Edit Pending\45.jpg 46693 bytes
File Q:\Facebook Images\Edit Pending\15 (2).JPG 36647 bytes
File Q:\Facebook Images\Edit Pending\21.png 141147 bytes
File Q:\Facebook Images\Edit Pending\3.gif 28189 bytes
File Q:\Facebook Images\Edit Pending\45.png 121078 bytes
File Q:\Facebook Images\Edit Pending\60.jpg 110226 bytes
File Q:\Facebook Images\Edit Pending\images (17).jpg 7007 bytes
File Q:\Facebook Images\Edit Pending\46.jpg 60744 bytes
File Q:\Facebook Images\Edit Pending\46.png 25051 bytes
File Q:\Facebook Images\Edit Pending\47.jpg 16523 bytes
File Q:\Facebook Images\Edit Pending\48.jpg 33877 bytes
File Q:\Facebook Images\Edit Pending\49.jpg 91808 bytes
File Q:\Facebook Images\Edit Pending\5.gif 18165 bytes
File Q:\Facebook Images\Edit Pending\5.jpg 24047 bytes
File Q:\Facebook Images\Edit Pending\50.jpg 54843 bytes
File Q:\Facebook Images\Edit Pending\51.jpg 66366 bytes
File Q:\Facebook Images\Edit Pending\52.gif 6776 bytes
File Q:\Facebook Images\Edit Pending\53.jpg 94027 bytes
File Q:\Facebook Images\Edit Pending\54.jpg 20616 bytes
File Q:\Facebook Images\Edit Pending\55.jpg 108113 bytes
File Q:\Facebook Images\Edit Pending\56.jpg 59806 bytes
File Q:\Facebook Images\Edit Pending\57.JPG 239882 bytes
File Q:\Facebook Images\Edit Pending\58.jpg 515038 bytes
File Q:\Facebook Images\Edit Pending\59.jpg 5914 bytes
File Q:\Facebook Images\Edit Pending\59.png 82635 bytes
File Q:\Facebook Images\Edit Pending\6.gif 12663 bytes
File Q:\Facebook Images\Edit Pending\6.jpg 57834 bytes
File Q:\Facebook Images\Edit Pending\61.jpg 4314 bytes
File Q:\Facebook Images\Edit Pending\61.png 180391 bytes
File Q:\Facebook Images\Edit Pending\7 (2).jpg 62186 bytes
File Q:\Facebook Images\Edit Pending\7.JPG 33976 bytes
File Q:\Facebook Images\Edit Pending\8 (2).jpg 694406 bytes
File Q:\Facebook Images\Edit Pending\8.jpg 19418 bytes
File Q:\Facebook Images\Edit Pending\8.png 6448 bytes
File Q:\Facebook Images\Edit Pending\9 (2).jpg 7730 bytes
File Q:\Facebook Images\Edit Pending\9.gif 37502 bytes
File Q:\Facebook Images\Edit Pending\9.jpg 6571 bytes
File Q:\Facebook Images\Edit Pending\creative (14).jpg 5905 bytes
File Q:\Facebook Images\Edit Pending\creative (15).jpg 5801 bytes
File Q:\Facebook Images\Edit Pending\creative (18).jpg 5639 bytes
File Q:\Facebook Images\Edit Pending\creative (19).jpg 5301 bytes
File Q:\Facebook Images\Edit Pending\creative (20).jpg 2612 bytes
File Q:\Facebook Images\Edit Pending\creative (21).jpg 3948 bytes
File Q:\Facebook Images\Edit Pending\creative (22).jpg 4058 bytes
File Q:\Facebook Images\Edit Pending\creative (23).jpg 2819 bytes
File Q:\Facebook Images\Edit Pending\creative (26).jpg 2641 bytes
File Q:\Facebook Images\Edit Pending\creative (27).jpg 2799 bytes
File Q:\Facebook Images\Edit Pending\creative (29).jpg 3086 bytes
File Q:\Facebook Images\Edit Pending\creative (30).jpg 3357 bytes
File Q:\Facebook Images\Edit Pending\creative (32).jpg 4442 bytes
File Q:\Facebook Images\Edit Pending\creative (8).jpg 5046 bytes
File Q:\Facebook Images\Edit Pending\creative (9).jpg 4631 bytes
File Q:\Facebook Images\Edit Pending\images (1).jpg 12308 bytes
File Q:\Facebook Images\Edit Pending\images (10).jpg 5153 bytes
File Q:\Facebook Images\Edit Pending\images (11).jpg 10765 bytes
File Q:\Facebook Images\Edit Pending\images (12).jpg 7169 bytes
File Q:\Facebook Images\Edit Pending\images (16).jpg 5659 bytes
File Q:\Facebook Images\Edit Pending\images (18).jpg 9170 bytes
File Q:\Facebook Images\Edit Pending\images (19).jpg 2650 bytes
File Q:\Facebook Images\Edit Pending\images (2).jpg 4853 bytes
File Q:\Facebook Images\Edit Pending\images (20).jpg 1985 bytes
File Q:\Facebook Images\Edit Pending\images (21).jpg 2517 bytes
File Q:\Facebook Images\Edit Pending\images (3).jpg 10397 bytes
File Q:\Facebook Images\Edit Pending\images (4).jpg 12369 bytes
File Q:\Facebook Images\Edit Pending\images (5).jpg 2877 bytes
File Q:\Facebook Images\Edit Pending\images (6).jpg 4033 bytes
File Q:\Facebook Images\Edit Pending\images (7).jpg 6272 bytes
File Q:\Facebook Images\Edit Pending\images (8).jpg 4372 bytes
File Q:\Facebook Images\Edit Pending\images.jpg 14875 bytes
File Q:\Facebook Images\Used 0 bytes
File Q:\Facebook Images\Used\creative (24).jpg 1996 bytes
File Q:\Facebook Images\Used\creative (28).jpg 6438 bytes
File Q:\Facebook Images\Used\creative (33).jpg 3934 bytes
File Q:\Facebook Images\Used\images (13).jpg 9204 bytes
File Q:\Facebook Images\Used\images (14).jpg 3965 bytes
File Q:\Facebook Images\Used\images (15).jpg 6055 bytes
File Q:\Facebook Images\Used\images (9).jpg 7730 bytes
File Q:\Facebook Images\Used\ScreenHunter_38 Jul. 05 12.56.jpg 3887 bytes
File Q:\Facebook Images\Used for Facebook Ads 0 bytes
File Q:\Facebook Images\Used for Facebook Ads\img (1).jpg 12526 bytes
File Q:\Facebook Images\Used for Facebook Ads\img (2).jpg 10248 bytes
File Q:\Facebook Images\Used for Facebook Ads\img (3).jpg 6392 bytes
File Q:\Facebook Images\Used for Facebook Ads\img (4).jpg 9511 bytes
File Q:\Facebook Images\Used for Facebook Ads\img (5).jpg 9760 bytes
File Q:\Facebook Images\Used for Facebook Ads\img (6).jpg 7515 bytes
File Q:\Facebook Images\Used for Facebook Ads\img (7).jpg 7134 bytes
File Q:\Facebook Images\Used for Facebook Ads\img (8).jpg 8275 bytes
File Q:\LI_Category_Prices.html 18743 bytes
File Q:\mass-editor-v2.psd 902872 bytes
File Q:\Mobile 0 bytes
File Q:\Mobile\Airpush 0 bytes
File Q:\Mobile\Airpush\Airpush Countries - Minimum Bidding.xlsx 12349 bytes
File Q:\Mobile\Airpush\Airpush-Icons.pdf 100221 bytes
File Q:\Mobile\Airpush\dynamic tokens.xlsx 8323 bytes
File Q:\Mobile\Mobile Tips.txt 67 bytes
File Q:\Mobile\Tapit! 0 bytes
File Q:\Mobile\Tapit!\Tapit! SubID.xlsx 15919 bytes
File Q:\noIPfraud 0 bytes
File Q:\noIPfraud\country_codes.csv 7672 bytes
File Q:\noIPfraud\CPVLab & P202.jpg 67944 bytes
File Q:\noIPfraud\Difference between Redirect & Include.jpg 116853 bytes
File Q:\noIPfraud\Do's.jpg 80858 bytes
File Q:\noIPfraud\Don'ts 2.jpg 89896 bytes
File Q:\noIPfraud\Don'ts.jpg 87261 bytes
File Q:\noIPfraud\noIPfraud Settings.txt 326 bytes
File Q:\noIPfraud\noIPfraud Training Videos 0 bytes
File Q:\noIPfraud\noIPfraud Training Videos\Part 1 - Getting Started.mp4 487915289 bytes
File Q:\noIPfraud\noIPfraud Training Videos\Part 2 - Accounts.mp4 461921705 bytes
File Q:\noIPfraud\noIPfraud Training Videos\Part 3 - Advanced Strategies.mp4 482799607 bytes
File Q:\noIPfraud\noIPfraud Training Videos\Part 4 - Q&A.mp4 335692283 bytes
File Q:\Power Editor.xlsx 24177 bytes
File Q:\PowerEditor2.xlsx 11807 bytes
File Q:\System Volume Information 0 bytes
File Q:\System Volume Information\tracking.log 20480 bytes
File Q:\Testimonials & Credibility 0 bytes
File Q:\Testimonials & Credibility\Credibility - Icons & Logos 0 bytes
File Q:\Testimonials & Credibility\Credibility - Icons & Logos\asseenontv.jpg 9169 bytes
File Q:\Testimonials & Credibility\Credibility - Icons & Logos\freeshipping.jpg 7980 bytes
File Q:\Testimonials & Credibility\Credibility - Icons & Logos\secure.jpg 28681 bytes
File Q:\Testimonials & Credibility\Credibility - Icons & Logos\secure1.jpg 6100 bytes
File Q:\Testimonials & Credibility\Credibility - Icons & Logos\secure2.jpg 8444 bytes
File Q:\Testimonials & Credibility\Testimonials 0 bytes
File Q:\Testimonials & Credibility\Testimonials\10229305326a12450929076l.jpg 32450 bytes
File Q:\Testimonials & Credibility\Testimonials\images (1).jpg 5961 bytes
File Q:\Testimonials & Credibility\Testimonials\images (2).jpg 6687 bytes
File Q:\Testimonials & Credibility\Testimonials\images (3).jpg 7822 bytes
File Q:\Testimonials & Credibility\Testimonials\images (4).jpg 6784 bytes
File Q:\Wamp 0 bytes
File Q:\Wamp\hosts - Shortcut.lnk 1058 bytes
File Q:\Wamp\httpd.conf - Shortcut.lnk 982 bytes
File Q:\Wamp\Setting Up Multiple Localhost 0 bytes
File Q:\Wamp\Setting Up Multiple Localhost\Read This.txt 88 bytes
File Q:\Wordpress Secret Key.htm 46 bytes

---- EOF - GMER 1.0.15 ----

Edited by WyffGoaL, 29 August 2012 - 04:46 AM.

  • 0

#14
maliprog
Posted 29 August 2012 - 05:08 AM

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Glad to hear that we have some progress.

I can't reinstall a fresh Chrome as it's attached with so many important things like Addon/extension and bookmarks that I have no backup with.


Actually this is not problem. We don't need to uninstall Chrome. You will do Chrome update so all your settings, addons and bookmarks will already be there. I've just tried it myself and all my setting were there after I installed new version of Chrome.

But just in case something goes wrong we will backup you profile with all addons and bookmarks. Please read This article how to easily backup your Chrome profile.

After you backup your profile download and install new version of Chrome from Here.

As before, please let me know results.
  • 0

#15
WyffGoaL
Posted 29 August 2012 - 05:24 AM

WyffGoaL

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts
Hey maliprog,

You know what? FireFox and Chrome are now working perfectly now after the reinstall. Thank you so much!

Anyway, do you know what the actual problem that is causing this behavior?

So is my PC actually infected by Viruses/Malwares?


I'm looking forward to your answer.

Thanks once again!

Cheers.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP