Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

services.exe.mui - prefer maliprog to finish this

Started by howdydodah , Oct 06 2012 06:01 AM

  • Please log in to reply

#1
howdydodah
Posted 06 October 2012 - 06:01 AM

howdydodah

    New Member

  • Member
  • Pip
  • 4 posts
I was playing a computer game and it crashed I looked up the processes and saw services.exe so i searched "c:\windows\system32\" and found 3 services : "services.exe(application), services.exe.mui, and services which i think thats for windows) so I searched google and found this website
http://www.geekstogo...edirect-issues/
so I followed the steps here and downloaded OTL pasted this under custom scan/fixes
-------
netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
services.*
/md5stop
%systemroot%\*. /mp /s
CREATERESTOREPOINT
-----

Edited by howdydodah, 06 October 2012 - 08:26 AM.

  • 0

Advertisements

#2
howdydodah
Posted 06 October 2012 - 06:06 AM

howdydodah

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
Here are the notes for OTL

---------

OTL logfile created on: 10/6/2012 6:23:09 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ALEDAN\Documents\apps\softwares\antivirus
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00003409 | Country: Philippines | Language: ENP | Date Format: M/d/yyyy

3.41 Gb Total Physical Memory | 2.09 Gb Available Physical Memory | 61.42% Memory free
6.82 Gb Paging File | 4.71 Gb Available in Paging File | 69.13% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465.66 Gb Total Space | 38.68 Gb Free Space | 8.31% Space Free | Partition Type: NTFS

Computer Name: ALEDAN-PC | User Name: ALEDAN | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/10/06 18:20:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\ALEDAN\My Documents\apps\softwares\antivirus\OTL.exe
PRC - [2012/10/05 23:47:59 | 000,529,744 | ---- | M] (Valve Corporation) -- C:\Program Files\Common Files\Steam\SteamService.exe
PRC - [2012/10/03 17:11:54 | 001,266,232 | ---- | M] (Soluto) -- C:\Program Files\Soluto\Soluto.exe
PRC - [2012/10/03 17:11:54 | 000,604,216 | ---- | M] (Soluto) -- C:\Program Files\Soluto\SolutoService.exe
PRC - [2012/09/21 21:27:24 | 000,895,376 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
PRC - [2012/09/12 17:25:24 | 000,287,824 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\NisSrv.exe
PRC - [2012/09/12 17:25:22 | 000,280,088 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MpCmdRun.exe
PRC - [2012/09/12 17:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2012/09/12 17:19:44 | 000,947,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2012/09/11 12:42:20 | 000,175,976 | ---- | M] (Ginger Software) -- C:\Program Files\Ginger\GingerUpdateService\GingerUpdateService.exe
PRC - [2012/09/11 12:41:58 | 001,266,536 | ---- | M] (Ginger Software) -- C:\Program Files\Ginger\GingerServices\GingerServices.exe
PRC - [2012/08/05 06:58:34 | 001,353,080 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam\Steam.exe
PRC - [2012/07/25 14:54:06 | 000,092,360 | ---- | M] (Speedbit Ltd.) -- C:\Program Files\Common Files\SpeedBit\SBUpdate\SBUpdate.exe
PRC - [2012/01/05 03:59:50 | 000,291,608 | R--- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2011/12/16 12:37:30 | 000,363,800 | R--- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2011/12/16 12:37:26 | 000,277,784 | R--- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2011/12/16 12:37:18 | 000,128,280 | R--- | M] () -- C:\Program Files\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
PRC - [2011/12/16 12:37:10 | 000,161,560 | R--- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
PRC - [2011/12/08 16:32:50 | 000,423,136 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe
PRC - [2011/08/04 12:18:43 | 000,126,400 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\4.4.0.12\ccsvchst.exe
PRC - [2011/02/25 13:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/20 20:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe


========== Modules (No Company Name) ==========

MOD - [2012/10/05 23:47:58 | 020,317,008 | ---- | M] () -- C:\Program Files\Steam\bin\libcef.dll
MOD - [2012/10/05 23:47:56 | 001,099,616 | ---- | M] () -- C:\Program Files\Steam\bin\avcodec-53.dll
MOD - [2012/10/05 23:47:56 | 000,902,480 | ---- | M] () -- C:\Program Files\Steam\bin\chromehtml.dll
MOD - [2012/10/05 23:47:56 | 000,190,816 | ---- | M] () -- C:\Program Files\Steam\bin\avformat-53.dll
MOD - [2012/10/05 23:47:56 | 000,123,232 | ---- | M] () -- C:\Program Files\Steam\bin\avutil-51.dll
MOD - [2012/10/05 15:11:24 | 000,656,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGPostBootResources\79cafa175250fe23f250c49b1c658a2f\PCGPostBootResources.ni.dll
MOD - [2012/10/05 15:11:24 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGHIDProbe\718efe1eb9393d9593bf1e0144b8f7c6\PCGHIDProbe.ni.dll
MOD - [2012/10/05 15:11:23 | 002,327,552 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Community.CsharpSql#\91e06f506baa7e67a190d8432e6862ac\Community.CsharpSqlite.ni.dll
MOD - [2012/10/05 15:11:23 | 000,045,568 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGRSPProbe\53f53896744f58d8aa71f644882a3cdb\PCGRSPProbe.ni.dll
MOD - [2012/10/05 15:11:22 | 000,202,240 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGWuInfo\954ccc8ed26ad8042da0355a57f55cd1\PCGWuInfo.ni.dll
MOD - [2012/10/05 15:11:22 | 000,100,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Interop.IWshRuntime#\74e83e6971b33297784e96362694dfe0\Interop.IWshRuntimeLibrary.ni.dll
MOD - [2012/10/05 15:11:21 | 000,176,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGAppControlPlugin#\9317c819e6468e24e6c7d95a593da23d\PCGAppControlPluginLoader.ni.dll
MOD - [2012/10/05 15:11:21 | 000,067,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGUsersCenter\4793c6d3d5dcf26fe73e6f1747409cd8\PCGUsersCenter.ni.dll
MOD - [2012/10/05 15:11:20 | 004,291,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGClientCommon\2eed2f7c3090fb453dde3998dc60f4de\PCGClientCommon.ni.dll
MOD - [2012/10/05 15:11:18 | 000,259,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGDriverProbe\1b561ef15ca43391ed9ef488ef58db32\PCGDriverProbe.ni.dll
MOD - [2012/10/05 15:11:18 | 000,198,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGBootVisualizingC#\2a450b8a0eb6996e98e70d876cd0b79f\PCGBootVisualizingCommon.ni.dll
MOD - [2012/10/05 15:11:17 | 000,068,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGConfiguration\c18bd4cde33b9716d569da26da44de34\PCGConfiguration.ni.dll
MOD - [2012/10/05 15:11:16 | 003,939,840 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGDatabase\a775736257e1bff8de2f7565508d56c2\PCGDatabase.ni.dll
MOD - [2012/10/05 15:11:14 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGAzureEntityFrame#\0d8dbe19a248042ae4d89aa2a52b06fa\PCGAzureEntityFramework.ni.dll
MOD - [2012/10/05 15:11:13 | 001,515,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGAzureShared\5df5a5794a91bd479b27561c5a278084\PCGAzureShared.ni.dll
MOD - [2012/10/05 15:11:13 | 001,303,040 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGCommunication\3a578b7e23def94fc468b5c063fb9fa1\PCGCommunication.ni.dll
MOD - [2012/10/05 15:11:10 | 002,845,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGPreCompiled\cdd82149cdd787b1a3269ca4543b3ee3\PCGPreCompiled.ni.dll
MOD - [2012/10/05 15:11:09 | 000,259,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGPrestoSerializer\e55c4f4cc1d3d0b72c6a4916b92ea413\PCGPrestoSerializer.ni.dll
MOD - [2012/10/05 15:11:08 | 000,596,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Ionic.Zip.Reduced\7ad181a648d9254a6b78f68983e90b62\Ionic.Zip.Reduced.ni.dll
MOD - [2012/10/05 15:11:05 | 002,128,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Newtonsoft.Json.Net#\00d4d6fe5f3231cc79bbce7450ab058c\Newtonsoft.Json.Net35.ni.dll
MOD - [2012/10/05 15:11:03 | 002,798,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGFramework\f72a47d03ad26c6760321c762e0ad919\PCGFramework.ni.dll
MOD - [2012/10/05 15:11:01 | 001,725,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Soluto\79964986e8463b367ac4791a06e0389d\Soluto.ni.exe
MOD - [2012/09/25 17:42:58 | 000,460,312 | ---- | M] () -- C:\Users\ALEDAN\AppData\Local\Google\Chrome\Application\22.0.1229.79\ppgooglenaclpluginchrome.dll
MOD - [2012/09/25 17:42:57 | 012,278,808 | ---- | M] () -- C:\Users\ALEDAN\AppData\Local\Google\Chrome\Application\22.0.1229.79\PepperFlash\pepflashplayer.dll
MOD - [2012/09/25 17:42:55 | 004,005,912 | ---- | M] () -- C:\Users\ALEDAN\AppData\Local\Google\Chrome\Application\22.0.1229.79\pdf.dll
MOD - [2012/09/25 17:41:39 | 000,578,072 | ---- | M] () -- C:\Users\ALEDAN\AppData\Local\Google\Chrome\Application\22.0.1229.79\libglesv2.dll
MOD - [2012/09/25 17:41:38 | 000,123,416 | ---- | M] () -- C:\Users\ALEDAN\AppData\Local\Google\Chrome\Application\22.0.1229.79\libegl.dll
MOD - [2012/09/25 17:41:27 | 000,156,712 | ---- | M] () -- C:\Users\ALEDAN\AppData\Local\Google\Chrome\Application\22.0.1229.79\avutil-51.dll
MOD - [2012/09/25 17:41:26 | 000,275,496 | ---- | M] () -- C:\Users\ALEDAN\AppData\Local\Google\Chrome\Application\22.0.1229.79\avformat-54.dll
MOD - [2012/09/25 17:41:24 | 002,168,360 | ---- | M] () -- C:\Users\ALEDAN\AppData\Local\Google\Chrome\Application\22.0.1229.79\avcodec-54.dll
MOD - [2012/08/15 22:29:49 | 002,516,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\2fe1658f05b0a96fe25c956a31d27b06\System.Data.Linq.ni.dll
MOD - [2012/08/15 22:27:16 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\dfd33f59a5803a3c73cf408362e6e0b7\System.Core.ni.dll
MOD - [2012/08/15 11:33:14 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\69ca4a43ba14b66689715ad62aed70e6\System.ServiceProcess.ni.dll
MOD - [2012/08/15 11:33:08 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll
MOD - [2012/08/15 11:32:40 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012/08/15 11:32:34 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012/08/15 11:32:12 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012/08/15 11:32:07 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012/08/15 11:32:06 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012/08/15 11:31:56 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2012/07/25 14:54:06 | 000,090,824 | ---- | M] () -- C:\Windows\System32\EasyHook32.dll
MOD - [2011/12/15 14:34:34 | 000,094,208 | ---- | M] () -- C:\Windows\System32\IccLibDll.dll
MOD - [2011/03/17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/10/20 15:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll


========== Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2012/10/05 23:47:59 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/10/03 17:11:54 | 000,604,216 | ---- | M] (Soluto) [Auto | Running] -- C:\Program Files\Soluto\SolutoService.exe -- (SolutoService)
SRV - [2012/09/26 01:28:44 | 000,666,720 | ---- | M] (Wellbia.com Co., Ltd.) [Disabled | Stopped] -- C:\Windows\System32\xsherlock.xem -- (xsherlock)
SRV - [2012/09/12 17:25:24 | 000,287,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2012/09/12 17:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012/09/11 12:42:20 | 000,175,976 | ---- | M] (Ginger Software) [Auto | Running] -- C:\Program Files\Ginger\GingerUpdateService\GingerUpdateService.exe -- (GingerUpdateService)
SRV - [2012/08/02 14:57:06 | 001,044,816 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012/07/30 12:02:10 | 000,018,360 | ---- | M] (Overwolf Ltd) [Disabled | Stopped] -- C:\Program Files\Overwolf\OverwolfUpdater.exe -- (OverwolfUpdaterService)
SRV - [2012/07/28 04:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/07/05 18:41:46 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Disabled | Stopped] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012/05/09 03:51:02 | 004,629,080 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2012/03/19 23:44:18 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IntelCpHeciSvc.exe -- (cphs)
SRV - [2011/12/16 12:37:30 | 000,363,800 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011/12/16 12:37:26 | 000,277,784 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2011/12/16 12:37:18 | 000,128,280 | R--- | M] () [Auto | Running] -- C:\Program Files\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe -- (Intel®
SRV - [2011/12/16 12:37:10 | 000,161,560 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2011/12/12 14:07:00 | 000,793,048 | ---- | M] (PC Tools) [Disabled | Stopped] -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc)
SRV - [2011/12/08 16:32:50 | 000,423,136 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV - [2011/08/04 12:18:43 | 000,126,400 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton 360\Engine\4.4.0.12\ccSvcHst.exe -- (N360)
SRV - [2011/06/12 11:15:00 | 031,125,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/07/14 09:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 09:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 09:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/03/12 17:36:24 | 000,086,016 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe -- (mi-raysat_3dsmax2010_32)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\xhunter1.sys -- (xhunter1)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\vtany.sys -- (vtany)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Garena Plus\Room\safedrv.sys -- (GGSAFERDriver)
DRV - File not found [Kernel | On_Demand | Running] -- C:\Windows\TEMP\cpuz135\cpuz135_x32.sys -- (cpuz135)
DRV - [2012/10/06 18:01:35 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2F9FA094-5002-45CA-8014-17A07401D61F}\MpKsl71735bbb.sys -- (MpKsl71735bbb)
DRV - [2012/10/03 17:08:36 | 000,051,144 | ---- | M] (Soluto LTD.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\Soluto.sys -- (Soluto)
DRV - [2012/09/13 12:53:38 | 001,601,184 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20121004.020\NAVEX15.SYS -- (NAVEX15)
DRV - [2012/09/13 12:53:38 | 000,092,704 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20121004.020\NAVENG.SYS -- (NAVENG)
DRV - [2012/09/06 04:54:30 | 000,386,720 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20121004.001\IDSvix86.sys -- (IDSVix86)
DRV - [2012/09/01 06:09:14 | 000,995,488 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20120928.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2012/08/30 22:03:50 | 000,099,272 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2012/08/13 01:33:27 | 000,376,480 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2012/08/13 01:33:27 | 000,106,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012/07/26 07:31:44 | 000,281,344 | ---- | M] (D-vitec) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dvitdcnt.sys -- (D-Vitec)
DRV - [2012/07/25 04:11:54 | 000,035,560 | ---- | M] (AnchorFree Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\hssdrv6.sys -- (HssDRV6)
DRV - [2012/07/25 04:11:50 | 000,033,512 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\taphss.sys -- (taphss)
DRV - [2012/07/19 17:38:52 | 000,113,104 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2012/07/02 17:35:27 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2012/01/05 03:58:50 | 000,789,272 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV - [2012/01/05 03:58:50 | 000,347,928 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\iusb3hub.sys -- (iusb3hub)
DRV - [2012/01/05 03:58:50 | 000,013,592 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV - [2011/12/06 03:22:00 | 000,280,576 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcDAud.sys -- (IntcDAud)
DRV - [2011/11/10 00:52:02 | 000,046,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (MEI)
DRV - [2011/10/24 05:39:40 | 000,278,528 | ---- | M] (AVEO) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AVEOdcnt.sys -- (AVEO)
DRV - [2011/08/22 10:53:36 | 000,340,088 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\0404000.00C\symtdiv.sys -- (SYMTDIv)
DRV - [2011/08/22 10:53:35 | 000,173,176 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\N360\0404000.00C\symefa.sys -- (SymEFA)
DRV - [2011/08/04 12:19:30 | 000,485,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\0404000.00C\cchpx86.sys -- (ccHP)
DRV - [2011/05/31 16:14:56 | 000,010,872 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Game\SoftnyxGame\RakionIS\Bin\apf001.sys -- (apf001)
DRV - [2011/01/06 20:10:22 | 000,021,624 | ---- | M] (Elitegroup Computer System Co., Ltd.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\EZCharger.sys -- (EZCharger)
DRV - [2010/11/20 20:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 20:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 20:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 18:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 18:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010/11/20 17:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 17:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 17:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/11/01 06:08:46 | 000,014,416 | ---- | M] (OpenLibSys.org) [File_System | On_Demand | Stopped] -- C:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys -- (WinRing0_1_2_0)
DRV - [2010/04/29 13:03:51 | 000,116,784 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\0404000.00C\ironx86.sys -- (SymIRON)
DRV - [2010/04/22 10:29:50 | 000,325,680 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\N360\0404000.00C\srtsp.sys -- (SRTSP)
DRV - [2010/04/22 10:29:50 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\0404000.00C\srtspx.sys -- (SRTSPX)
DRV - [2009/12/01 20:42:32 | 000,014,528 | ---- | M] (Elitegroup Computer Systems) [Kernel | On_Demand | Stopped] -- C:\Program Files\ECS Motherboard Utility\eBLU\ECSIoDriver.sys -- (ECSIoDriver_1_1_0_0)
DRV - [2009/10/15 11:50:05 | 000,328,752 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\N360\0404000.00C\symds.sys -- (SymDS)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpr...5-585190BD59FC}
IE - HKLM\..\URLSearchHook: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {E627DC4B-8C04-4234-A2D4-1D634EE01C41}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT3072253
IE - HKLM\..\SearchScopes\{E627DC4B-8C04-4234-A2D4-1D634EE01C41}: "URL" = http://www.bigseekpr...q={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?...OIE9MSE&PC=UP09
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.speedbit.../?pid=%s&aid=%s
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-ph
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = B1 D8 62 F1 32 67 CD 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {7F4EFF06-7032-458e-AE16-1C1D8255C28A}
IE - HKCU\..\SearchScopes\{33524C00-63FB-43DB-A6BF-0A4E14B24649}: "URL" = http://www.basicscan...s={searchTerms}
IE - HKCU\..\SearchScopes\{4FF22553-DC11-4C25-95EC-9267593001D4}: "URL" = http://search.condui...&ctid=CT3220468
IE - HKCU\..\SearchScopes\{7F4EFF06-7032-458e-AE16-1C1D8255C28A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{E627DC4B-8C04-4234-A2D4-1D634EE01C41}: "URL" = http://www.bigseekpr...q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "SpeedBit Search"
FF - prefs.js..browser.search.defaulturl: "http://home.speedbit...x?s=C7Pa206&q="
FF - prefs.js..browser.search.order.1: "SpeedBit Search"
FF - prefs.js..browser.search.selectedEngine: "SpeedBit Search"
FF - prefs.js..browser.startup.homepage: "http://home.speedbit...?pid=%s&aid=%s"
FF - prefs.js..extensions.enabledAddons: [email protected]:0.1
FF - prefs.js..keyword.URL: "http://home.speedbit...x?s=C7Pa206&q="
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52: C:\Program Files\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@qq.com/npqscall: C:\Program Files\Common Files\Tencent\NPQSCALL\npqscall.dll (Tencent)
FF - HKLM\Software\MozillaPlugins\@qq.com/TXSSO: C:\Program Files\Common Files\Tencent\TXSSO\1.2.1.38\Bin\npSSOAxCtrlForPTLogin.dll ()
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.5.109: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.5.109: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.5.109: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.5.109: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.5.109: C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\ALEDAN\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\ALEDAN\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\ALEDAN\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\ALEDAN\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\ALEDAN\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPlgn\ [2012/08/07 17:31:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\coFFPlgn_2010_9_0_6 [2012/10/06 17:04:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C3949AC2-4B17-43ee-B4F1-D26B9D42404D}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/07/21 15:31:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\DAP\daplinkchecker [2012/07/25 14:55:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]:
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/09/10 00:37:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2012/09/10 00:38:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ALEDAN\AppData\Roaming\Mozilla\Extensions
[2012/08/01 13:52:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ALEDAN\AppData\Roaming\Mozilla\Firefox\extensions
[2012/08/01 13:52:22 | 000,000,000 | ---D | M] (uTorrentControl3) -- C:\Users\ALEDAN\AppData\Roaming\Mozilla\Firefox\extensions\{46a3135d-3683-48cf-b94c-82655cbc0e8a}
[2012/07/21 19:06:44 | 000,000,000 | ---D | M] (uTorrentControl2) -- C:\Users\ALEDAN\AppData\Roaming\Mozilla\Firefox\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}
[2012/09/28 20:05:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ALEDAN\AppData\Roaming\Mozilla\Firefox\Profiles\9hen101w.default\extensions
[2012/09/25 18:13:00 | 000,002,534 | ---- | M] () -- C:\Users\ALEDAN\AppData\Roaming\Mozilla\Firefox\Profiles\9hen101w.default\searchplugins\speedbit.xml
[2012/09/21 20:35:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/09/21 20:35:21 | 000,000,000 | ---D | M] ("Ginger") -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
[2012/09/06 09:27:05 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/09/06 09:26:22 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/09/06 09:26:22 | 000,002,253 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage: http://home.speedbit.com/?s=C7Pa205
CHR - default_search_provider: Speedbit (Enabled)
CHR - default_search_provider: search_url = http://home.speedbit...q={searchTerms}
CHR - default_search_provider: suggest_url = http://api.searchpre...d={searchTerms}
CHR - homepage: http://home.speedbit.com/?s=C7Pa205
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\ALEDAN\AppData\Local\Google\Chrome\Application\22.0.1229.79\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\ALEDAN\AppData\Local\Google\Chrome\Application\22.0.1229.79\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\ALEDAN\AppData\Local\Google\Chrome\Application\22.0.1229.79\gcswf32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: Java™ Platform SE 7 U5 (Enabled) = C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.50.255 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Google Update (Enabled) = C:\Users\ALEDAN\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - Extension: YouTube = C:\Users\ALEDAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: DAP Link Checker = C:\Users\ALEDAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodfdknjhecmadheclfjkhhiofeagdbh\1.0.0.9_0\
CHR - Extension: Google Search = C:\Users\ALEDAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: uTorrentControl_v2 = C:\Users\ALEDAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda\2.3.15.10_0\
CHR - Extension: uTorrentControl3 = C:\Users\ALEDAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcoadpabahabkmdndndlimfikephnoka\2.3.15.10_0\
CHR - Extension: Download Accelerator Plus (DAP) = C:\Users\ALEDAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\2.0.10_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\ALEDAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: TopLine = C:\Users\ALEDAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkoifoocjggkggkbdlpcpbbibjlddjem\3.8_0\
CHR - Extension: Skype Click to Call = C:\Users\ALEDAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.1.0.10441_0\
CHR - Extension: Ginger = C:\Users\ALEDAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\nacnicbpedmjfagkdhpmbpjlgcgcekka\2.7.60_0\
CHR - Extension: uTorrentControl2 = C:\Users\ALEDAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\
CHR - Extension: Gmail = C:\Users\ALEDAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/09/15 01:58:17 | 000,000,892 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Ginger Grammar & Spell Checker) - {0877c1fc-19c6-4fe2-8e3d-699d8edb2964} - C:\Program Files\Ginger\GingerIEAddin\adxloader.dll ()
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\4.4.0.12\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\4.4.0.12\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Do Not Track Plus) - {6E45F3E8-2683-4824-A6BE-08108022FB36} - C:\Program Files\DoNotTrackPlus\IE\DNTPAddon.dll (Abine)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (uTorrentControl_v2 Toolbar) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (SpeedBit Link Verification Helper) - {D5974A72-C81C-4DC3-BE77-A8A7BBC8864E} - C:\Program Files\DAP\LinkVerifier.dll (Speedbit Ltd.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (uTorrentControl_v2 Toolbar) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.4.0.12\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {60EACC1A-33FA-443D-9846-17B28E2C9BDB} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {687578B9-7132-4A7A-80E4-30EE31099E03} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (uTorrentControl_v2 Toolbar) - {7473B6BD-4691-4744-A82B-7854EB3D70B6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.4.0.12\coieplg.dll (Symantec Corporation)
O4 - HKLM..\Run: [USB3MON] C:\Program Files\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 181
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 0
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm ()
O8 - Extra context menu item: &Verify with DAP - C:\Program Files\DAP\dapverify.htm ()
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Do Not Track Plus © Abine - {6E45F3E8-2683-4824-A6BE-08108022FB36} - C:\Program Files\DoNotTrackPlus\IE\DNTPAddon.dll (Abine)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {48884C41-EFAC-433D-958A-9FADAC41408E} https://www.e-games....GamesPlugin.cab (EGamesPlugin Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{706F3B43-3E11-4922-BAC4-799EF0C4F723}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Overwolf\SKYPE4~2.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Program Files\Soluto\soluto.exe /userinit) - C:\Program Files\Soluto\soluto.exe (Soluto)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/11 05:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/10/06 18:24:01 | 002,212,440 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\ALEDAN\Desktop\tdsskiller.exe
[2012/10/06 08:17:12 | 000,000,000 | ---D | C] -- C:\Users\ALEDAN\AppData\Local\{B965A7D3-15B2-4492-B32E-27B023564DCD}
[2012/10/05 20:46:08 | 000,000,000 | ---D | C] -- C:\Users\ALEDAN\AppData\Local\DoNotTrackPlus
[2012/10/05 20:45:00 | 000,000,000 | ---D | C] -- C:\Program Files\DoNotTrackPlus
[2012/10/05 15:09:23 | 000,051,144 | ---- | C] (Soluto LTD.) -- C:\Windows\System32\drivers\Soluto.sys
[2012/10/05 15:09:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soluto
[2012/10/05 15:09:19 | 000,000,000 | ---D | C] -- C:\Program Files\Soluto
[2012/10/05 15:06:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Soluto
[2012/10/05 11:23:36 | 000,000,000 | ---D | C] -- C:\Users\ALEDAN\Desktop\MEMBER'S DATA FORM (MDF) PRINT (NO. 912279048342)_files
[2012/10/03 16:01:00 | 000,000,000 | ---D | C] -- C:\VivoxLogs
[2012/10/03 03:38:24 | 000,000,000 | ---D | C] -- C:\Users\ALEDAN\AppData\Local\Solid State Networks
[2012/10/03 03:37:40 | 000,000,000 | ---D | C] -- C:\Program Files\MeteorEntertainment
[2012/10/03 03:37:40 | 000,000,000 | ---D | C] -- C:\Users\ALEDAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Meteor Entertainment
[2012/10/01 10:47:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
[2012/10/01 10:47:03 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe Media Player
[2012/10/01 00:48:40 | 000,000,000 | ---D | C] -- C:\Program Files\xC-CS1.6
[2012/09/30 01:19:21 | 000,000,000 | ---D | C] -- C:\Users\ALEDAN\AppData\Local\Aeria Games
[2012/09/30 01:17:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Aeria Games
[2012/09/30 01:09:58 | 000,000,000 | -HSD | C] -- C:\Windows\System32\AI_RecycleBin
[2012/09/30 01:09:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AeriaGames
[2012/09/30 01:09:57 | 000,000,000 | ---D | C] -- C:\Program Files\Aeria Games
[2012/09/28 11:20:07 | 000,000,000 | ---D | C] -- C:\Users\ALEDAN\Desktop\RAPRAP.COM
[2012/09/27 18:11:53 | 000,000,000 | ---D | C] -- C:\Users\ALEDAN\AppData\Local\Akamai
[2012/09/27 18:11:47 | 000,000,000 | ---D | C] -- C:\AeriaGames
[2012/09/26 16:26:45 | 000,000,000 | ---D | C] -- C:\Users\ALEDAN\Desktop\warkey
[2012/09/25 17:09:00 | 000,000,000 | ---D | C] -- C:\Users\ALEDAN\Documents\StarCraft II
[2012/09/25 17:09:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
[2012/09/25 17:08:59 | 000,000,000 | ---D | C] -- C:\Program Files\StarCraft II
[2012/09/25 17:08:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Blizzard Entertainment
[2012/09/22 13:02:58 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012/09/22 04:37:40 | 000,000,000 | ---D | C] -- C:\MoTemp
[2012/09/21 21:28:05 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrentControl_v2
[2012/09/21 20:35:39 | 000,000,000 | ---D | C] -- C:\Users\ALEDAN\AppData\Roaming\Acapela Group
[2012/09/21 20:35:10 | 000,000,000 | ---D | C] -- C:\Users\ALEDAN\Documents\Add-in Express
[2012/09/21 20:35:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ginger
[2012/09/21 20:34:53 | 000,000,000 | ---D | C] -- C:\Program Files\Ginger
[2012/09/19 00:18:51 | 000,000,000 | ---D | C] -- C:\Users\ALEDAN\AppData\Local\{AA1647C1-CA24-4A22-9B51-4DC778209879}
[2012/09/14 21:51:05 | 000,000,000 | ---D | C] -- C:\ProgramData\PopCap Games
[2012/09/13 21:35:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Booster 3
[2012/09/13 21:35:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow
[2012/09/13 21:35:15 | 000,000,000 | ---D | C] -- C:\Program Files\ffdshow
[2012/09/13 21:35:14 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2012/09/13 21:35:14 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2012/09/13 20:44:31 | 000,000,000 | ---D | C] -- C:\Users\ALEDAN\AppData\Roaming\Registry Mechanic
[2012/09/13 16:20:46 | 001,101,824 | ---- | C] (Woodbury Associates Limited) -- C:\Windows\System32\UniBox210.ocx
[2012/09/13 16:20:46 | 000,880,640 | ---- | C] (Woodbury Associates Limited) -- C:\Windows\System32\UniBox10.ocx
[2012/09/13 16:20:46 | 000,212,992 | ---- | C] (Woodbury Associates Limited) -- C:\Windows\System32\UniBoxVB12.ocx
[2012/09/13 16:20:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Tools Registry Mechanic
[2012/09/13 16:20:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2012/09/13 16:20:31 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools Registry Mechanic
[2012/09/13 16:17:32 | 000,000,000 | ---D | C] -- C:\Program Files\GreenTree Applications
[2012/09/11 20:06:27 | 000,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab
[2012/09/11 20:06:18 | 000,000,000 | ---D | C] -- C:\Users\ALEDAN\AppData\Roaming\SystemRequirementsLab
[2012/09/11 11:15:06 | 000,000,000 | ---D | C] -- C:\Users\ALEDAN\AppData\Roaming\Tific
[2012/09/11 11:15:05 | 000,000,000 | ---D | C] -- C:\Users\ALEDAN\AppData\Local\Symantec
[2012/09/10 16:25:05 | 000,000,000 | ---D | C] -- C:\Users\ALEDAN\AppData\Local\Macromedia
[2012/09/10 00:38:16 | 000,000,000 | ---D | C] -- C:\Users\ALEDAN\AppData\Local\Mozilla
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/10/06 18:25:05 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2482327023-763593763-3706321181-1000UA.job
[2012/10/06 18:24:28 | 002,212,440 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\ALEDAN\Desktop\tdsskiller.exe
[2012/10/06 18:09:01 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/10/06 18:09:00 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/10/06 17:42:04 | 000,664,000 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/10/06 17:42:04 | 000,124,736 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/10/06 17:09:28 | 000,021,024 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/10/06 17:09:28 | 000,021,024 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/10/06 17:03:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/10/06 17:03:33 | 2744,885,248 | -HS- | M] () -- C:\hiberfil.sys
[2012/10/06 12:53:03 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2482327023-763593763-3706321181-1000UA.job
[2012/10/05 21:53:01 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2482327023-763593763-3706321181-1000Core.job
[2012/10/05 19:25:08 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2482327023-763593763-3706321181-1000Core.job
[2012/10/05 15:09:59 | 000,000,098 | ---- | M] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2012/10/05 11:23:36 | 000,118,975 | ---- | M] () -- C:\Users\ALEDAN\Desktop\MEMBER'S DATA FORM (MDF) PRINT (NO. 912279048342).htm
[2012/10/04 21:24:06 | 000,614,400 | ---- | M] () -- C:\Windows\System32\Image20.dat
[2012/10/03 17:08:36 | 000,051,144 | ---- | M] (Soluto LTD.) -- C:\Windows\System32\drivers\Soluto.sys
[2012/10/02 23:51:27 | 000,316,413 | ---- | M] () -- C:\Users\ALEDAN\Desktop\the_lord_of_the_rings.jpg
[2012/10/01 08:30:38 | 000,007,604 | ---- | M] () -- C:\Users\ALEDAN\AppData\Local\resmon.resmoncfg
[2012/10/01 00:51:12 | 000,001,923 | ---- | M] () -- C:\Users\ALEDAN\Desktop\xCounter-Strike1.6.lnk
[2012/09/30 01:15:04 | 000,001,647 | ---- | M] () -- C:\Users\ALEDAN\Desktop\Shaiya.lnk
[2012/09/30 01:09:58 | 000,001,990 | ---- | M] () -- C:\Users\Public\Desktop\Aeria Ignite.lnk
[2012/09/28 16:27:43 | 000,002,450 | ---- | M] () -- C:\Users\ALEDAN\Desktop\Google Chrome.lnk
[2012/09/27 16:24:17 | 000,045,270 | ---- | M] () -- C:\Users\ALEDAN\AppData\Roaming\room_v3.dat
[2012/09/27 02:01:25 | 000,002,155 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012/09/26 02:40:07 | 000,001,488 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Application Manager.lnk
[2012/09/26 01:28:44 | 000,666,720 | ---- | M] (Wellbia.com Co., Ltd.) -- C:\Windows\System32\xsherlock.xem
[2012/09/25 17:19:36 | 000,001,059 | ---- | M] () -- C:\Users\Public\Desktop\StarCraft II.lnk
[2012/09/21 20:35:02 | 000,003,021 | ---- | M] () -- C:\Users\Public\Desktop\Ginger.lnk
[2012/09/19 20:49:47 | 000,125,521 | ---- | M] () -- C:\Users\ALEDAN\Desktop\SevenDwarfs.jpg
[2012/09/19 20:42:29 | 000,018,014 | ---- | M] () -- C:\Users\ALEDAN\Desktop\grumpy.jpg
[2012/09/19 20:41:43 | 000,017,299 | ---- | M] () -- C:\Users\ALEDAN\Desktop\dopey.jpg
[2012/09/19 20:35:19 | 000,038,819 | ---- | M] () -- C:\Users\ALEDAN\Desktop\snow.jpg
[2012/09/16 01:34:56 | 000,003,222 | ---- | M] () -- C:\Users\ALEDAN\Desktop\PlantsVsZombies - Shortcut.lnk
[2012/09/15 01:58:17 | 000,000,892 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012/09/13 21:35:23 | 000,001,148 | ---- | M] () -- C:\Users\Public\Desktop\Switch to Gaming Mode.lnk
[2012/09/13 21:35:23 | 000,001,136 | ---- | M] () -- C:\Users\Public\Desktop\Game Booster 3.lnk
[2012/09/13 21:22:19 | 000,001,419 | ---- | M] () -- C:\Users\ALEDAN\Desktop\dnlauncher - Shortcut.lnk
[2012/09/13 18:54:47 | 008,233,123 | ---- | M] () -- C:\Users\ALEDAN\Documents\Volcanoes - Andreas Moe.mp3
[2012/09/13 16:31:27 | 005,311,898 | ---- | M] () -- C:\Users\ALEDAN\Documents\Laura Marling - New Romantic cover.mp3
[2012/09/13 16:24:20 | 024,654,128 | ---- | M] () -- C:\Users\ALEDAN\Documents\Laura Marling - New Romantic cover.flv
[2012/09/13 16:20:47 | 000,001,152 | ---- | M] () -- C:\Users\Public\Desktop\PC Tools Registry Mechanic.lnk
[2012/09/12 02:05:39 | 000,001,989 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012/09/10 00:37:56 | 000,001,088 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/10/05 15:09:59 | 000,000,098 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2012/10/05 11:23:35 | 000,118,975 | ---- | C] () -- C:\Users\ALEDAN\Desktop\MEMBER'S DATA FORM (MDF) PRINT (NO. 912279048342).htm
[2012/10/02 23:51:25 | 000,316,413 | ---- | C] () -- C:\Users\ALEDAN\Desktop\the_lord_of_the_rings.jpg
[2012/10/01 00:51:11 | 000,001,923 | ---- | C] () -- C:\Users\ALEDAN\Desktop\xCounter-Strike1.6.lnk
[2012/09/30 01:15:02 | 000,001,647 | ---- | C] () -- C:\Users\ALEDAN\Desktop\Shaiya.lnk
[2012/09/30 01:09:57 | 000,001,990 | ---- | C] () -- C:\Users\Public\Desktop\Aeria Ignite.lnk
[2012/09/26 02:40:07 | 000,001,500 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
[2012/09/26 02:40:05 | 000,001,488 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Application Manager.lnk
[2012/09/25 17:09:00 | 000,001,059 | ---- | C] () -- C:\Users\Public\Desktop\StarCraft II.lnk
[2012/09/21 20:35:01 | 000,003,021 | ---- | C] () -- C:\Users\Public\Desktop\Ginger.lnk
[2012/09/19 20:49:56 | 000,125,521 | ---- | C] () -- C:\Users\ALEDAN\Desktop\SevenDwarfs.jpg
[2012/09/19 20:42:36 | 000,018,014 | ---- | C] () -- C:\Users\ALEDAN\Desktop\grumpy.jpg
[2012/09/19 20:41:45 | 000,017,299 | ---- | C] () -- C:\Users\ALEDAN\Desktop\dopey.jpg
[2012/09/19 20:35:30 | 000,038,819 | ---- | C] () -- C:\Users\ALEDAN\Desktop\snow.jpg
[2012/09/14 21:51:32 | 000,003,222 | ---- | C] () -- C:\Users\ALEDAN\Desktop\PlantsVsZombies - Shortcut.lnk
[2012/09/13 21:35:23 | 000,001,148 | ---- | C] () -- C:\Users\Public\Desktop\Switch to Gaming Mode.lnk
[2012/09/13 21:35:23 | 000,001,136 | ---- | C] () -- C:\Users\Public\Desktop\Game Booster 3.lnk
[2012/09/13 21:35:17 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2012/09/13 21:22:19 | 000,001,419 | ---- | C] () -- C:\Users\ALEDAN\Desktop\dnlauncher - Shortcut.lnk
[2012/09/13 18:54:42 | 008,233,123 | ---- | C] () -- C:\Users\ALEDAN\Documents\Volcanoes - Andreas Moe.mp3
[2012/09/13 18:54:23 | 006,213,711 | ---- | C] () -- C:\Users\ALEDAN\Desktop\Volcanoes - Andreas Moe.3gp
[2012/09/13 16:31:22 | 005,311,898 | ---- | C] () -- C:\Users\ALEDAN\Documents\Laura Marling - New Romantic cover.mp3
[2012/09/13 16:20:47 | 000,001,152 | ---- | C] () -- C:\Users\Public\Desktop\PC Tools Registry Mechanic.lnk
[2012/09/13 16:20:46 | 000,037,336 | ---- | C] () -- C:\Windows\System32\CleanMFT32.exe
[2012/09/13 16:18:23 | 024,654,128 | ---- | C] () -- C:\Users\ALEDAN\Documents\Laura Marling - New Romantic cover.flv
[2012/09/12 02:05:39 | 000,001,989 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012/09/12 02:05:38 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012/09/11 18:10:42 | 000,007,604 | ---- | C] () -- C:\Users\ALEDAN\AppData\Local\resmon.resmoncfg
[2012/09/10 00:37:55 | 000,001,088 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/09/10 00:37:50 | 000,001,100 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/09/05 11:50:16 | 000,045,270 | ---- | C] () -- C:\Users\ALEDAN\AppData\Roaming\room_v3.dat
[2012/08/22 15:14:58 | 000,018,760 | ---- | C] () -- C:\Windows\System32\QQVistaHelper.dll
[2012/08/13 13:54:24 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2012/08/13 13:52:50 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2012/08/11 00:16:54 | 000,000,045 | ---- | C] () -- C:\Users\ALEDAN\jagex_cl_runescape_LIVE.dat
[2012/08/11 00:16:54 | 000,000,024 | ---- | C] () -- C:\Users\ALEDAN\random.dat
[2012/08/09 14:55:04 | 000,000,440 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2012/08/04 23:06:28 | 000,012,920 | ---- | C] () -- C:\Windows\System32\apl001.sys
[2012/08/04 23:06:28 | 000,010,872 | ---- | C] () -- C:\Windows\System32\apf001.sys
[2012/08/02 12:14:20 | 000,000,560 | -H-- | C] () -- C:\ProgramData\common.data
[2012/08/02 12:14:17 | 000,016,384 | ---- | C] () -- C:\Users\ALEDAN\zpkn.exe.vir
[2012/08/02 05:33:48 | 000,003,584 | ---- | C] () -- C:\Users\ALEDAN\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/07/28 02:47:17 | 000,645,632 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2012/07/28 02:47:17 | 000,240,640 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2012/07/27 23:54:11 | 000,000,000 | ---- | C] () -- C:\ProgramData\49a6be40aade3672d522657b8bda1b38_c
[2012/07/25 14:54:59 | 000,109,256 | ---- | C] () -- C:\Windows\System32\EasyHook64.dll
[2012/07/25 14:54:59 | 000,090,824 | ---- | C] () -- C:\Windows\System32\EasyHook32.dll
[2012/07/25 14:47:58 | 000,000,024 | ---- | C] () -- C:\Users\ALEDAN\AppData\Roaming\MyPhrases.dta
[2012/07/24 17:40:24 | 000,614,400 | ---- | C] () -- C:\Windows\System32\Image20.dat
[2012/07/24 16:56:29 | 000,028,672 | ---- | C] () -- C:\Windows\System32\MFC_InstDrvDLL.dll
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\zzmbkjttcv.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\zyadeizbstq.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\zvxuplfqaiv.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\zmulmsalvp.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\zmpm.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\zlvlgaoro.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\zhbezzk.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\zgtn.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\zbu.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\yztg.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\ywcotf.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\yruogei.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\yqwnxmuqkr.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\ynbpico.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\yft.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\yfguqg.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\yfddtyco.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\yeqc.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\ybcwdcj.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\xrjmwls.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\xratz.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\xnrwoffi.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\xkiazoygsu.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\xitroqxj.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\xibfo.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\xhxj.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\xhliavnncf.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\xhi.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\xhepiahgu.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\xei.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\xdu.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\xbwudob.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\xbeumyws.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\xabxrnwognq.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\wztapis.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\wvpmojcpagc.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\wvmaql.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\wuienx.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\wtkvqxla.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\wmcwjfwebcg.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\wmaeoulj.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\wjjkwjxof.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\wjd.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\wgfzxqxc.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\vwx.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\vwvpxtf.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\vuzy.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\vtccpjjxhbl.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\vpymgh.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\vky.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\vhgdwwy.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\vexcv.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\vekhfmquvd.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\uvhkeoo.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\uuknvmo.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\upqsk.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\ujupkolaxz.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\uilhoi.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\uhgxcxne.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\ugh.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\udixx.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\ubomomrwsdk.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\uaqqwmjt.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\tubh.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\tttpgilubhz.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\tmksiwyo.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\tjerrruiu.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\tixbprzs.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\tgysztaa.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\tgp.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\tcu.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\szanch.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\swrosmstc.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\swmx.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\svh.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\surl.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\sthnpbr.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\srt.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\sqrvkkbktxz.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\sntlrnm.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\slfzi.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\skjqlknoa.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\skcx.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\sjzadmi.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\sfsz.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\rzuc.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\rvitifkhda.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\ruwy.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\rumiqlhw.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\rtsquze.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\rpz.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\rnni.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\rnaxcorvnpm.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\rmkgnn.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\riffaw.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\rifbww.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\rhw.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\rfbddh.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\refyhravcw.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\rckntimj.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\rbou.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\qzegqoobxiy.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\qxbus.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\qttwzyei.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\qsopsnklrnj.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\qrpcq.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\qqqt.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\qqqewpfdl.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\qpghwlpi.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\qnretzig.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\qheefqe.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\qgqkumwr.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\qbdvroefxtf.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\pxluctu.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\pvsbacopgo.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\puxozpwjj.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\ptfcgaof.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\psxulyb.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\psuezqksw.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\pqognjycvt.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\pqjjgvrcrr.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\pplmagu.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\pjtdqi.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\phcioojd.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\pefaimbebk.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\pedcjlq.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\pcpmvigyknw.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\pclkwlz.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\pathdekgnl.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\oxxpcqneqfk.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\ousspnt.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\otvbczqzr.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\otorwgb.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\oofzxmm.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\oofsbkfk.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\ooaomuyhvz.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\onuhfaqdr.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\olhdsirhbjm.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\olcfhmx.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\okbzdweogsf.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\oicryjbsxhd.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\ogn.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\ogknbwh.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\ocduhsoaeky.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\ntpp.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\npuailglpt.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\netcd.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\ndpxrjvfik.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\narceunvfsr.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\mxdvmytw.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\mwzhlh.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\mwuwz.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\mvhxlyyr.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\mpuqpwyjjoe.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\mlfml.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\minowwpnhw.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\mhymnl.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\mhefcltipun.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\mflohpswrxl.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\mcrrrdylbyb.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\mbufohzbd.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\mbpbf.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\maynwlp.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\lxjydaq.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\lwcnbd.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\lvzw.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\lvjfqnrfy.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\lqya.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\lnm.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\lmkwvtfa.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\liif.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\lhlcj.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\lffhqjpt.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\ldna.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\ktkvvqws.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\kragnbr.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\kppamcnflm.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\kokjkgnayl.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\knk.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\kkrk.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\kjvzwobzke.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\kgqeevfnt.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\kfkegdfzsmf.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\kblu.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\kaddzumq.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\jxqxva.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\jvpytddxshm.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\jvanbm.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\jscxtijpp.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\jecbuzopv.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\jazdltqdat.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\ixrmyzmuf.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\ivz.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\itshnv.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\ithugwck.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\isnvgwxvzx.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\imisiwl.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\ilppyukvb.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\ikvd.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\ifvbafbi.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\iduxw.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\ict.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\ibqvywo.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\hxpuo.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\hxokmtz.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\hulemjbpzih.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\htzs.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\htubwk.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\hrfumedgw.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\hqwxnfwmq.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\hoboh.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\hmzimwaq.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\hiushfclfla.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\hhxjfatux.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\hgu.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\hgdxppghmnp.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\hfaptb.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\hbqnkzjqm.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\gzswrdxw.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\gxveh.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\gxiglgpq.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\gwegf.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\gswxesatox.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\gksspjwk.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\gjrxn.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\giemuzl.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\ghdvcccqxcv.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\ggjxmqh.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\gecrm.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\gcgii.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\gbx.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\fzzu.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\fyvyvw.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\fqat.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\fnyj.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\fnxe.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\fmlgoxxnn.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\fkuuzbgv.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\fhagevihj.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\fas.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\ezafudvoiyt.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\err.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\epuzw.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\ehe.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\egskehx.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\eewo.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\eesejbzog.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\edsljcdivuy.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\ecisfvuhpa.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\dxrnzku.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\dqajfj.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\dmuuqmc.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\dmtlsnues.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\dkfd.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\djzobvavx.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\dgppwo.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\dgckkqqq.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\dfswulgomz.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\detwvkklv.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\defhdp.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\ctxnogspj.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\cqbt.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\cntaml.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\civwzqm.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\cfclssx.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\cdntf.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\cbqynozbpo.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\cbgvboorrjj.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\bzyz.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\byoqvakieh.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\bxqecmpfn.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\bulcyfilrrd.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\bsxkwl.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\bsmobir.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\blxcchdo.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\betjex.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\baxqskha.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\azuxhafgo.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\ayyyufnvi.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\auemdu.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\aso.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\arembuqqlhl.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\apluecjxljh.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\akjgqsepny.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\ajnzyssdz.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\ajfm.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\aesvs.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\aclcvmx.ini
[2012/07/12 20:07:00 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Techno Kit
[2012/07/12 20:07:00 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Tables
[2012/07/12 20:07:00 | 000,000,268 | RH-- | C] () -- C:\Users\ALEDAN\AppData\Roaming\Synth Textures
[2012/07/12 20:07:00 | 000,000,268 | RH-- | C] () -- C:\Users\ALEDAN\AppData\Roaming\Synth Pads
[2012/07/12 20:07:00 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLev.DAT
[2012/07/12 20:07:00 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLes.DAT
[2012/07/12 20:06:59 | 000,000,268 | RH-- | C] () -- C:\ProgramData\SystemConfiguration
[2012/07/12 20:06:59 | 000,000,268 | RH-- | C] () -- C:\Users\ALEDAN\AppData\Roaming\Synth Leads
[2012/07/12 20:06:59 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLet.DAT
[2012/06/27 15:41:53 | 000,196,676 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT
[2012/06/27 14:05:33 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2012/06/27 14:05:04 | 000,015,128 | R--- | C] () -- C:\Windows\System32\drivers\IntelMEFWVer.dll
[2012/06/27 14:03:42 | 000,094,208 | ---- | C] () -- C:\Windows\System32\IccLibDll.dll
[2012/06/27 14:03:42 | 000,000,264 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config
[2012/03/19 23:37:12 | 000,755,188 | ---- | C] () -- C:\Windows\System32\igkrng700.bin
[2012/03/19 23:37:12 | 000,561,508 | ---- | C] () -- C:\Windows\System32\igfcg700m.bin
[2012/03/19 23:25:58 | 000,058,880 | ---- | C] () -- C:\Windows\System32\igdde32.dll
[2012/03/19 22:23:38 | 013,024,256 | ---- | C] () -- C:\Windows\System32\ig7icd32.dll
[2012/03/19 22:11:22 | 000,009,216 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
[2011/12/08 16:14:58 | 000,001,536 | ---- | C] () -- C:\Windows\System32\IusEventLog.dll
[2011/09/28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat

========== ZeroAccess Check ==========

[2009/07/14 12:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 12:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 20:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 09:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012/09/21 20:35:39 | 000,000,000 | ---D | M] -- C:\Users\ALEDAN\AppData\Roaming\Acapela Group
[2012/08/02 15:11:54 | 000,000,000 | ---D | M] -- C:\Users\ALEDAN\AppData\Roaming\Autodesk
[2012/08/04 08:47:04 | 000,000,000 | ---D | M] -- C:\Users\ALEDAN\AppData\Roaming\Babylon
[2012/08/06 16:39:47 | 000,000,000 | ---D | M] -- C:\Users\ALEDAN\AppData\Roaming\Canon
[2012/07/19 21:11:06 | 000,000,000 | ---D | M] -- C:\Users\ALEDAN\AppData\Roaming\fltk.org
[2012/09/28 11:31:54 | 000,000,000 | ---D | M] -- C:\Users\ALEDAN\AppData\Roaming\GarenaPlus
[2012/06/27 16:59:42 | 000,000,000 | ---D | M] -- C:\Users\ALEDAN\AppData\Roaming\Kalypso Media
[2012/08/02 15:52:38 | 000,000,000 | ---D | M] -- C:\Users\ALEDAN\AppData\Roaming\Lionhead Studios
[2012/08/04 08:49:21 | 000,000,000 | ---D | M] -- C:\Users\ALEDAN\AppData\Roaming\OpenCandy
[2012/09/13 20:44:31 | 000,000,000 | ---D | M] -- C:\Users\ALEDAN\AppData\Roaming\Registry Mechanic
[2012/07/18 13:43:12 | 000,000,000 | ---D | M] -- C:\Users\ALEDAN\AppData\Roaming\Rovio
[2012/09/11 20:06:18 | 000,000,000 | ---D | M] -- C:\Users\ALEDAN\AppData\Roaming\SystemRequirementsLab
[2012/08/22 15:18:02 | 000,000,000 | ---D | M] -- C:\Users\ALEDAN\AppData\Roaming\Tencent
[2012/07/03 20:32:50 | 000,000,000 | ---D | M] -- C:\Users\ALEDAN\AppData\Roaming\TERMINAL Studio
[2012/09/11 11:15:06 | 000,000,000 | ---D | M] -- C:\Users\ALEDAN\AppData\Roaming\Tific
[2012/07/02 09:42:12 | 000,000,000 | ---D | M] -- C:\Users\ALEDAN\AppData\Roaming\TypingMaster7
[2012/08/02 13:15:42 | 000,000,000 | ---D | M] -- C:\Users\ALEDAN\AppData\Roaming\updates
[2012/10/06 18:30:42 | 000,000,000 | ---D | M] -- C:\Users\ALEDAN\AppData\Roaming\uTorrent
[2012/07/30 22:23:15 | 000,000,000 | ---D | M] -- C:\Users\ALEDAN\AppData\Roaming\Windows Live Writer
[2012/08/02 13:15:54 | 000,000,000 | ---D | M] -- C:\Users\ALEDAN\AppData\Roaming\x2pvgb1qvzsknqjetrqkifgdigi3hgwh2

========== Purity Check ==========



========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< MD5 for: EXPLORER.EXE >
[2011/02/26 13:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009/07/14 09:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011/02/26 13:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009/10/31 13:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011/02/26 13:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010/11/20 20:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011/02/25 13:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011/02/25 13:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009/08/03 13:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009/08/03 13:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009/10/31 14:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: SERVICES >
[2012/07/26 18:34:12 | 000,017,588 | ---- | M] () MD5=83CDF27DD50F7623AB8D3D876D89487A -- C:\Windows\System32\drivers\etc\services
[2009/06/11 05:39:37 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_045b589158ae90da\services

< MD5 for: SERVICES.CFG >
[2012/07/28 04:51:34 | 000,586,083 | ---- | M] () MD5=6DE4EA437EC1FE6DB27CADB0A7EA8DC2 -- C:\Program Files\Adobe\Reader 10.0\Reader\Services\Services.cfg
[2011/06/06 12:55:30 | 000,584,045 | R--- | M] () MD5=B82DD53FA8C260DDD7FDC42182DB816E -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\services.cfg

< MD5 for: SERVICES.EXE >
[2009/07/14 09:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009/07/14 09:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe

< MD5 for: SERVICES.EXE.MUI >
[2009/07/14 10:03:06 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=0DA5F221169DEB5AC3A22465CD6F0281 -- C:\Windows\System32\en-US\services.exe.mui
[2009/07/14 10:03:06 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=0DA5F221169DEB5AC3A22465CD6F0281 -- C:\Windows\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_en-us_69d39d3a8748c332\services.exe.mui

< MD5 for: SERVICES.LNK >
[2009/07/14 12:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 12:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk

< MD5 for: SERVICES.MOF >
[2009/06/11 05:26:14 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\System32\wbem\services.mof
[2009/06/11 05:26:14 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.mof

< MD5 for: SERVICES.MSC >
[2009/07/14 10:08:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\System32\en-US\services.msc
[2009/06/11 05:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\System32\services.msc
[2009/07/14 10:08:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_a4156d265db25d25\services.msc
[2009/06/11 05:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_cf3a38c7a70e7a54\services.msc

< MD5 for: SERVICES.PTXML >
[2009/07/14 04:20:01 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\System32\wdi\perftrack\Services.ptxml
[2009/07/14 04:20:01 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\Services.ptxml

< MD5 for: SERVICES.SETTINGS >
[2012/07/03 09:15:28 | 000,001,622 | ---- | M] () MD5=488D8CC923D82E3FADA846EF9587A289 -- C:\Users\ALEDAN\.netbeans\7.1.2\config\Windows2Local\Components\services.settings

< MD5 for: SERVICES.WSTCGRP >
[2012/07/03 09:15:29 | 000,000,225 | ---- | M] () MD5=E4AD31A486D75BC449F02775904D2430 -- C:\Users\ALEDAN\.netbeans\7.1.2\config\Windows2Local\Groups\InitialLayout\services.wstcgrp
[2012/07/03 09:15:29 | 000,000,225 | ---- | M] () MD5=E4AD31A486D75BC449F02775904D2430 -- C:\Users\ALEDAN\.netbeans\7.1.2\config\Windows2Local\Groups\OpenedProjects\services.wstcgrp

< MD5 for: SERVICES.WSTCREF >
[2012/07/03 09:15:29 | 000,000,178 | ---- | M] () MD5=B7364346EA621263FFE51C6E9579C3CF -- C:\Users\ALEDAN\.netbeans\7.1.2\config\Windows2Local\Modes\leftSlidingSide\services.wstcref

< MD5 for: SVCHOST.EXE >
[2009/07/14 09:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009/07/14 09:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: USERINIT.EXE >
[2010/11/20 20:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010/11/20 20:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/14 09:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009/10/28 14:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009/10/28 13:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010/11/20 20:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010/11/20 20:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009/07/14 09:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< %systemroot%\*. /mp /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:862BDB1A
@Alternate Data Stream - 140 bytes -> C:\ProgramData\Temp:CB0AACC9
@Alternate Data Stream - 136 bytes -> C:\ProgramData\Temp:A1EDB939
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:56E2E879
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:D1B5B4F1

< End of report >


---------
  • 0

#3
howdydodah
Posted 06 October 2012 - 06:08 AM

howdydodah

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
this is for Extras notes for OTL:

---------

OTL Extras logfile created on: 10/6/2012 6:23:09 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ALEDAN\Documents\apps\softwares\antivirus
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00003409 | Country: Philippines | Language: ENP | Date Format: M/d/yyyy

3.41 Gb Total Physical Memory | 2.09 Gb Available Physical Memory | 61.42% Memory free
6.82 Gb Paging File | 4.71 Gb Available in Paging File | 69.13% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465.66 Gb Total Space | 38.68 Gb Free Space | 8.31% Space Free | Partition Type: NTFS

Computer Name: ALEDAN-PC | User Name: ALEDAN | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [SPEEDbitVideoConverter] -- "C:\Program Files\SPEEDbit Video Downloader\Converter.exe" -convert=%1
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0F81F997-1D3C-4A30-B549-A381C66C1453}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{19A64EA5-7684-472F-BB6B-EAA75DF4447D}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{323EEB35-6767-4386-9DF2-1B75A69DD380}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe |
"{341632AB-843E-4B2E-A811-1413F8760F07}" = lport=139 | protocol=6 | dir=in | app=system |
"{38285DB2-E501-4281-9B20-C07B0E508A50}" = rport=137 | protocol=17 | dir=out | app=system |
"{42024358-9171-46D4-9118-632FDE2161EB}" = lport=138 | protocol=17 | dir=in | app=system |
"{7CC3399A-1C7A-48E5-AD40-FA806ABB368B}" = rport=139 | protocol=6 | dir=out | app=system |
"{7E1F9988-61AF-4892-B018-CED0998CF446}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{96F0A10B-12CF-4324-ADD7-37CEBD780F78}" = rport=445 | protocol=6 | dir=out | app=system |
"{AC76F6B7-E8CD-4BBB-A329-06D35FCF449F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{BC30F7A9-CC9E-450B-8599-CC6C0577DD6E}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{C870ED00-28FA-4824-B7D1-A06E8FDE24B2}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{C9D2FCA8-DA47-4668-A0B3-8EF3B435B0AF}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CB154548-3331-453D-A12F-DC2488BBE732}" = rport=138 | protocol=17 | dir=out | app=system |
"{D0C8D456-90D0-4D59-9B8A-1B1F3071DA1B}" = lport=137 | protocol=17 | dir=in | app=system |
"{E2E593B4-71DD-453D-BED5-7EE92F5772FA}" = lport=445 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00E153B6-97C8-4802-BF42-A74B493D2AB3}" = protocol=6 | dir=in | app=c:\program files\autodesk\3ds max 2010\mentalray\satellite\raysat_3dsmax2010_32.exe |
"{04831072-079A-4918-83C2-8BCC2A4FF59A}" = protocol=6 | dir=in | app=c:\program files\tencent\qqintl\bin\auclt.exe |
"{0BBB80D8-4365-4439-98B6-35F5B4DB5629}" = protocol=17 | dir=in | app=c:\program files\tencent\qqintl\bin\qq.exe |
"{0D674037-4DC6-4560-95E2-C725665A542E}" = dir=in | app=c:\users\aledan\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{10A1AD2B-DEF1-4DB9-9EC0-3A0962D04866}" = protocol=6 | dir=in | app=c:\program files\starcraft ii\starcraft ii.exe |
"{1AF22E5A-18CA-441C-9DEC-127E702C8323}" = protocol=6 | dir=in | app=c:\users\aledan\downloads\solutoinstaller-_wb6x4gsf7h9.exe |
"{1BCEF63B-024C-4C68-9B74-8CE318A0D7C5}" = protocol=6 | dir=in | app=c:\program files\atari\neverwinter nights 2\nwupdate.exe |
"{208F604E-890F-4982-8F88-98AFCDC66EF4}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{21ABC1D0-377B-4C0E-A23F-56C3C90A532F}" = protocol=17 | dir=in | app=c:\program files\autodesk\backburner\monitor.exe |
"{22424B56-30B7-432C-AF20-9D75762EA468}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{24F174FB-B420-41F1-9F8D-2118BBB628AB}" = protocol=6 | dir=in | app=c:\program files\autodesk\3ds max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe |
"{2C7DF306-B0BB-450B-8933-930E11454493}" = protocol=6 | dir=in | app=c:\program files\tencent\qqintl\bin\qq.exe |
"{3092799B-768F-4223-A454-EAC1E16E4C4F}" = protocol=6 | dir=in | app=c:\program files\soluto\solutoconsole.exe |
"{30C43E9A-7401-459F-9579-D00DFFBB240B}" = protocol=17 | dir=in | app=c:\program files\autodesk\backburner\server.exe |
"{3B99F365-F006-4470-90FA-627CDFA58429}" = protocol=17 | dir=in | app=c:\program files\atari\neverwinter nights 2\nwupdate.exe |
"{3BAFEDE5-5861-4588-99E7-AE5BB7678D35}" = protocol=17 | dir=in | app=c:\program files\autodesk\backburner\manager.exe |
"{41210187-02CC-4043-AD6F-5EDF6806E0E7}" = protocol=6 | dir=in | app=c:\program files\autodesk\backburner\monitor.exe |
"{44A1FD93-B575-4521-85B4-2AEFEC1CC50B}" = protocol=17 | dir=in | app=c:\program files\atari\neverwinter nights 2\nwn2main.exe |
"{4766242C-CF0E-4228-B4C9-49EC95A74253}" = protocol=6 | dir=in | app=c:\program files\dragon nest\dragonnest.exe |
"{478AB194-89E8-4788-B2C0-8BF693CA48C6}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{4B7905BB-6A5A-4A76-AAEA-3B9CC4630562}" = protocol=17 | dir=in | app=c:\program files\tencent\qqintl\bin\auclt.exe |
"{4B9165F9-D629-497C-8A64-9E2E6CA9C380}" = protocol=6 | dir=in | app=c:\program files\autodesk\3ds max 2010\3dsmax.exe |
"{4CBB60D8-D5D3-4DE0-B789-5F161E203444}" = protocol=6 | dir=in | app=c:\users\aledan\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{5321D619-5762-4CF9-9CC1-389F2E6F8A88}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{552D5536-9CB2-498F-9E20-AB837B7BE852}" = protocol=17 | dir=in | app=c:\program files\soluto\solutoservice.exe |
"{580AF101-9488-43C7-97CE-88671E664AD8}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1199\agent.exe |
"{58995706-C881-4AB2-BF2F-FC21C561825A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{60BCEC64-CB1F-4C45-A196-2C1AA4BE5F38}" = protocol=6 | dir=in | app=c:\program files\autodesk\backburner\server.exe |
"{6135DCB0-5C5D-43B9-8CBE-5DC21651E0DD}" = protocol=17 | dir=in | app=c:\program files\autodesk\3ds max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe |
"{6BEBAC62-1F54-4D4F-B419-01955077EF1E}" = protocol=6 | dir=in | app=c:\program files\soluto\solutoupdateservice.exe |
"{6D203E23-9FFE-4C11-A959-41C89F4BEB4B}" = protocol=6 | dir=in | app=c:\program files\atari\neverwinter nights 2\nwn2main.exe |
"{6F6E21B0-F758-46E5-A778-9D82EF5378A3}" = protocol=1 | dir=out | [email protected],-28544 |
"{757CB006-ADC9-492C-9A72-C6A56F35810A}" = protocol=58 | dir=out | [email protected],-28546 |
"{763C3201-0F0E-4723-A40A-874E69DEF393}" = protocol=17 | dir=in | app=c:\program files\autodesk\3ds max 2010\3dsmax.exe |
"{783D2BDC-3F66-42BF-8CFD-2D28E34AAFC2}" = protocol=6 | dir=in | app=c:\program files\soluto\solutoservice.exe |
"{7856CF98-1651-4C8F-917B-07BCF8DE9691}" = protocol=6 | dir=in | app=c:\program files\atari\neverwinter nights 2\nwn2main_amdxp.exe |
"{79683AD3-B5F4-4B4D-9543-7F325B774CAB}" = protocol=17 | dir=in | app=c:\program files\soluto\solutocleanup.exe |
"{7AD6091A-E927-4765-891C-1C61E4CB3ED0}" = protocol=17 | dir=in | app=c:\program files\starcraft ii\starcraft ii.exe |
"{7C22D11D-7E6A-441C-A215-0160F3C0AEB5}" = protocol=6 | dir=in | app=c:\program files\autodesk\backburner\manager.exe |
"{82CAD38D-2FA8-4712-ACDA-28791E13B88B}" = protocol=6 | dir=in | app=c:\program files\soluto\solutocleanup.exe |
"{82D46953-5BA7-49D8-B13F-5EC131EA4B90}" = protocol=17 | dir=in | app=c:\users\aledan\downloads\solutoinstaller-_wb6x4gsf7h9.exe |
"{85562106-5C1F-437A-A2BB-39A2F895E879}" = protocol=17 | dir=in | app=c:\program files\soluto\solutoconsole.exe |
"{8967B099-B720-4976-9441-C5D4A34B4F7E}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\dota 2 beta\dota.exe |
"{8B0EA261-8A55-445C-B8C8-1B6A0E277FCE}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{8BFCB8E0-C116-442B-8F1C-34CF7B7DF8CD}" = protocol=17 | dir=in | app=c:\program files\tencent\qqintl\bin\txupd.exe |
"{902CF713-B10A-4E50-9E1D-B610D424BA91}" = protocol=17 | dir=in | app=c:\program files\autodesk\backburner\monitor.exe |
"{93762476-8993-411C-8AF5-CBF7DD97FB99}" = protocol=17 | dir=in | app=c:\program files\dragon nest\dragonnest.exe |
"{994E1CA5-3E25-449F-9A96-2B85FF5AB4CA}" = protocol=6 | dir=in | app=c:\program files\autodesk\backburner\server.exe |
"{99B4E6C0-EA78-4F7F-8325-1DAC0E45BADF}" = protocol=58 | dir=in | [email protected],-28545 |
"{9A6B8ADB-76A0-4DFA-A409-24DCF6171C54}" = protocol=6 | dir=in | app=c:\program files\autodesk\backburner\monitor.exe |
"{9AFE4F85-B09E-430E-8D71-2320948CFBA6}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{9D6168D0-2E33-44E9-85A2-D9D5D3851EB3}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{9E050EA5-587C-4021-8344-EF0FAC6AAA27}" = protocol=17 | dir=in | app=c:\program files\diablo iii collectors edition\diablo iii.exe |
"{9E257AF7-0561-4DC4-8100-2E32F779E74D}" = protocol=17 | dir=in | app=c:\program files\soluto\solutoupdateservice.exe |
"{A29A83B0-5D1A-4BE4-A9BE-B280D5F4545A}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{ACA2C551-19C7-46F3-AB45-2A5C5501034A}" = protocol=6 | dir=in | app=c:\program files\atari\neverwinter nights 2\nwn2server.exe |
"{B2C30012-B540-4B1B-AFBD-C2EE4CF20BD2}" = protocol=17 | dir=in | app=c:\program files\autodesk\3ds max 2010\mentalray\satellite\raysat_3dsmax2010_32.exe |
"{B2C72A5A-6E5A-48F9-9B46-CC1F1D8DF907}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{BB54EACB-22B3-4221-98D9-995261BB7713}" = protocol=17 | dir=in | app=c:\program files\autodesk\backburner\manager.exe |
"{C0138762-6D26-4461-8E55-E660CF068399}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{C2224DC6-467E-48C4-BDE6-E4153BABF1BC}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{C5401429-177E-4B86-B301-34FDEAA777A0}" = protocol=6 | dir=in | app=c:\program files\autodesk\backburner\manager.exe |
"{CC5F45E0-E10C-43FE-BAFE-31E0FE40FD00}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{D26F10EF-CF3F-4C3D-880A-14B4E54F3209}" = protocol=1 | dir=in | [email protected],-28543 |
"{D8D2C15C-B4F0-4898-B53E-C6B7E53526D9}" = protocol=17 | dir=in | app=c:\program files\soluto\soluto.exe |
"{D9EC1360-69CA-49E5-B5D2-8F3122BA1740}" = protocol=6 | dir=in | app=c:\program files\pandora.tv\panservice\pandoraservice.exe |
"{E1EE9A3D-939D-41F9-A123-40F84EB7EF01}" = protocol=17 | dir=in | app=c:\users\aledan\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{E3BC94B0-3400-4B16-B299-ABE3F9152AAA}" = protocol=6 | dir=in | app=c:\program files\soluto\soluto.exe |
"{EDDB2CB8-0B8F-4501-BF4B-7E97C2EACBC9}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\dota 2 beta\dota.exe |
"{EE059335-95EB-4E55-9A03-4BBF8C32805B}" = protocol=6 | dir=in | app=c:\program files\diablo iii collectors edition\diablo iii.exe |
"{EF9BDA3F-C4B5-41F5-B523-4328C59B128E}" = protocol=6 | dir=in | app=c:\program files\tencent\qqintl\bin\txupd.exe |
"{F46DDCE6-52EC-46C2-93AC-4779EC8FE0B0}" = protocol=17 | dir=in | app=c:\program files\pandora.tv\panservice\pandoraservice.exe |
"{F6B17D2C-19F5-4C1C-A9F9-39A785766F75}" = protocol=17 | dir=in | app=c:\program files\atari\neverwinter nights 2\nwn2main_amdxp.exe |
"{F85E43AE-A3C2-4EE4-9F54-E778831C89BC}" = protocol=17 | dir=in | app=c:\program files\atari\neverwinter nights 2\nwn2server.exe |
"{FB2C000D-13A4-4374-B860-7EA2ED7CAB5A}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{FEA78261-ABE6-47B7-832E-8472B7D9E3C6}" = protocol=17 | dir=in | app=c:\program files\autodesk\backburner\server.exe |
"{FF31ECFD-C25C-4E29-86DF-7AF72A049A62}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1199\agent.exe |
"TCP Query User{BC86ADC2-0738-455E-B0C2-602AA0481CEA}C:\program files\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"UDP Query User{C8EC966B-FAA5-464D-A789-6B6F87FD67E6}C:\program files\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP280_series" = Canon MP280 series MP Drivers
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{17504ED4-DB08-40A8-81C2-27D8C01581DA}" = Windows Live Remote Service Resources
"{1759FA61-153B-436D-A663-E7C50D80D2D8}_is1" = Batman Arkham City
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1A10532B-CC99-415C-A51F-B8418DE7A395}" = Ginger
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{202C473A-7EB8-4EFD-9878-3B90F31BA7DE}" = Soluto
"{2042E020-A633-44CC-BD1D-9851A7C19365}" = Overwolf
"{2222706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1 SDK
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel® USB 3.0 eXtensible Host Controller Driver
"{247C5DDA-FFD7-44E0-8BF7-79BC80A0BF87}" = Windows Live Family Safety
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java™ 7 Update 5
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2D6E3D97-1FDF-4993-AC75-72F59EC445C5}" = Windows Live Family Safety
"{317AC0C7-FEBF-0409-87A3-4FC70D0ED900}" = Autodesk 3ds Max 2010 32-bit
"{32A3A4F4-B792-11D6-A78A-00B0D0170050}" = Java SE Development Kit 7 Update 5
"{33286280-8617-11E1-8FF6-B8AC6F97B88E}" = Google Earth Plug-in
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3BEF9769-BA52-18F7-1D02-2362F6A27E38}" = Adobe Media Player
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3CA54984-A14B-42FE-9FF1-7EA90151D725}" = Tencent QQ
"{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Autodesk Backburner 2013.0.0
"{411F3ABA-2AB5-4799-AA19-6ADF0A8F7424}" = Adobe Setup
"{417D86A0-89FE-4308-B172-45B74DCE6F8F}" = USB2.0 PC Camera
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets
"{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4
"{464B3406-A4D0-4914-910F-7CA4380DCC13}" = Windows Live Remote Client Resources
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4D53090A-CE35-42BD-B377-831000018301}" = Fable III
"{4D53090A-CE35-42BD-B377-831000018302}" = Fable III
"{4D53090A-CE35-42BD-B377-831000018303}" = Fable III
"{4D53090A-CE35-42BD-B377-831000018304}" = Fable III
"{4D53090A-CE35-42BD-B377-831000018305}" = Fable III
"{4D53090A-CE35-42BD-B377-831000018306}" = Fable III
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{65CB4C08-C47B-4A7E-A6A4-50C06ADA5FC6}" = Adobe AIR
"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{70103B1F-2C4A-4DE9-ACA2-F81FCDA2D642}" = Audition Dance Battle
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73FE5D3B-CDD2-4B70-A996-C2D19B8765A0}_is1" = EZ Charger
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}" = Norton Internet Security
"{7CAC6A44-C3DE-4153-ACA6-7524602C789E}" = Facebook Video Calling 1.2.0.159
"{815928D4-B230-40C7-AEEF-FCC3DC4B3C59}" = Aeria Ignite
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{83AA2913-C123-4146-85BD-AD8F93971D39}" = BabylonObjectInstaller
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{852F940A-BE93-4DF9-98E5-6F5FA7AFF3EE}" = Intel® Trusted Connect Service Client
"{87441A59-5E64-4096-A170-14EFE67200C3}" = Picture Control Utility
"{887868A2-D6DE-3255-AA92-AA0B5A59B874}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0000-0000-0000000FF1CE}" = Microsoft Office Excel 2010
"{90140000-0016-0000-0000-0000000FF1CE}_Office14.EXCEL_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.EXCEL_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0000-0000-0000000FF1CE}" = Microsoft Office Word 2010
"{90140000-001B-0000-0000-0000000FF1CE}_Office14.WORD_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.WORD_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.EXCEL_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.VISIO_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.WORD_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.EXCEL_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.VISIO_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.WORD_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.EXCEL_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.VISIO_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.WORD_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.EXCEL_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.PROPLUS_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.VISIO_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.WORD_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0054-0409-0000-0000000FF1CE}" = Microsoft Office Visio MUI (English) 2010
"{90140000-0054-0409-0000-0000000FF1CE}_Office14.VISIO_{CDC4310F-8189-485F-B47D-D972217CE173}" = Microsoft Office 2010 Language Pack Service Pack 1 (SP1)
"{90140000-0057-0000-0000-0000000FF1CE}" = Microsoft Office Visio 2010
"{90140000-0057-0000-0000-0000000FF1CE}_Office14.VISIO_{01D8AE4B-A04D-47E5-81BF-E3F98B81B8C3}" = Microsoft Visio 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.EXCEL_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUS_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.VISIO_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.WORD_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.EXCEL_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.PROPLUS_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.VISIO_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.WORD_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{9158FF30-78D7-40EF-B83E-451AC5334640}" = Adobe Photoshop CS5.1
"{92203FA0-7C43-429F-857C-0AE197D8199C}" = Composite 2013
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{98B6FB8A-8638-4037-AD44-CF7D0EEAB875}_is1" = TypingMaster Pro
"{98EABC7F-B1A1-43A5-B505-5B4EC3908DCD}" = Microsoft Security Client
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A04F8183-B0AC-44B1-9947-DC8AFD1194DD}" = Autodesk MatchMover 2013 32-bit
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A6C48A9F-694A-4234-B3AA-62590B668927}" = Intel® Manageability Engine Firmware Recovery Agent
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4)
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4
"{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4
"{B4F3A360-E1E2-479D-ADE7-9BE3B07F4539}" = NVIDIA PhysX
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C71067FC-288F-4E0B-88C6-44DFDA8311E2}" = System Requirements Lab for Intel
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{D9345CD7-D0F8-4674-90CF-A0AB41EEF440}" = Autodesk Maya 2013 32-bit
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DDD62492-32A7-412B-8AF1-2CF032AD42E3}" = ViewNX 2
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DF623CC7-92A0-429C-AB75-C48C00B878EE}_is1" = eSF
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E8D7B35C-93B1-317E-9403-2BBBA2154ABF}" = Google Talk Plugin
"{EA939A8F-7F8C-4A89-8531-FBE2F11590F0}_is1" = eOC
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F63F15F6-2505-4B57-91AA-7EBD75C5477C}" = Autodesk DirectConnect 2013 32-bit
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel® OpenCL CPU Runtime
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe_3dcb365ab9e01871fb8c6f27b0ea079" = Adobe After Effects CS4
"Aeria Ignite" = Aeria Ignite
"Aeria Ignite 1.10.1721" = Aeria Ignite
"Android SDK Tools" = Android SDK Tools
"Astro Gemini Screensaver Manager_is1" = Astro Gemini Screensaver Manager 1.2
"Autodesk DirectConnect 2013 32-bit" = Autodesk DirectConnect 2013 32-bit
"Autodesk FBX Plugin 2009.4 - 3ds Max 2010" = Autodesk FBX Plugin 2009.4 - 3ds Max 2010
"Autodesk FBX Plug-in 2013.1 - Maya 2013" = Autodesk FBX Plug-in 2013.1 - Maya 2013
"Autodesk Maya 2013 32-bit" = Autodesk Maya 2013 32-bit
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"AVS4YOU Video Converter 7_is1" = AVS Video Converter 7
"C9(Continent of the Ninth Seal)_is1" = C9
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenuEX" = Canon Solution Menu EX
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1" = Adobe Media Player
"D3Emu_is1" = D3Emu
"Diablo III Collectors Edition_is1" = Diablo III Collectors Edition
"Dinosaurs 3D Screensaver_is1" = Dinosaurs 3D Screensaver 1.0
"Do Not Track Plus Add-on_is1" = Do Not Track Plus Add-on 2.2.1.827
"Download Accelerator Plus (DAP)" = Download Accelerator Plus (DAP)
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"eBLU_is1" = eBLU
"eDLU_is1" = eDLU
"ffdshow_is1" = ffdshow [rev 3154] [2009-12-09]
"Game Booster_is1" = Game Booster 3
"im" = Garena Plus
"InstallShield_{1A10532B-CC99-415C-A51F-B8418DE7A395}" = Ginger
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"MP Navigator EX 4.0" = Canon MP Navigator EX 4.0
"N360" = Norton 360
"nbi-glassfish-mod-3.1.2.23.0" = GlassFish Server Open Source Edition 3.1.2
"nbi-nb-base-7.1.2.0.0" = NetBeans IDE 7.1.2
"nbi-tomcat-7.0.22.0.0" = Apache Tomcat 7.0.22
"Office14.EXCEL" = Microsoft Excel 2010
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Office14.VISIO" = Microsoft Visio Premium 2010
"Office14.WORD" = Microsoft Word 2010
"PowerISO" = PowerISO
"Rakion International_is1" = Rakion International
"RealPlayer 15.0" = RealPlayer
"Registry Mechanic_is1" = PC Tools Registry Mechanic 11.0
"Savage 2 2.1.0.5" = Savage 2
"Security Task Manager" = Security Task Manager 1.8d
"Shaiya" = Shaiya
"StarCraft II" = StarCraft II
"Steam App 570" = Dota 2
"uTorrent" = µTorrent
"uTorrentControl_v2 Toolbar" = uTorrentControl_v2 Toolbar
"VLC media player" = VLC media player 2.0.2
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.20 (32-bit)
"xCounter-Strike 1.6  " = xCounter-Strike 1.6  
"Xvid Video Codec 1.3.1" = Xvid Video Codec
"Yahoo! Messenger" = Yahoo! Messenger

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"Google Chrome" = Google Chrome
"Hawken" = Hawken
"RavenBleuSA" = RavenBleu
"SOE-DC Universe Online Live" = DC Universe Online Live
"Winamp Detect" = Winamp Detector Plug-in

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 9/28/2012 6:45:15 AM | Computer Name = ALEDAN-PC | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 9.0.8112.16450,
time stamp: 0x503723f6 Faulting module name: ntdll.dll, version: 6.1.7601.17725,
time stamp: 0x4ec49b60 Exception code: 0xc0000008 Fault offset: 0x00081e57 Faulting
process id: 0xed8 Faulting application start time: 0x01cd9d6657645c16 Faulting application
path: C:\Program Files\Internet Explorer\iexplore.exe Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report
Id: 958bcdbc-0959-11e2-bc9f-1078d24a3254

Error - 9/30/2012 12:50:20 AM | Computer Name = ALEDAN-PC | Source = .NET Runtime | ID = 1026
Description =

Error - 9/30/2012 12:50:37 AM | Computer Name = ALEDAN-PC | Source = Application Error | ID = 1000
Description = Faulting application name: aeriaignite.exe, version: 1.10.1721.0,
time stamp: 0x504e2c9d Faulting module name: unknown, version: 0.0.0.0, time stamp:
0x00000000 Exception code: 0xc0000005 Fault offset: 0x009c3d47 Faulting process id:
0xe84 Faulting application start time: 0x01cd9ec68b456ae3 Faulting application path:
C:\Program Files\Aeria Games\Ignite\aeriaignite.exe Faulting module path: unknown
Report
Id: 5fe9e897-0aba-11e2-b03a-1078d24a3254

Error - 9/30/2012 3:10:42 AM | Computer Name = ALEDAN-PC | Source = Application Hang | ID = 1002
Description = The program ccSvcHst.exe version 109.0.4.9 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: af8 Start
Time: 01cd9eda3b519738 Termination Time: 6 Application Path: C:\Program Files\Norton
360\Engine\4.4.0.12\ccSvcHst.exe Report Id: c02c8504-0acd-11e2-bfe0-1078d24a3254


Error - 9/30/2012 10:46:47 PM | Computer Name = ALEDAN-PC | Source = MsiInstaller | ID = 11730
Description =

Error - 10/1/2012 12:34:01 AM | Computer Name = ALEDAN-PC | Source = Application Hang | ID = 1002
Description = The program realplay.exe version 15.0.5.109 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 16f0 Start
Time: 01cd9f8da7a2bcf8 Termination Time: 3 Application Path: C:\Program Files\Real\RealPlayer\realplay.exe

Report
Id: 199b40ea-0b81-11e2-a607-1078d24a3254

Error - 10/3/2012 2:25:57 AM | Computer Name = ALEDAN-PC | Source = VSS | ID = 8194
Description =

Error - 10/4/2012 9:15:47 AM | Computer Name = ALEDAN-PC | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 9.0.8112.16450,
time stamp: 0x503723f6 Faulting module name: unknown, version: 0.0.0.0, time stamp:
0x00000000 Exception code: 0xc0000005 Fault offset: 0x028f5140 Faulting process id:
0x1818 Faulting application start time: 0x01cda231fc134157 Faulting application path:
C:\Program Files\Internet Explorer\iexplore.exe Faulting module path: unknown Report
Id: 9b7494bf-0e25-11e2-90d4-1078d24a3254

Error - 10/4/2012 9:18:48 AM | Computer Name = ALEDAN-PC | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 9.0.8112.16450,
time stamp: 0x503723f6 Faulting module name: unknown, version: 0.0.0.0, time stamp:
0x00000000 Exception code: 0xc0000005 Fault offset: 0x00883e28 Faulting process id:
0x1264 Faulting application start time: 0x01cda231f72966bc Faulting application path:
C:\Program Files\Internet Explorer\iexplore.exe Faulting module path: unknown Report
Id: 07e4f53a-0e26-11e2-90d4-1078d24a3254

Error - 10/5/2012 10:07:48 AM | Computer Name = ALEDAN-PC | Source = Windows Installer 3.1 | ID = 921877
Description =

Error - 10/6/2012 5:35:32 AM | Computer Name = ALEDAN-PC | Source = Application Error | ID = 1000
Description = Faulting application name: dota.exe, version: 0.0.0.0, time stamp:
0x5035e6bb Faulting module name: client.dll, version: 0.0.0.0, time stamp: 0x506f4285
Exception
code: 0xc0000005 Fault offset: 0x00aa6e2b Faulting process id: 0x6a4 Faulting application
start time: 0x01cda3a369fd40b8 Faulting application path: C:\Program Files\Steam\steamapps\common\dota
2 beta\dota.exe Faulting module path: c:\program files\steam\steamapps\common\dota
2 beta\dota\bin\client.dll Report Id: 2ba4fc9f-0f99-11e2-ade6-1078d24a3254

[ Media Center Events ]
Error - 9/1/2012 9:43:49 PM | Computer Name = ALEDAN-PC | Source = MCUpdate | ID = 0
Description = 9:43:45 AM - Error connecting to the internet. 9:43:45 AM - Unable
to contact server..

Error - 9/13/2012 12:46:05 AM | Computer Name = ALEDAN-PC | Source = MCUpdate | ID = 0
Description = 12:46:05 PM - Error connecting to the internet. 12:46:05 PM - Unable
to contact server..

Error - 9/13/2012 12:46:16 AM | Computer Name = ALEDAN-PC | Source = MCUpdate | ID = 0
Description = 12:46:10 PM - Error connecting to the internet. 12:46:10 PM - Unable
to contact server..

Error - 9/13/2012 12:46:44 AM | Computer Name = ALEDAN-PC | Source = MCUpdate | ID = 0
Description = 12:46:44 PM - Error connecting to the internet. 12:46:44 PM - Unable
to contact server..

Error - 9/13/2012 12:46:50 AM | Computer Name = ALEDAN-PC | Source = MCUpdate | ID = 0
Description = 12:46:49 PM - Error connecting to the internet. 12:46:49 PM - Unable
to contact server..

Error - 9/19/2012 10:19:47 PM | Computer Name = ALEDAN-PC | Source = MCUpdate | ID = 0
Description = 10:19:46 AM - Error connecting to the internet. 10:19:46 AM - Unable
to contact server..

Error - 9/19/2012 11:20:25 PM | Computer Name = ALEDAN-PC | Source = MCUpdate | ID = 0
Description = 11:20:24 AM - Error connecting to the internet. 11:20:24 AM - Unable
to contact server..

Error - 9/20/2012 3:42:02 AM | Computer Name = ALEDAN-PC | Source = MCUpdate | ID = 0
Description = 3:41:59 PM - Error connecting to the internet. 3:42:00 PM - Unable
to contact server..

Error - 9/20/2012 4:42:33 AM | Computer Name = ALEDAN-PC | Source = MCUpdate | ID = 0
Description = 4:42:32 PM - Error connecting to the internet. 4:42:32 PM - Unable
to contact server..

Error - 9/26/2012 1:35:12 AM | Computer Name = ALEDAN-PC | Source = MCUpdate | ID = 0
Description = 1:35:11 PM - Error connecting to the internet. 1:35:11 PM - Unable
to contact server..

[ System Events ]
Error - 9/14/2012 4:10:53 AM | Computer Name = ALEDAN-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.

Error - 9/14/2012 4:10:53 AM | Computer Name = ALEDAN-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.

Error - 9/14/2012 4:10:54 AM | Computer Name = ALEDAN-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.

Error - 9/14/2012 4:10:54 AM | Computer Name = ALEDAN-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.

Error - 9/14/2012 4:10:55 AM | Computer Name = ALEDAN-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.

Error - 9/14/2012 4:12:41 AM | Computer Name = ALEDAN-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.

Error - 9/14/2012 4:12:42 AM | Computer Name = ALEDAN-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.

Error - 9/14/2012 4:12:42 AM | Computer Name = ALEDAN-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.

Error - 9/14/2012 4:12:43 AM | Computer Name = ALEDAN-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.

Error - 9/14/2012 4:12:43 AM | Computer Name = ALEDAN-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.


< End of report >



----
  • 0

#4
howdydodah
Posted 06 October 2012 - 06:10 AM

howdydodah

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
this is for TDSSKiller reports:

------

18:48:29.0531 0248 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
18:48:31.0533 0248 ============================================================
18:48:31.0533 0248 Current date / time: 2012/10/06 18:48:31.0533
18:48:31.0533 0248 SystemInfo:
18:48:31.0533 0248
18:48:31.0533 0248 OS Version: 6.1.7601 ServicePack: 1.0
18:48:31.0533 0248 Product type: Workstation
18:48:31.0533 0248 ComputerName: ALEDAN-PC
18:48:31.0533 0248 UserName: ALEDAN
18:48:31.0534 0248 Windows directory: C:\Windows
18:48:31.0534 0248 System windows directory: C:\Windows
18:48:31.0534 0248 Processor architecture: Intel x86
18:48:31.0534 0248 Number of processors: 4
18:48:31.0534 0248 Page size: 0x1000
18:48:31.0534 0248 Boot type: Normal boot
18:48:31.0534 0248 ============================================================
18:48:33.0872 0248 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
18:48:33.0904 0248 ============================================================
18:48:33.0904 0248 \Device\Harddisk0\DR0:
18:48:33.0911 0248 MBR partitions:
18:48:33.0911 0248 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
18:48:33.0911 0248 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
18:48:33.0911 0248 ============================================================
18:48:33.0958 0248 C: <-> \Device\Harddisk0\DR0\Partition2
18:48:33.0958 0248 ============================================================
18:48:33.0958 0248 Initialize success
18:48:33.0958 0248 ============================================================
18:49:02.0163 5840 ============================================================
18:49:02.0163 5840 Scan started
18:49:02.0163 5840 Mode: Manual; SigCheck; TDLFS;
18:49:02.0163 5840 ============================================================
18:49:02.0941 5840 ================ Scan system memory ========================
18:49:02.0941 5840 System memory - ok
18:49:02.0943 5840 ================ Scan services =============================
18:49:03.0096 5840 1394hub - ok
18:49:03.0158 5840 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
18:49:03.0254 5840 1394ohci - ok
18:49:03.0344 5840 ACDaemon - ok
18:49:03.0417 5840 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
18:49:03.0463 5840 ACPI - ok
18:49:03.0505 5840 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
18:49:03.0540 5840 AcpiPmi - ok
18:49:03.0643 5840 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
18:49:03.0736 5840 AdobeARMservice - ok
18:49:03.0769 5840 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
18:49:03.0824 5840 adp94xx - ok
18:49:03.0829 5840 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
18:49:03.0854 5840 adpahci - ok
18:49:03.0859 5840 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
18:49:03.0895 5840 adpu320 - ok
18:49:03.0920 5840 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:49:03.0980 5840 AeLookupSvc - ok
18:49:04.0028 5840 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
18:49:04.0122 5840 AFD - ok
18:49:04.0158 5840 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
18:49:04.0224 5840 agp440 - ok
18:49:04.0251 5840 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
18:49:04.0350 5840 aic78xx - ok
18:49:04.0392 5840 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
18:49:04.0455 5840 ALG - ok
18:49:04.0489 5840 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
18:49:04.0525 5840 aliide - ok
18:49:04.0564 5840 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
18:49:04.0609 5840 amdagp - ok
18:49:04.0620 5840 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
18:49:04.0656 5840 amdide - ok
18:49:04.0685 5840 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
18:49:04.0718 5840 AmdK8 - ok
18:49:04.0721 5840 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
18:49:04.0747 5840 AmdPPM - ok
18:49:04.0775 5840 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
18:49:04.0831 5840 amdsata - ok
18:49:04.0854 5840 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
18:49:04.0918 5840 amdsbs - ok
18:49:04.0945 5840 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
18:49:04.0999 5840 amdxata - ok
18:49:05.0118 5840 [ 7B4BEB577C5D0171F9B66F390EC29284 ] apf001 C:\Game\SoftnyxGame\RakionIS\Bin\apf001.sys
18:49:05.0157 5840 apf001 - ok
18:49:05.0196 5840 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
18:49:05.0289 5840 AppID - ok
18:49:05.0324 5840 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:49:05.0369 5840 AppIDSvc - ok
18:49:05.0398 5840 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
18:49:05.0460 5840 Appinfo - ok
18:49:05.0496 5840 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
18:49:05.0573 5840 AppMgmt - ok
18:49:05.0621 5840 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
18:49:05.0676 5840 arc - ok
18:49:05.0680 5840 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
18:49:05.0741 5840 arcsas - ok
18:49:05.0848 5840 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
18:49:05.0961 5840 aspnet_state - ok
18:49:05.0990 5840 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:49:06.0051 5840 AsyncMac - ok
18:49:06.0087 5840 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
18:49:06.0136 5840 atapi - ok
18:49:06.0196 5840 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:49:06.0275 5840 AudioEndpointBuilder - ok
18:49:06.0303 5840 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
18:49:06.0341 5840 Audiosrv - ok
18:49:06.0418 5840 [ 87D6E1ACEFA1DAA88049D66D8DA365B9 ] AVEO C:\Windows\system32\DRIVERS\AVEOdcnt.sys
18:49:06.0483 5840 AVEO - ok
18:49:06.0517 5840 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:49:06.0584 5840 AxInstSV - ok
18:49:06.0613 5840 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
18:49:06.0694 5840 b06bdrv - ok
18:49:06.0738 5840 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
18:49:06.0794 5840 b57nd60x - ok
18:49:06.0912 5840 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
18:49:07.0065 5840 BDESVC - ok
18:49:07.0079 5840 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
18:49:07.0129 5840 Beep - ok
18:49:07.0205 5840 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
18:49:07.0308 5840 BFE - ok
18:49:07.0611 5840 [ C364F02969E9A842321DD91BCFF749D4 ] BHDrvx86 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20120928.001\BHDrvx86.sys
18:49:07.0747 5840 BHDrvx86 - ok
18:49:07.0778 5840 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
18:49:07.0849 5840 BITS - ok
18:49:07.0871 5840 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
18:49:07.0929 5840 blbdrive - ok
18:49:07.0975 5840 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:49:08.0049 5840 bowser - ok
18:49:08.0064 5840 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:49:08.0103 5840 BrFiltLo - ok
18:49:08.0105 5840 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:49:08.0134 5840 BrFiltUp - ok
18:49:08.0160 5840 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
18:49:08.0277 5840 Browser - ok
18:49:08.0294 5840 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:49:08.0385 5840 Brserid - ok
18:49:08.0411 5840 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:49:08.0469 5840 BrSerWdm - ok
18:49:08.0490 5840 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:49:08.0512 5840 BrUsbMdm - ok
18:49:08.0515 5840 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:49:08.0535 5840 BrUsbSer - ok
18:49:08.0542 5840 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
18:49:08.0575 5840 BTHMODEM - ok
18:49:08.0617 5840 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
18:49:08.0666 5840 bthserv - ok
18:49:08.0746 5840 [ 1FA1C0E73ECA849BED29A47C508F7F17 ] ccHP C:\Windows\system32\drivers\N360\0404000.00C\ccHPx86.sys
18:49:08.0832 5840 ccHP - ok
18:49:08.0868 5840 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:49:08.0926 5840 cdfs - ok
18:49:08.0971 5840 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\drivers\cdrom.sys
18:49:09.0037 5840 cdrom - ok
18:49:09.0078 5840 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
18:49:09.0125 5840 CertPropSvc - ok
18:49:09.0152 5840 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
18:49:09.0181 5840 circlass - ok
18:49:09.0209 5840 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
18:49:09.0258 5840 CLFS - ok
18:49:09.0334 5840 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:49:09.0434 5840 clr_optimization_v2.0.50727_32 - ok
18:49:09.0493 5840 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:49:09.0577 5840 clr_optimization_v4.0.30319_32 - ok
18:49:09.0600 5840 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
18:49:09.0718 5840 CmBatt - ok
18:49:09.0739 5840 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:49:09.0794 5840 cmdide - ok
18:49:09.0892 5840 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
18:49:10.0010 5840 CNG - ok
18:49:10.0045 5840 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
18:49:10.0095 5840 Compbatt - ok
18:49:10.0142 5840 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
18:49:10.0206 5840 CompositeBus - ok
18:49:10.0224 5840 COMSysApp - ok
18:49:10.0271 5840 [ 085D4E5714BC641286C43239E8CB267F ] cphs C:\Windows\system32\IntelCpHeciSvc.exe
18:49:10.0395 5840 cphs - ok
18:49:10.0442 5840 cpuz135 - ok
18:49:10.0465 5840 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
18:49:10.0516 5840 crcdisk - ok
18:49:10.0561 5840 [ 06E771AA596B8761107AB57E99F128D7 ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:49:10.0651 5840 CryptSvc - ok
18:49:10.0690 5840 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
18:49:10.0775 5840 CSC - ok
18:49:10.0815 5840 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
18:49:10.0867 5840 CscService - ok
18:49:10.0920 5840 [ 3836855533D0B5AEB34E0CC812EFCB26 ] D-Vitec C:\Windows\system32\DRIVERS\dvitdcnt.sys
18:49:10.0960 5840 D-Vitec - ok
18:49:10.0987 5840 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
18:49:11.0052 5840 DcomLaunch - ok
18:49:11.0085 5840 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
18:49:11.0137 5840 defragsvc - ok
18:49:11.0167 5840 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:49:11.0306 5840 DfsC - ok
18:49:11.0339 5840 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
18:49:11.0428 5840 Dhcp - ok
18:49:11.0456 5840 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
18:49:11.0520 5840 discache - ok
18:49:11.0543 5840 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
18:49:11.0593 5840 Disk - ok
18:49:11.0651 5840 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:49:11.0742 5840 Dnscache - ok
18:49:11.0789 5840 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
18:49:11.0849 5840 dot3svc - ok
18:49:11.0883 5840 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
18:49:11.0933 5840 DPS - ok
18:49:11.0969 5840 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:49:12.0112 5840 drmkaud - ok
18:49:12.0152 5840 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:49:12.0223 5840 DXGKrnl - ok
18:49:12.0248 5840 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
18:49:12.0296 5840 EapHost - ok
18:49:12.0369 5840 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
18:49:12.0511 5840 ebdrv - ok
18:49:12.0534 5840 [ A772E3653FAE3E0D0EA925AE87E21140 ] ECSIoDriver_1_1_0_0 C:\Program Files\ECS Motherboard Utility\eBLU\ECSIoDriver.sys
18:49:12.0598 5840 ECSIoDriver_1_1_0_0 - ok
18:49:12.0682 5840 [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
18:49:12.0803 5840 eeCtrl - ok
18:49:12.0840 5840 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
18:49:12.0942 5840 EFS - ok
18:49:13.0111 5840 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:49:13.0254 5840 ehRecvr - ok
18:49:13.0324 5840 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
18:49:13.0421 5840 ehSched - ok
18:49:13.0458 5840 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
18:49:13.0509 5840 elxstor - ok
18:49:13.0563 5840 [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
18:49:13.0622 5840 EraserUtilRebootDrv - ok
18:49:13.0652 5840 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:49:13.0672 5840 ErrDev - ok
18:49:13.0711 5840 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
18:49:13.0751 5840 EventSystem - ok
18:49:13.0785 5840 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
18:49:13.0832 5840 exfat - ok
18:49:13.0915 5840 [ ABFCEDE4BC3C4DC974C97BD2BEB4BE02 ] EZCharger C:\Windows\system32\DRIVERS\EZCharger.sys
18:49:13.0967 5840 EZCharger - ok
18:49:13.0985 5840 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:49:14.0043 5840 fastfat - ok
18:49:14.0098 5840 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
18:49:14.0203 5840 Fax - ok
18:49:14.0226 5840 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
18:49:14.0251 5840 fdc - ok
18:49:14.0278 5840 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
18:49:14.0339 5840 fdPHost - ok
18:49:14.0342 5840 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
18:49:14.0375 5840 FDResPub - ok
18:49:14.0378 5840 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:49:14.0423 5840 FileInfo - ok
18:49:14.0425 5840 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:49:14.0459 5840 Filetrace - ok
18:49:14.0518 5840 [ ACEFEEA621DCA62EFB7A7EEA59F5E91B ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
18:49:14.0641 5840 FLEXnet Licensing Service - ok
18:49:14.0644 5840 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
18:49:14.0710 5840 flpydisk - ok
18:49:14.0720 5840 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:49:14.0746 5840 FltMgr - ok
18:49:14.0781 5840 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
18:49:14.0871 5840 FontCache - ok
18:49:14.0938 5840 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
18:49:14.0991 5840 FontCache3.0.0.0 - ok
18:49:15.0017 5840 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:49:15.0072 5840 FsDepends - ok
18:49:15.0125 5840 [ B0082808A6856A252F7CDD939892CE50 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
18:49:15.0174 5840 fssfltr - ok
18:49:15.0261 5840 [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
18:49:15.0417 5840 fsssvc - ok
18:49:15.0438 5840 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:49:15.0458 5840 Fs_Rec - ok
18:49:15.0502 5840 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:49:15.0618 5840 fvevol - ok
18:49:15.0658 5840 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
18:49:15.0705 5840 gagp30kx - ok
18:49:15.0735 5840 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:49:15.0760 5840 GEARAspiWDM - ok
18:49:15.0888 5840 GGSAFERDriver - ok
18:49:15.0963 5840 [ 3CA442738893D4B0518BCF2E32FFFB8C ] GingerUpdateService C:\Program Files\Ginger\GingerUpdateService\GingerUpdateService.exe
18:49:16.0339 5840 GingerUpdateService - ok
18:49:16.0421 5840 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
18:49:16.0525 5840 gpsvc - ok
18:49:16.0595 5840 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
18:49:16.0681 5840 gupdate - ok
18:49:16.0685 5840 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
18:49:16.0732 5840 gupdatem - ok
18:49:16.0800 5840 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:49:16.0896 5840 hcw85cir - ok
18:49:16.0952 5840 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:49:17.0024 5840 HdAudAddService - ok
18:49:17.0054 5840 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
18:49:17.0103 5840 HDAudBus - ok
18:49:17.0117 5840 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
18:49:17.0171 5840 HidBatt - ok
18:49:17.0193 5840 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
18:49:17.0224 5840 HidBth - ok
18:49:17.0270 5840 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
18:49:17.0319 5840 HidIr - ok
18:49:17.0339 5840 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
18:49:17.0397 5840 hidserv - ok
18:49:17.0414 5840 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\drivers\hidusb.sys
18:49:17.0446 5840 HidUsb - ok
18:49:17.0485 5840 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:49:17.0560 5840 hkmsvc - ok
18:49:17.0610 5840 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:49:17.0662 5840 HomeGroupListener - ok
18:49:17.0708 5840 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:49:17.0755 5840 HomeGroupProvider - ok
18:49:17.0777 5840 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
18:49:17.0805 5840 HpSAMD - ok
18:49:17.0861 5840 [ DD1E0A26D0F60A7EA65A1BEEC7D44EAB ] HssDRV6 C:\Windows\system32\DRIVERS\hssdrv6.sys
18:49:17.0900 5840 HssDRV6 - ok
18:49:17.0957 5840 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:49:18.0011 5840 HTTP - ok
18:49:18.0047 5840 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:49:18.0079 5840 hwpolicy - ok
18:49:18.0107 5840 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
18:49:18.0162 5840 i8042prt - ok
18:49:18.0188 5840 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
18:49:18.0224 5840 iaStorV - ok
18:49:18.0298 5840 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
18:49:18.0348 5840 IDriverT ( UnsignedFile.Multi.Generic ) - warning
18:49:18.0348 5840 IDriverT - detected UnsignedFile.Multi.Generic (1)
18:49:18.0389 5840 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:49:18.0474 5840 idsvc - ok
18:49:18.0583 5840 [ 404FB2AAF532BC7BBACC8880BE401C74 ] IDSVix86 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20121004.001\IDSvix86.sys
18:49:18.0660 5840 IDSVix86 - ok
18:49:18.0898 5840 [ 0FEB90F92A8AB77A7E5E6BA052138351 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
18:49:19.0189 5840 igfx - ok
18:49:19.0231 5840 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
18:49:19.0282 5840 iirsp - ok
18:49:19.0338 5840 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
18:49:19.0430 5840 IKEEXT - ok
18:49:19.0519 5840 [ 4BA9DC6AF6EFE9C6E1D2570D61C75D1D ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
18:49:19.0647 5840 IntcAzAudAddService - ok
18:49:19.0699 5840 [ 7081EFE4EBF9CBBFF4EB5A3AC478DDC5 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
18:49:19.0746 5840 IntcDAud - ok
18:49:19.0785 5840 [ 28B3162EC8D01114313D7F447D8E157E ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
18:49:20.0405 5840 Intel® Capability Licensing Service Interface - ok
18:49:20.0435 5840 [ C9DCE1CB628AEED3C0C30ABBF4F1E718 ] Intel® ME Service C:\Program Files\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
18:49:20.0608 5840 Intel® ME Service - ok
18:49:20.0645 5840 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
18:49:20.0685 5840 intelide - ok
18:49:20.0723 5840 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:49:20.0801 5840 intelppm - ok
18:49:20.0824 5840 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:49:20.0882 5840 IPBusEnum - ok
18:49:20.0903 5840 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:49:20.0948 5840 IpFilterDriver - ok
18:49:20.0991 5840 [ 4D65A07B795D6674312F879D09AA7663 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:49:21.0080 5840 iphlpsvc - ok
18:49:21.0113 5840 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
18:49:21.0156 5840 IPMIDRV - ok
18:49:21.0178 5840 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:49:21.0231 5840 IPNAT - ok
18:49:21.0259 5840 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:49:21.0333 5840 IRENUM - ok
18:49:21.0374 5840 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:49:21.0421 5840 isapnp - ok
18:49:21.0450 5840 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
18:49:21.0498 5840 iScsiPrt - ok
18:49:21.0541 5840 [ 68773314B22DDB7B6A4177537508AF91 ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
18:49:21.0601 5840 iusb3hcs - ok
18:49:21.0645 5840 [ F093BCA5CD5D797B3777ABD2E5B9CFCE ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
18:49:21.0688 5840 iusb3hub - ok
18:49:21.0825 5840 [ 7F3245BCEE44E168EA67A5103AA496DE ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
18:49:21.0882 5840 iusb3xhc - ok
18:49:21.0908 5840 [ 3628933AF5305EAB8173949BFF912F04 ] jhi_service C:\Program Files\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
18:49:22.0065 5840 jhi_service - ok
18:49:22.0110 5840 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
18:49:22.0236 5840 kbdclass - ok
18:49:22.0305 5840 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
18:49:22.0409 5840 kbdhid - ok
18:49:22.0439 5840 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
18:49:22.0471 5840 KeyIso - ok
18:49:22.0524 5840 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:49:22.0595 5840 KSecDD - ok
18:49:22.0612 5840 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:49:22.0653 5840 KSecPkg - ok
18:49:22.0688 5840 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
18:49:22.0743 5840 KtmRm - ok
18:49:22.0767 5840 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
18:49:22.0828 5840 LanmanServer - ok
18:49:22.0875 5840 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:49:22.0946 5840 LanmanWorkstation - ok
18:49:22.0992 5840 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:49:23.0067 5840 lltdio - ok
18:49:23.0099 5840 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:49:23.0160 5840 lltdsvc - ok
18:49:23.0172 5840 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
18:49:23.0223 5840 lmhosts - ok
18:49:23.0274 5840 [ BF22ACF4CF3734D61357E67F0521BC03 ] LMS C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
18:49:23.0349 5840 LMS - ok
18:49:23.0361 5840 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
18:49:23.0393 5840 LSI_FC - ok
18:49:23.0396 5840 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
18:49:23.0455 5840 LSI_SAS - ok
18:49:23.0457 5840 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:49:23.0484 5840 LSI_SAS2 - ok
18:49:23.0487 5840 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:49:23.0524 5840 LSI_SCSI - ok
18:49:23.0527 5840 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
18:49:23.0588 5840 luafv - ok
18:49:23.0615 5840 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:49:23.0658 5840 Mcx2Svc - ok
18:49:23.0661 5840 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
18:49:23.0695 5840 megasas - ok
18:49:23.0719 5840 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
18:49:23.0765 5840 MegaSR - ok
18:49:23.0793 5840 [ 240D715CFE4FB8F4CDA76F6863E62334 ] MEI C:\Windows\system32\DRIVERS\HECI.sys
18:49:23.0885 5840 MEI - ok
18:49:24.0025 5840 [ 0AF89452A8CE3928168F4E5B2208C68B ] mi-raysat_3dsmax2010_32 C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe
18:49:24.0079 5840 mi-raysat_3dsmax2010_32 ( UnsignedFile.Multi.Generic ) - warning
18:49:24.0079 5840 mi-raysat_3dsmax2010_32 - detected UnsignedFile.Multi.Generic (1)
18:49:24.0160 5840 Microsoft SharePoint Workspace Audit Service - ok
18:49:24.0174 5840 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
18:49:24.0234 5840 MMCSS - ok
18:49:24.0247 5840 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
18:49:24.0283 5840 Modem - ok
18:49:24.0311 5840 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:49:24.0336 5840 monitor - ok
18:49:24.0369 5840 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\drivers\mouclass.sys
18:49:24.0416 5840 mouclass - ok
18:49:24.0420 5840 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:49:24.0481 5840 mouhid - ok
18:49:24.0523 5840 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:49:24.0604 5840 mountmgr - ok
18:49:24.0668 5840 [ EE728AF83850DDAD9A3FCAC0AAB3AD97 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
18:49:24.0711 5840 MpFilter - ok
18:49:24.0735 5840 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
18:49:24.0815 5840 mpio - ok
18:49:24.0966 5840 [ A69630D039C38018689190234F866D77 ] MpKsl71735bbb c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2F9FA094-5002-45CA-8014-17A07401D61F}\MpKsl71735bbb.sys
18:49:25.0017 5840 MpKsl71735bbb - ok
18:49:25.0042 5840 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:49:25.0110 5840 mpsdrv - ok
18:49:25.0139 5840 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
18:49:25.0211 5840 MpsSvc - ok
18:49:25.0252 5840 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:49:25.0295 5840 MRxDAV - ok
18:49:25.0351 5840 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:49:25.0424 5840 mrxsmb - ok
18:49:25.0443 5840 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:49:25.0486 5840 mrxsmb10 - ok
18:49:25.0522 5840 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:49:25.0590 5840 mrxsmb20 - ok
18:49:25.0637 5840 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
18:49:25.0671 5840 msahci - ok
18:49:25.0700 5840 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:49:25.0742 5840 msdsm - ok
18:49:25.0767 5840 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
18:49:25.0818 5840 MSDTC - ok
18:49:25.0849 5840 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:49:25.0902 5840 Msfs - ok
18:49:25.0904 5840 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:49:25.0930 5840 mshidkmdf - ok
18:49:25.0954 5840 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:49:25.0992 5840 msisadrv - ok
18:49:26.0037 5840 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:49:26.0099 5840 MSiSCSI - ok
18:49:26.0102 5840 msiserver - ok
18:49:26.0119 5840 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:49:26.0148 5840 MSKSSRV - ok
18:49:26.0223 5840 [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
18:49:26.0275 5840 MsMpSvc - ok
18:49:26.0306 5840 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:49:26.0340 5840 MSPCLOCK - ok
18:49:26.0353 5840 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:49:26.0385 5840 MSPQM - ok
18:49:26.0389 5840 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:49:26.0432 5840 MsRPC - ok
18:49:26.0466 5840 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
18:49:26.0513 5840 mssmbios - ok
18:49:26.0516 5840 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:49:26.0543 5840 MSTEE - ok
18:49:26.0545 5840 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
18:49:26.0567 5840 MTConfig - ok
18:49:26.0569 5840 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
18:49:26.0607 5840 Mup - ok
18:49:26.0756 5840 [ B4187346F54E362DAFFE647B25A58D50 ] N360 C:\Program Files\Norton 360\Engine\4.4.0.12\ccSvcHst.exe
18:49:26.0846 5840 N360 - ok
18:49:26.0895 5840 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
18:49:26.0970 5840 napagent - ok
18:49:27.0009 5840 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:49:27.0053 5840 NativeWifiP - ok
18:49:27.0145 5840 [ 8E4C77AD9BB279900C00F870CC0C674B ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20121004.020\NAVENG.SYS
18:49:27.0200 5840 NAVENG - ok
18:49:27.0240 5840 [ 826F699B69E88A3920C70F344DD42D88 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20121004.020\NAVEX15.SYS
18:49:27.0301 5840 NAVEX15 - ok
18:49:27.0492 5840 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
18:49:27.0592 5840 NDIS - ok
18:49:27.0631 5840 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:49:27.0662 5840 NdisCap - ok
18:49:27.0692 5840 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:49:27.0723 5840 NdisTapi - ok
18:49:27.0754 5840 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:49:27.0805 5840 Ndisuio - ok
18:49:27.0839 5840 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:49:27.0892 5840 NdisWan - ok
18:49:27.0931 5840 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:49:27.0973 5840 NDProxy - ok
18:49:27.0991 5840 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:49:28.0049 5840 NetBIOS - ok
18:49:28.0133 5840 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:49:28.0241 5840 NetBT - ok
18:49:28.0272 5840 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
18:49:28.0326 5840 Netlogon - ok
18:49:28.0373 5840 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
18:49:28.0426 5840 Netman - ok
18:49:28.0487 5840 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:49:28.0531 5840 NetMsmqActivator - ok
18:49:28.0534 5840 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:49:28.0562 5840 NetPipeActivator - ok
18:49:28.0567 5840 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
18:49:28.0632 5840 netprofm - ok
18:49:28.0635 5840 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:49:28.0661 5840 NetTcpActivator - ok
18:49:28.0663 5840 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:49:28.0689 5840 NetTcpPortSharing - ok
18:49:28.0727 5840 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
18:49:28.0770 5840 nfrd960 - ok
18:49:28.0827 5840 [ 2CD24A6AF497D0E9B9BF3DA924ED05E6 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
18:49:28.0883 5840 NisDrv - ok
18:49:28.0919 5840 [ 3B846434055F80D9E89D0742F3ADAD34 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
18:49:28.0969 5840 NisSrv - ok
18:49:28.0999 5840 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\Windows\System32\nlasvc.dll
18:49:29.0068 5840 NlaSvc - ok
18:49:29.0095 5840 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:49:29.0129 5840 Npfs - ok
18:49:29.0161 5840 npggsvc - ok
18:49:29.0177 5840 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
18:49:29.0209 5840 nsi - ok
18:49:29.0219 5840 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:49:29.0253 5840 nsiproxy - ok
18:49:29.0316 5840 [ 81189C3D7763838E55C397759D49007A ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:49:29.0440 5840 Ntfs - ok
18:49:29.0471 5840 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
18:49:29.0512 5840 Null - ok
18:49:29.0550 5840 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:49:29.0617 5840 nvraid - ok
18:49:29.0658 5840 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:49:29.0757 5840 nvstor - ok
18:49:29.0810 5840 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:49:29.0900 5840 nv_agp - ok
18:49:29.0929 5840 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:49:29.0971 5840 ohci1394 - ok
18:49:30.0012 5840 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:49:30.0122 5840 ose - ok
18:49:30.0256 5840 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:49:30.0470 5840 osppsvc - ok
18:49:30.0558 5840 [ 1C60088654D64EB603F694DC368DF226 ] OverwolfUpdaterService C:\Program Files\Overwolf\OverwolfUpdater.exe
18:49:30.0594 5840 OverwolfUpdaterService - ok
18:49:30.0624 5840 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:49:30.0708 5840 p2pimsvc - ok
18:49:30.0725 5840 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
18:49:30.0768 5840 p2psvc - ok
18:49:30.0790 5840 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
18:49:30.0841 5840 Parport - ok
18:49:30.0879 5840 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:49:30.0924 5840 partmgr - ok
18:49:30.0944 5840 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
18:49:30.0977 5840 Parvdm - ok
18:49:30.0981 5840 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
18:49:31.0065 5840 PcaSvc - ok
18:49:31.0120 5840 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
18:49:31.0188 5840 pci - ok
18:49:31.0223 5840 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
18:49:31.0258 5840 pciide - ok
18:49:31.0292 5840 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
18:49:31.0365 5840 pcmcia - ok
18:49:31.0438 5840 [ A0937771070BF59468B4939DD0AE59FD ] PCToolsSSDMonitorSvc C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
18:49:31.0630 5840 PCToolsSSDMonitorSvc - ok
18:49:31.0647 5840 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
18:49:31.0699 5840 pcw - ok
18:49:31.0722 5840 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:49:31.0782 5840 PEAUTH - ok
18:49:31.0867 5840 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
18:49:31.0964 5840 PeerDistSvc - ok
18:49:32.0010 5840 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
18:49:32.0093 5840 pla - ok
18:49:32.0141 5840 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:49:32.0265 5840 PlugPlay - ok
18:49:32.0271 5840 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:49:32.0312 5840 PNRPAutoReg - ok
18:49:32.0317 5840 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:49:32.0350 5840 PNRPsvc - ok
18:49:32.0362 5840 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:49:32.0419 5840 PolicyAgent - ok
18:49:32.0452 5840 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
18:49:32.0491 5840 Power - ok
18:49:32.0519 5840 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:49:32.0592 5840 PptpMiniport - ok
18:49:32.0617 5840 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
18:49:32.0644 5840 Processor - ok
18:49:32.0681 5840 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
18:49:32.0768 5840 ProfSvc - ok
18:49:32.0806 5840 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:49:32.0861 5840 ProtectedStorage - ok
18:49:32.0897 5840 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:49:32.0951 5840 Psched - ok
18:49:32.0989 5840 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
18:49:33.0084 5840 ql2300 - ok
18:49:33.0104 5840 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
18:49:33.0254 5840 ql40xx - ok
18:49:33.0286 5840 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
18:49:33.0384 5840 QWAVE - ok
18:49:33.0387 5840 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:49:33.0438 5840 QWAVEdrv - ok
18:49:33.0460 5840 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:49:33.0507 5840 RasAcd - ok
18:49:33.0545 5840 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:49:33.0601 5840 RasAgileVpn - ok
18:49:33.0642 5840 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
18:49:33.0724 5840 RasAuto - ok
18:49:33.0728 5840 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:49:33.0798 5840 Rasl2tp - ok
18:49:33.0855 5840 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
18:49:33.0929 5840 RasMan - ok
18:49:33.0951 5840 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:49:33.0981 5840 RasPppoe - ok
18:49:33.0995 5840 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:49:34.0034 5840 RasSstp - ok
18:49:34.0069 5840 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:49:34.0139 5840 rdbss - ok
18:49:34.0142 5840 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
18:49:34.0165 5840 rdpbus - ok
18:49:34.0185 5840 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:49:34.0210 5840 RDPCDD - ok
18:49:34.0236 5840 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
18:49:34.0264 5840 RDPDR - ok
18:49:34.0278 5840 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:49:34.0315 5840 RDPENCDD - ok
18:49:34.0319 5840 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:49:34.0358 5840 RDPREFMP - ok
18:49:34.0396 5840 [ 68A0387F58E226DEEE23D9715955572A ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
18:49:34.0448 5840 RdpVideoMiniport - ok
18:49:34.0480 5840 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:49:34.0560 5840 RDPWD - ok
18:49:34.0628 5840 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:49:34.0688 5840 rdyboost - ok
18:49:34.0718 5840 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
18:49:34.0786 5840 RemoteAccess - ok
18:49:34.0816 5840 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:49:34.0861 5840 RemoteRegistry - ok
18:49:34.0885 5840 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:49:34.0947 5840 RpcEptMapper - ok
18:49:34.0979 5840 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
18:49:35.0008 5840 RpcLocator - ok
18:49:35.0037 5840 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
18:49:35.0078 5840 RpcSs - ok
18:49:35.0120 5840 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:49:35.0192 5840 rspndr - ok
18:49:35.0245 5840 [ 3849D5D73BDD9B7BC4E3305DDC345B2C ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
18:49:35.0292 5840 RTL8167 - ok
18:49:35.0315 5840 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
18:49:35.0345 5840 s3cap - ok
18:49:35.0365 5840 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
18:49:35.0412 5840 SamSs - ok
18:49:35.0445 5840 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:49:35.0490 5840 sbp2port - ok
18:49:35.0519 5840 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:49:35.0578 5840 SCardSvr - ok
18:49:35.0614 5840 [ BEB5B059DEF853777CD6686186BC56D2 ] SCDEmu C:\Windows\system32\drivers\SCDEmu.sys
18:49:35.0687 5840 SCDEmu - ok
18:49:35.0702 5840 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:49:35.0732 5840 scfilter - ok
18:49:35.0768 5840 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
18:49:35.0851 5840 Schedule - ok
18:49:35.0887 5840 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
18:49:35.0937 5840 SCPolicySvc - ok
18:49:35.0983 5840 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:49:36.0042 5840 SDRSVC - ok
18:49:36.0075 5840 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:49:36.0118 5840 secdrv - ok
18:49:36.0132 5840 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
18:49:36.0169 5840 seclogon - ok
18:49:36.0183 5840 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
18:49:36.0223 5840 SENS - ok
18:49:36.0247 5840 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:49:36.0293 5840 SensrSvc - ok
18:49:36.0314 5840 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
18:49:36.0335 5840 Serenum - ok
18:49:36.0339 5840 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
18:49:36.0387 5840 Serial - ok
18:49:36.0421 5840 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
18:49:36.0443 5840 sermouse - ok
18:49:36.0488 5840 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
18:49:36.0539 5840 SessionEnv - ok
18:49:36.0578 5840 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:49:36.0624 5840 sffdisk - ok
18:49:36.0643 5840 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:49:36.0673 5840 sffp_mmc - ok
18:49:36.0688 5840 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:49:36.0717 5840 sffp_sd - ok
18:49:36.0729 5840 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
18:49:36.0758 5840 sfloppy - ok
18:49:36.0786 5840 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:49:36.0891 5840 SharedAccess - ok
18:49:36.0992 5840 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:49:37.0076 5840 ShellHWDetection - ok
18:49:37.0128 5840 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
18:49:37.0175 5840 sisagp - ok
18:49:37.0211 5840 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:49:37.0272 5840 SiSRaid2 - ok
18:49:37.0276 5840 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
18:49:37.0347 5840 SiSRaid4 - ok
18:49:37.0434 5840 [ 0F97E7A47A52F4A36969F0FC319654C2 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
18:49:37.0659 5840 Skype C2C Service - ok
18:49:37.0829 5840 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
18:49:38.0073 5840 SkypeUpdate - ok
18:49:38.0097 5840 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:49:38.0139 5840 Smb - ok
18:49:38.0178 5840 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:49:38.0234 5840 SNMPTRAP - ok
18:49:38.0277 5840 [ FF35C2D01AC36B446A1B997F305F0FC2 ] Soluto C:\Windows\system32\DRIVERS\Soluto.sys
18:49:38.0310 5840 Soluto - ok
18:49:38.0396 5840 [ 925EE62D5164F3ED33B5BC4C89A61700 ] SolutoService C:\Program Files\Soluto\SolutoService.exe
18:49:38.0470 5840 SolutoService - ok
18:49:38.0505 5840 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
18:49:38.0541 5840 spldr - ok
18:49:38.0590 5840 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
18:49:38.0661 5840 Spooler - ok
18:49:38.0737 5840 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
18:49:39.0112 5840 sppsvc - ok
18:49:39.0172 5840 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:49:39.0227 5840 sppuinotify - ok
18:49:39.0307 5840 [ EC5C3C6260F4019B03DFAA03EC8CBF6A ] SRTSP C:\Windows\System32\Drivers\N360\0404000.00C\SRTSP.SYS
18:49:39.0348 5840 SRTSP - ok
18:49:39.0360 5840 [ 55D5C37ED41231E3AC2063D16DF50840 ] SRTSPX C:\Windows\system32\drivers\N360\0404000.00C\SRTSPX.SYS
18:49:39.0384 5840 SRTSPX - ok
18:49:39.0431 5840 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
18:49:39.0565 5840 srv - ok
18:49:39.0573 5840 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:49:39.0615 5840 srv2 - ok
18:49:39.0650 5840 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:49:39.0677 5840 srvnet - ok
18:49:39.0712 5840 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:49:39.0751 5840 SSDPSRV - ok
18:49:39.0754 5840 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:49:39.0789 5840 SstpSvc - ok
18:49:39.0822 5840 Steam Client Service - ok
18:49:39.0843 5840 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
18:49:39.0878 5840 stexstor - ok
18:49:39.0901 5840 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
18:49:39.0965 5840 StiSvc - ok
18:49:39.0995 5840 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
18:49:40.0034 5840 storflt - ok
18:49:40.0066 5840 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
18:49:40.0104 5840 storvsc - ok
18:49:40.0145 5840 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
18:49:40.0165 5840 swenum - ok
18:49:40.0252 5840 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
18:49:40.0354 5840 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
18:49:40.0354 5840 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
18:49:40.0385 5840 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
18:49:40.0484 5840 swprv - ok
18:49:40.0584 5840 [ 56890BF9D9204B93042089D4B45AE671 ] SymDS C:\Windows\system32\drivers\N360\0404000.00C\SYMDS.SYS
18:49:40.0690 5840 SymDS - ok
18:49:40.0735 5840 [ 10BA64273FEFF4DF0A7CCB0FF3B9B26B ] SymEFA C:\Windows\system32\drivers\N360\0404000.00C\SYMEFA.SYS
18:49:40.0802 5840 SymEFA - ok
18:49:40.0842 5840 [ 961B48B86F94D4CC8CEB483F8AA89374 ] SymEvent C:\Windows\system32\Drivers\SYMEVENT.SYS
18:49:40.0933 5840 SymEvent - ok
18:49:40.0967 5840 [ DC80FBF0A348E54853EF82EED4E11E35 ] SymIRON C:\Windows\system32\drivers\N360\0404000.00C\Ironx86.SYS
18:49:41.0020 5840 SymIRON - ok
18:49:41.0033 5840 [ B501D61792D8355EAE7EB4F7449A9D99 ] SYMTDIv C:\Windows\System32\Drivers\N360\0404000.00C\SYMTDIV.SYS
18:49:41.0101 5840 SYMTDIv - ok
18:49:41.0118 5840 Synth3dVsc - ok
18:49:41.0172 5840 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
18:49:41.0262 5840 SysMain - ok
18:49:41.0289 5840 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:49:41.0379 5840 TabletInputService - ok
18:49:41.0420 5840 [ FD90A16CEB10D4FDAA00AAF39B8FF58F ] taphss C:\Windows\system32\DRIVERS\taphss.sys
18:49:41.0462 5840 taphss - ok
18:49:41.0531 5840 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
18:49:41.0608 5840 TapiSrv - ok
18:49:41.0631 5840 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
18:49:41.0708 5840 TBS - ok
18:49:41.0772 5840 [ A5EBB8F648000E88B7D9390B514976BF ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:49:41.0884 5840 Tcpip - ok
18:49:41.0924 5840 [ A5EBB8F648000E88B7D9390B514976BF ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:49:41.0972 5840 TCPIP6 - ok
18:49:41.0999 5840 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:49:42.0031 5840 tcpipreg - ok
18:49:42.0067 5840 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:49:42.0114 5840 TDPIPE - ok
18:49:42.0124 5840 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:49:42.0162 5840 TDTCP - ok
18:49:42.0196 5840 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:49:42.0291 5840 tdx - ok
18:49:42.0336 5840 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
18:49:42.0404 5840 TermDD - ok
18:49:42.0450 5840 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
18:49:42.0565 5840 TermService - ok
18:49:42.0618 5840 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
18:49:42.0658 5840 Themes - ok
18:49:42.0674 5840 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
18:49:42.0708 5840 THREADORDER - ok
18:49:42.0732 5840 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
18:49:42.0787 5840 TrkWks - ok
18:49:42.0843 5840 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:49:42.0907 5840 TrustedInstaller - ok
18:49:42.0942 5840 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:49:43.0021 5840 tssecsrv - ok
18:49:43.0059 5840 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
18:49:43.0150 5840 TsUsbFlt - ok
18:49:43.0153 5840 tsusbhub - ok
18:49:43.0187 5840 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:49:43.0224 5840 tunnel - ok
18:49:43.0255 5840 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
18:49:43.0283 5840 uagp35 - ok
18:49:43.0299 5840 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:49:43.0330 5840 udfs - ok
18:49:43.0349 5840 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:49:43.0379 5840 UI0Detect - ok
18:49:43.0401 5840 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:49:43.0432 5840 uliagpkx - ok
18:49:43.0466 5840 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys
18:49:43.0533 5840 umbus - ok
18:49:43.0537 5840 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
18:49:43.0564 5840 UmPass - ok
18:49:43.0598 5840 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
18:49:43.0655 5840 UmRdpService - ok
18:49:43.0705 5840 [ B097EBA0E3FEB020BB65FE43AF5ECCFF ] UNS C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
18:49:43.0803 5840 UNS - ok
18:49:43.0838 5840 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
18:49:43.0923 5840 upnphost - ok
18:49:43.0967 5840 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:49:44.0024 5840 usbccgp - ok
18:49:44.0054 5840 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:49:44.0094 5840 usbcir - ok
18:49:44.0131 5840 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\drivers\usbehci.sys
18:49:44.0169 5840 usbehci - ok
18:49:44.0208 5840 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:49:44.0275 5840 usbhub - ok
18:49:44.0311 5840 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
18:49:44.0336 5840 usbohci - ok
18:49:44.0372 5840 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:49:44.0399 5840 usbprint - ok
18:49:44.0440 5840 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
18:49:44.0488 5840 usbscan - ok
18:49:44.0530 5840 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:49:44.0600 5840 USBSTOR - ok
18:49:44.0641 5840 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
18:49:44.0664 5840 usbuhci - ok
18:49:44.0711 5840 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
18:49:44.0748 5840 usbvideo - ok
18:49:44.0768 5840 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
18:49:44.0800 5840 UxSms - ok
18:49:44.0822 5840 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
18:49:44.0854 5840 VaultSvc - ok
18:49:44.0906 5840 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
18:49:44.0954 5840 vdrvroot - ok
18:49:44.0987 5840 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
18:49:45.0052 5840 vds - ok
18:49:45.0082 5840 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:49:45.0107 5840 vga - ok
18:49:45.0129 5840 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
18:49:45.0160 5840 VgaSave - ok
18:49:45.0175 5840 VGPU - ok
18:49:45.0196 5840 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
18:49:45.0222 5840 vhdmp - ok
18:49:45.0248 5840 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
18:49:45.0300 5840 viaagp - ok
18:49:45.0303 5840 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
18:49:45.0332 5840 ViaC7 - ok
18:49:45.0373 5840 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
18:49:45.0408 5840 viaide - ok
18:49:45.0430 5840 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
18:49:45.0508 5840 vmbus - ok
18:49:45.0520 5840 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
18:49:45.0542 5840 VMBusHID - ok
18:49:45.0577 5840 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:49:45.0604 5840 volmgr - ok
18:49:45.0630 5840 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:49:45.0657 5840 volmgrx - ok
18:49:45.0684 5840 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:49:45.0777 5840 volsnap - ok
18:49:45.0798 5840 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
18:49:45.0861 5840 vsmraid - ok
18:49:45.0914 5840 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
18:49:45.0992 5840 VSS - ok
18:49:46.0020 5840 vtany - ok
18:49:46.0024 5840 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
18:49:46.0048 5840 vwifibus - ok
18:49:46.0083 5840 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
18:49:46.0150 5840 W32Time - ok
18:49:46.0175 5840 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
18:49:46.0197 5840 WacomPen - ok
18:49:46.0232 5840 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:49:46.0275 5840 WANARP - ok
18:49:46.0280 5840 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:49:46.0319 5840 Wanarpv6 - ok
18:49:46.0405 5840 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
18:49:46.0509 5840 wbengine - ok
18:49:46.0525 5840 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:49:46.0584 5840 WbioSrvc - ok
18:49:46.0615 5840 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:49:46.0665 5840 wcncsvc - ok
18:49:46.0695 5840 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:49:46.0778 5840 WcsPlugInService - ok
18:49:46.0807 5840 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
18:49:46.0845 5840 Wd - ok
18:49:46.0851 5840 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:49:46.0910 5840 Wdf01000 - ok
18:49:46.0930 5840 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:49:47.0027 5840 WdiServiceHost - ok
18:49:47.0051 5840 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:49:47.0078 5840 WdiSystemHost - ok
18:49:47.0130 5840 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
18:49:47.0203 5840 WebClient - ok
18:49:47.0231 5840 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:49:47.0283 5840 Wecsvc - ok
18:49:47.0295 5840 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:49:47.0373 5840 wercplsupport - ok
18:49:47.0403 5840 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
18:49:47.0456 5840 WerSvc - ok
18:49:47.0495 5840 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:49:47.0528 5840 WfpLwf - ok
18:49:47.0551 5840 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:49:47.0603 5840 WIMMount - ok
18:49:47.0683 5840 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
18:49:47.0777 5840 WinDefend - ok
18:49:47.0782 5840 WinHttpAutoProxySvc - ok
18:49:47.0834 5840 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:49:47.0895 5840 Winmgmt - ok
18:49:47.0975 5840 [ 845AF1BA23C8D5E64DEF61BCC441604C ] WinRing0_1_2_0 C:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys
18:49:48.0021 5840 WinRing0_1_2_0 - ok
18:49:48.0076 5840 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
18:49:48.0147 5840 WinRM - ok
18:49:48.0226 5840 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
18:49:48.0297 5840 WinUsb - ok
18:49:48.0321 5840 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
18:49:48.0404 5840 Wlansvc - ok
18:49:48.0485 5840 [ 6067ACEF367E79914AF628FA1E9B5330 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
18:49:48.0550 5840 wlcrasvc - ok
18:49:48.0743 5840 [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:49:48.0897 5840 wlidsvc - ok
18:49:48.0932 5840 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
18:49:48.0976 5840 WmiAcpi - ok
18:49:49.0006 5840 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:49:49.0054 5840 wmiApSrv - ok
18:49:49.0105 5840 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
18:49:49.0215 5840 WMPNetworkSvc - ok
18:49:49.0236 5840 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:49:49.0309 5840 WPCSvc - ok
18:49:49.0332 5840 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:49:49.0396 5840 WPDBusEnum - ok
18:49:49.0446 5840 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:49:49.0482 5840 ws2ifsl - ok
18:49:49.0505 5840 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
18:49:49.0554 5840 wscsvc - ok
18:49:49.0557 5840 WSearch - ok
18:49:49.0645 5840 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
18:49:49.0842 5840 wuauserv - ok
18:49:49.0869 5840 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:49:49.0941 5840 WudfPf - ok
18:49:49.0996 5840 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:49:50.0038 5840 WUDFRd - ok
18:49:50.0084 5840 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:49:50.0130 5840 wudfsvc - ok
18:49:50.0151 5840 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
18:49:50.0258 5840 WwanSvc - ok
18:49:50.0262 5840 xhunter1 - ok
18:49:50.0314 5840 [ 66D3C0BAF4F0D83E974F3BF426C0DE7D ] xsherlock C:\Windows\system32\xsherlock.xem
18:49:55.0178 5840 xsherlock - ok
18:49:55.0196 5840 ================ Scan global ===============================
18:49:55.0228 5840 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
18:49:55.0275 5840 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
18:49:55.0284 5840 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
18:49:55.0321 5840 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
18:49:55.0344 5840 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
18:49:55.0349 5840 [Global] - ok
18:49:55.0349 5840 ================ Scan MBR ==================================
18:49:55.0363 5840 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:49:55.0758 5840 \Device\Harddisk0\DR0 - ok
18:49:55.0758 5840 ================ Scan VBR ==================================
18:49:55.0760 5840 [ F1E3BDA37369ECDA97FFEB0ADDCAACBC ] \Device\Harddisk0\DR0\Partition1
18:49:55.0761 5840 \Device\Harddisk0\DR0\Partition1 - ok
18:49:55.0785 5840 [ 031854648E124628B373C8D21B1796B3 ] \Device\Harddisk0\DR0\Partition2
18:49:55.0786 5840 \Device\Harddisk0\DR0\Partition2 - ok
18:49:55.0787 5840 ============================================================
18:49:55.0787 5840 Scan finished
18:49:55.0787 5840 ============================================================
18:49:55.0794 3876 Detected object count: 3
18:49:55.0794 3876 Actual detected object count: 3
18:51:43.0999 3876 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
18:51:43.0999 3876 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:51:44.0001 3876 mi-raysat_3dsmax2010_32 ( UnsignedFile.Multi.Generic ) - skipped by user
18:51:44.0001 3876 mi-raysat_3dsmax2010_32 ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:51:44.0002 3876 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
18:51:44.0002 3876 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip



-----
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP