Hi Ron,
Thanks for your quick response and comprehensive instructions. I very much appreciate it.
First, I agree. My ISP's tech support person didn't know what she was talking about.
Now, here are the results of following your instructions...
I removed old version and updated Java and turned it off in my browsers.
Upgraded Acrobat Reader.
Eliminated Skype toolbars.
Could not find Yahoo! Detect.
Ran adwCleaner. Here's the log:
# AdwCleaner v2.004 - Logfile created 10/11/2012 at 13:04:37
# Updated 06/10/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Carl - HOME-135978DFB9
# Boot Mode : Normal
# Running from : C:\swsetup\AdWare Cleaner\adwcleaner.exe
# Option [Delete]
***** [Services] *****
***** [Files / Folders] *****
Deleted on reboot : C:\DOCUME~1\Carl\LOCALS~1\Temp\Zynga
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Ask
Folder Deleted : C:\Documents and Settings\Carl\Application Data\PriceGong
Folder Deleted : C:\Documents and Settings\Carl\Local Settings\Application Data\Conduit
***** [Registry] *****
Key Deleted : HKCU\Software\Headlight
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\PriceGong
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2786678
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
***** [Internet Browsers] *****
-\\ Internet Explorer v8.0.6001.18702
[OK] Registry is clean.
-\\ Mozilla Firefox v9.0.1 (en-US)
Profile name : default
File : C:\Documents and Settings\Carl\Application Data\Mozilla\Firefox\Profiles\12cgt0l3.default\prefs.js
[OK] File is clean.
-\\ Google Chrome v22.0.1229.92
File : C:\Documents and Settings\Carl\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
*************************
AdwCleaner[S1].txt - [2285 octets] - [11/10/2012 13:04:37]
########## EOF - C:\AdwCleaner[S1].txt - [2345 octets] ##########
Updated Avast and ran boot time scan. Here's the log:
10/11/2012 13:54
Scan of all local drives
File C:\1754 rabinowitz\swsetup\MusicMatch Jukebox\mmsetup_10002058b_CNET.exe|>TDM\TDMInstall.exe|>Wise0010.bin Error 42145 {Installer archive is corrupted.}
File C:\swsetup\FinePrint\file4.RB0|>svl-fpuk.exe is infected by Win32:Malware-gen, Moved to chest
File C:\swsetup\FinePrint\file4.zip|>svl-fpuk.exe is infected by Win32:Malware-gen, Moved to chest
File C:\swsetup\FinePrint\svl-fpuk.exe is infected by Win32:Malware-gen, Moved to chest
File C:\swsetup\KB934428\WindowsXP-KB934428-v3-x86-ENU.exe|>_sfx_0001._p Error 42127 {CAB archive is corrupted.}
File C:\System Volume Information\_restore{3296356D-0865-45F9-B18C-2496BB0CD7E0}\RP656\A0131949.exe is infected by Win32:Malware-gen, Moved to chest
File C:\WINDOWS\SoftwareDistribution\Download\b8bbc23bc34bb0dbd64afcad0544484e\BIT17.tmp|>hpc3530c.cab|>HPCHL093.CAB|>hpccs093.chm Error 42127 {CAB archive is corrupted.}
File C:\WINDOWS\SoftwareDistribution\Download\b8bbc23bc34bb0dbd64afcad0544484e\BIT17.tmp|>hpc3530c.cab|>HPCHL093.CAB Error 42127 {CAB archive is corrupted.}
File C:\WINDOWS\SoftwareDistribution\Download\b8bbc23bc34bb0dbd64afcad0544484e\BIT17.tmp|>hpc3530c.cab Error 42127 {CAB archive is corrupted.}
Number of searched folders: 9974
Number of tested files: 887396
Number of infected files: 4
Installed Online Armor firewall (after disabling Windows Firewall)
Downloaded and ran aswMBR. I followed your instructions exactly but it would not permit me to save the log. I received a message saying the Desktop was inaccessible. I pressed the Save Log button, but the log would not save no matter where I tried to put it.
ComboFix would not run. I suspect that the problem was that Online Armor was enabled at first.
The TDSSkiller log is here:
20:11:29.0203 3900 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
20:11:29.0593 3900 ============================================================
20:11:29.0593 3900 Current date / time: 2012/10/11 20:11:29.0593
20:11:29.0593 3900 SystemInfo:
20:11:29.0593 3900
20:11:29.0593 3900 OS Version: 5.1.2600 ServicePack: 3.0
20:11:29.0593 3900 Product type: Workstation
20:11:29.0593 3900 ComputerName: HOME-135978DFB9
20:11:29.0593 3900 UserName: Carl
20:11:29.0593 3900 Windows directory: C:\WINDOWS
20:11:29.0593 3900 System windows directory: C:\WINDOWS
20:11:29.0593 3900 Processor architecture: Intel x86
20:11:29.0593 3900 Number of processors: 1
20:11:29.0593 3900 Page size: 0x1000
20:11:29.0593 3900 Boot type: Normal boot
20:11:29.0593 3900 ============================================================
20:11:31.0281 3900 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
20:11:31.0281 3900 Drive \Device\Harddisk1\DR2 - Size: 0xDF8F90000 (55.89 Gb), SectorSize: 0x200, Cylinders: 0x1C80, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
20:11:31.0281 3900 ============================================================
20:11:31.0281 3900 \Device\Harddisk0\DR0:
20:11:31.0281 3900 MBR partitions:
20:11:31.0281 3900 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x950A5C1
20:11:31.0281 3900 \Device\Harddisk1\DR2:
20:11:31.0281 3900 MBR partitions:
20:11:31.0281 3900 \Device\Harddisk1\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x6FC7C41
20:11:31.0281 3900 ============================================================
20:11:31.0328 3900 C: <-> \Device\Harddisk0\DR0\Partition1
20:11:31.0718 3900 F: <-> \Device\Harddisk1\DR2\Partition1
20:11:31.0718 3900 ============================================================
20:11:31.0718 3900 Initialize success
20:11:31.0718 3900 ============================================================
20:11:50.0640 3332 ============================================================
20:11:50.0640 3332 Scan started
20:11:50.0640 3332 Mode: Manual;
20:11:50.0640 3332 ============================================================
20:11:51.0437 3332 ================ Scan system memory ========================
20:11:51.0453 3332 System memory - ok
20:11:51.0468 3332 ================ Scan services =============================
20:11:51.0687 3332 [ 0352A73CD6B1782EA3ED7A03A8268F55 ] Aavmker4 C:\WINDOWS\system32\drivers\Aavmker4.sys
20:11:51.0687 3332 Aavmker4 - ok
20:11:51.0703 3332 Abiosdsk - ok
20:11:51.0718 3332 abp480n5 - ok
20:11:51.0796 3332 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:11:51.0796 3332 ACPI - ok
20:11:51.0828 3332 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
20:11:51.0828 3332 ACPIEC - ok
20:11:51.0937 3332 [ 09951DD226E17A62FED1178404846D02 ] AcrSch2Svc C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
20:11:51.0937 3332 AcrSch2Svc - ok
20:11:51.0968 3332 adpu160m - ok
20:11:51.0984 3332 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
20:11:51.0984 3332 aec - ok
20:11:52.0046 3332 [ 2C5C22990156A1063E19AD162191DC1D ] AegisP C:\WINDOWS\system32\DRIVERS\AegisP.sys
20:11:52.0046 3332 AegisP - ok
20:11:52.0109 3332 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
20:11:52.0125 3332 AFD - ok
20:11:52.0140 3332 Aha154x - ok
20:11:52.0156 3332 aic78u2 - ok
20:11:52.0187 3332 aic78xx - ok
20:11:52.0234 3332 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
20:11:52.0234 3332 Alerter - ok
20:11:52.0265 3332 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
20:11:52.0265 3332 ALG - ok
20:11:52.0281 3332 AliIde - ok
20:11:52.0343 3332 [ A2D5F093F9CB160C183C77015704F156 ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys
20:11:52.0343 3332 AmdK8 - ok
20:11:52.0359 3332 amsint - ok
20:11:52.0468 3332 [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:11:52.0484 3332 Apple Mobile Device - ok
20:11:52.0500 3332 AppMgmt - ok
20:11:52.0546 3332 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
20:11:52.0546 3332 Arp1394 - ok
20:11:52.0562 3332 asc - ok
20:11:52.0578 3332 asc3350p - ok
20:11:52.0593 3332 asc3550 - ok
20:11:52.0750 3332 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
20:11:52.0765 3332 aspnet_state - ok
20:11:52.0828 3332 [ F5DC168BF77572D51BE28BA261B30CB4 ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
20:11:52.0828 3332 aswFsBlk - ok
20:11:52.0859 3332 [ 2B9B1DF809E965EF63402CBBA6DB50AE ] aswMon2 C:\WINDOWS\system32\drivers\aswMon2.sys
20:11:52.0859 3332 aswMon2 - ok
20:11:52.0921 3332 [ B7D5E4486BA658ED08624D8084ABB830 ] AswRdr C:\WINDOWS\system32\drivers\AswRdr.sys
20:11:52.0921 3332 AswRdr - ok
20:11:52.0984 3332 [ 30E45AF8B4D83176CA850FC9699E860B ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
20:11:53.0031 3332 aswSnx - ok
20:11:53.0062 3332 [ F04BDBCB965C05C51F4A7DE7B62063D6 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
20:11:53.0078 3332 aswSP - ok
20:11:53.0109 3332 [ DFE9152ABFA89BB8CFDC057409B2D4DA ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
20:11:53.0109 3332 aswTdi - ok
20:11:53.0125 3332 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:11:53.0125 3332 AsyncMac - ok
20:11:53.0156 3332 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
20:11:53.0156 3332 atapi - ok
20:11:53.0171 3332 Atdisk - ok
20:11:53.0234 3332 [ ABC57A6F6070BAF9786C318F59F29F0B ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
20:11:53.0250 3332 Ati HotKey Poller - ok
20:11:53.0343 3332 [ 03621F7F968FF63713943405DEB777F9 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
20:11:53.0484 3332 ati2mtag - ok
20:11:54.0343 3332 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:11:54.0343 3332 Atmarpc - ok
20:11:54.0390 3332 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
20:11:54.0390 3332 AudioSrv - ok
20:11:54.0437 3332 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
20:11:54.0437 3332 audstub - ok
20:11:54.0515 3332 [ 04AC21E821F259845BD7367CEE057290 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
20:11:54.0515 3332 avast! Antivirus - ok
20:11:54.0609 3332 [ 37F385A93C620CBE0F89C17E45F697A1 ] BCM43XX C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
20:11:54.0656 3332 BCM43XX - ok
20:11:54.0703 3332 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
20:11:54.0703 3332 Beep - ok
20:11:54.0765 3332 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
20:11:54.0812 3332 BITS - ok
20:11:54.0890 3332 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:11:54.0921 3332 Bonjour Service - ok
20:11:54.0968 3332 [ 4BA311473E0D8557827E6F2FE33A8095 ] brfilt C:\WINDOWS\system32\Drivers\Brfilt.sys
20:11:54.0968 3332 brfilt - ok
20:11:55.0015 3332 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
20:11:55.0015 3332 Browser - ok
20:11:55.0046 3332 [ 8E06CD96E00472C03770A697D04031C0 ] BrSerWDM C:\WINDOWS\system32\Drivers\BrSerWdm.sys
20:11:55.0046 3332 BrSerWDM - ok
20:11:55.0078 3332 [ 37E2D0B12DDF536CD64AF6EB3B580EF8 ] BrUsbMdm C:\WINDOWS\system32\Drivers\BrUsbMdm.sys
20:11:55.0078 3332 BrUsbMdm - ok
20:11:55.0125 3332 [ 1C5F014048E5B2748C1A8AD297C50B6F ] BrUsbScn C:\WINDOWS\system32\Drivers\BrUsbScn.sys
20:11:55.0125 3332 BrUsbScn - ok
20:11:55.0187 3332 [ 23913C28AC89875BBFA03BCCDC3A41E5 ] CAMCAUD C:\WINDOWS\system32\drivers\camc6aud.sys
20:11:55.0187 3332 CAMCAUD - ok
20:11:55.0218 3332 [ E6EDB12A44DAFCEF05DBDDF3ED652388 ] CAMCHALA C:\WINDOWS\system32\drivers\camc6hal.sys
20:11:55.0234 3332 CAMCHALA - ok
20:11:55.0281 3332 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
20:11:55.0281 3332 cbidf2k - ok
20:11:55.0296 3332 cd20xrnt - ok
20:11:55.0343 3332 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
20:11:55.0343 3332 Cdaudio - ok
20:11:55.0375 3332 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
20:11:55.0390 3332 Cdfs - ok
20:11:55.0437 3332 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:11:55.0453 3332 Cdrom - ok
20:11:55.0468 3332 Changer - ok
20:11:55.0515 3332 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
20:11:55.0515 3332 CiSvc - ok
20:11:55.0562 3332 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
20:11:55.0578 3332 ClipSrv - ok
20:11:55.0625 3332 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:11:55.0687 3332 clr_optimization_v2.0.50727_32 - ok
20:11:55.0718 3332 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
20:11:55.0718 3332 CmBatt - ok
20:11:55.0750 3332 CmdIde - ok
20:11:55.0765 3332 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
20:11:55.0765 3332 Compbatt - ok
20:11:55.0781 3332 COMSysApp - ok
20:11:55.0812 3332 Cpqarray - ok
20:11:55.0921 3332 [ 75FA19142531CBF490770C2988A7DB64 ] cpuz134 C:\swsetup\PCWizard\pc-wizard_2010.1.961\pcwiz_x32.sys
20:11:55.0921 3332 cpuz134 - ok
20:11:55.0968 3332 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
20:11:55.0984 3332 CryptSvc - ok
20:11:56.0000 3332 dac2w2k - ok
20:11:56.0015 3332 dac960nt - ok
20:11:56.0078 3332 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
20:11:56.0109 3332 DcomLaunch - ok
20:11:56.0171 3332 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
20:11:56.0171 3332 Dhcp - ok
20:11:56.0218 3332 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
20:11:56.0218 3332 Disk - ok
20:11:56.0234 3332 dmadmin - ok
20:11:56.0296 3332 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
20:11:56.0328 3332 dmboot - ok
20:11:56.0390 3332 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
20:11:56.0390 3332 dmio - ok
20:11:56.0453 3332 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
20:11:56.0453 3332 dmload - ok
20:11:56.0500 3332 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
20:11:56.0515 3332 dmserver - ok
20:11:56.0546 3332 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
20:11:56.0546 3332 DMusic - ok
20:11:56.0609 3332 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
20:11:56.0609 3332 Dnscache - ok
20:11:56.0656 3332 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
20:11:56.0671 3332 Dot3svc - ok
20:11:56.0687 3332 dpti2o - ok
20:11:56.0718 3332 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
20:11:56.0718 3332 drmkaud - ok
20:11:56.0781 3332 [ 1FC1EED3EA0C3A0ECF8A95B97E1B4831 ] dvd43llh C:\WINDOWS\system32\DRIVERS\dvd43llh.sys
20:11:56.0781 3332 dvd43llh - ok
20:11:56.0828 3332 [ 81B7808D3B5892388F33273119C2DC31 ] eabfiltr C:\WINDOWS\system32\drivers\EABFiltr.sys
20:11:56.0828 3332 eabfiltr - ok
20:11:56.0859 3332 [ 1BA14DA377B66278335D4B9E8824CD42 ] eabusb C:\WINDOWS\system32\drivers\eabusb.sys
20:11:56.0859 3332 eabusb - ok
20:11:56.0906 3332 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
20:11:56.0906 3332 EapHost - ok
20:11:56.0968 3332 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
20:11:56.0968 3332 ERSvc - ok
20:11:57.0015 3332 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
20:11:57.0046 3332 Eventlog - ok
20:11:57.0109 3332 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
20:11:57.0125 3332 EventSystem - ok
20:11:57.0171 3332 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
20:11:57.0187 3332 Fastfat - ok
20:11:57.0250 3332 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
20:11:57.0265 3332 FastUserSwitchingCompatibility - ok
20:11:57.0296 3332 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
20:11:57.0296 3332 Fdc - ok
20:11:57.0328 3332 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
20:11:57.0328 3332 Fips - ok
20:11:57.0375 3332 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
20:11:57.0375 3332 Flpydisk - ok
20:11:57.0437 3332 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
20:11:57.0437 3332 FltMgr - ok
20:11:57.0531 3332 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
20:11:57.0531 3332 FontCache3.0.0.0 - ok
20:11:57.0562 3332 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:11:57.0562 3332 Fs_Rec - ok
20:11:57.0578 3332 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:11:57.0593 3332 Ftdisk - ok
20:11:57.0609 3332 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
20:11:57.0625 3332 GEARAspiWDM - ok
20:11:57.0640 3332 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:11:57.0640 3332 Gpc - ok
20:11:57.0718 3332 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
20:11:57.0734 3332 gupdate - ok
20:11:57.0765 3332 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
20:11:57.0765 3332 gupdatem - ok
20:11:57.0843 3332 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
20:11:57.0843 3332 helpsvc - ok
20:11:57.0875 3332 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
20:11:57.0875 3332 HidServ - ok
20:11:57.0906 3332 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
20:11:57.0906 3332 hidusb - ok
20:11:57.0968 3332 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
20:11:57.0968 3332 hkmsvc - ok
20:11:58.0078 3332 [ C5F00D15AA15CB7F55A027FF75E44BB7 ] HP Port Resolver C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE
20:11:58.0078 3332 HP Port Resolver - ok
20:11:58.0140 3332 [ C5A288E4CEEF5A26D105117BAA3763AB ] HP Status Server C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE
20:11:58.0140 3332 HP Status Server - ok
20:11:58.0156 3332 hpn - ok
20:11:58.0234 3332 [ 61556FA814F907BCED618B64DA66212A ] hpqwmi C:\Program Files\HPQ\shared\hpqwmi.exe
20:11:58.0234 3332 hpqwmi - ok
20:11:58.0296 3332 [ 30CA91E657CEDE2F95359D6EF186F650 ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
20:11:58.0296 3332 HPZid412 - ok
20:11:58.0312 3332 [ EFD31AFA752AA7C7BBB57BCBE2B01C78 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
20:11:58.0312 3332 HPZipr12 - ok
20:11:58.0375 3332 [ 7AC43C38CA8FD7ED0B0A4466F753E06E ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
20:11:58.0375 3332 HPZius12 - ok
20:11:58.0437 3332 [ 13D4B70BF2F9BC550E9079DA864D3EC1 ] HSFHWATI C:\WINDOWS\system32\DRIVERS\HSFHWATI.sys
20:11:58.0437 3332 HSFHWATI - ok
20:11:58.0531 3332 [ DFA8F86C0DBCA7DB948043AA3BE6793B ] HSF_DP C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
20:11:58.0562 3332 HSF_DP - ok
20:11:58.0625 3332 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
20:11:58.0640 3332 HTTP - ok
20:11:58.0687 3332 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
20:11:58.0703 3332 HTTPFilter - ok
20:11:58.0718 3332 i2omgmt - ok
20:11:58.0734 3332 i2omp - ok
20:11:58.0796 3332 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
20:11:58.0796 3332 i8042prt - ok
20:11:58.0921 3332 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:11:58.0953 3332 idsvc - ok
20:11:59.0015 3332 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
20:11:59.0015 3332 Imapi - ok
20:11:59.0078 3332 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
20:11:59.0093 3332 ImapiService - ok
20:11:59.0109 3332 ini910u - ok
20:11:59.0140 3332 IntelIde - ok
20:11:59.0203 3332 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
20:11:59.0203 3332 Ip6Fw - ok
20:11:59.0234 3332 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:11:59.0234 3332 IpFilterDriver - ok
20:11:59.0281 3332 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:11:59.0281 3332 IpInIp - ok
20:11:59.0312 3332 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:11:59.0312 3332 IpNat - ok
20:11:59.0375 3332 [ 178FE38B7740F598391EB2F51AE4CCAC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
20:11:59.0406 3332 iPod Service - ok
20:11:59.0468 3332 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:11:59.0468 3332 IPSec - ok
20:11:59.0500 3332 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
20:11:59.0500 3332 IRENUM - ok
20:11:59.0546 3332 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:11:59.0546 3332 isapnp - ok
20:11:59.0718 3332 [ A12175F063302CD68F8FC6D572D7E5FD ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
20:11:59.0718 3332 JavaQuickStarterService - ok
20:11:59.0750 3332 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:11:59.0765 3332 Kbdclass - ok
20:11:59.0828 3332 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
20:11:59.0828 3332 kmixer - ok
20:11:59.0875 3332 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
20:11:59.0875 3332 KSecDD - ok
20:11:59.0937 3332 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
20:11:59.0953 3332 lanmanserver - ok
20:12:00.0000 3332 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
20:12:00.0031 3332 lanmanworkstation - ok
20:12:00.0046 3332 lbrtfdc - ok
20:12:00.0109 3332 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
20:12:00.0109 3332 LmHosts - ok
20:12:00.0140 3332 [ 3C318B9CD391371BED62126581EE9961 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
20:12:00.0140 3332 mdmxsdk - ok
20:12:00.0187 3332 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
20:12:00.0203 3332 Messenger - ok
20:12:00.0234 3332 [ A7DA20AB18A1BDAE28B0F349E57DA0D1 ] mf C:\WINDOWS\system32\DRIVERS\mf.sys
20:12:00.0234 3332 mf - ok
20:12:00.0296 3332 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
20:12:00.0296 3332 mnmdd - ok
20:12:00.0343 3332 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
20:12:00.0359 3332 mnmsrvc - ok
20:12:00.0421 3332 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
20:12:00.0421 3332 Modem - ok
20:12:00.0468 3332 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:12:00.0484 3332 Mouclass - ok
20:12:00.0515 3332 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
20:12:00.0531 3332 mouhid - ok
20:12:00.0546 3332 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
20:12:00.0546 3332 MountMgr - ok
20:12:00.0578 3332 mraid35x - ok
20:12:00.0593 3332 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:12:00.0593 3332 MRxDAV - ok
20:12:00.0671 3332 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:12:00.0703 3332 MRxSmb - ok
20:12:00.0765 3332 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
20:12:00.0765 3332 MSDTC - ok
20:12:00.0796 3332 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
20:12:00.0796 3332 Msfs - ok
20:12:00.0812 3332 MSIServer - ok
20:12:00.0859 3332 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:12:00.0859 3332 MSKSSRV - ok
20:12:00.0890 3332 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:12:00.0890 3332 MSPCLOCK - ok
20:12:00.0937 3332 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
20:12:00.0937 3332 MSPQM - ok
20:12:00.0968 3332 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:12:00.0968 3332 mssmbios - ok
20:12:01.0031 3332 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
20:12:01.0046 3332 Mup - ok
20:12:01.0109 3332 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
20:12:01.0140 3332 napagent - ok
20:12:01.0171 3332 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
20:12:01.0171 3332 NDIS - ok
20:12:01.0234 3332 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:12:01.0234 3332 NdisTapi - ok
20:12:01.0296 3332 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:12:01.0296 3332 Ndisuio - ok
20:12:01.0328 3332 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:12:01.0328 3332 NdisWan - ok
20:12:01.0359 3332 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
20:12:01.0359 3332 NDProxy - ok
20:12:01.0406 3332 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
20:12:01.0406 3332 NetBIOS - ok
20:12:01.0453 3332 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
20:12:01.0453 3332 NetBT - ok
20:12:01.0515 3332 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
20:12:01.0531 3332 NetDDE - ok
20:12:01.0546 3332 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
20:12:01.0562 3332 NetDDEdsdm - ok
20:12:01.0625 3332 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
20:12:01.0625 3332 Netlogon - ok
20:12:01.0703 3332 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
20:12:01.0718 3332 Netman - ok
20:12:01.0765 3332 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:12:01.0781 3332 NetTcpPortSharing - ok
20:12:01.0812 3332 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
20:12:01.0828 3332 NIC1394 - ok
20:12:01.0890 3332 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
20:12:01.0906 3332 Nla - ok
20:12:01.0968 3332 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
20:12:01.0968 3332 Npfs - ok
20:12:02.0015 3332 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
20:12:02.0031 3332 Ntfs - ok
20:12:02.0046 3332 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
20:12:02.0062 3332 NtLmSsp - ok
20:12:02.0140 3332 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
20:12:02.0171 3332 NtmsSvc - ok
20:12:02.0203 3332 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
20:12:02.0203 3332 Null - ok
20:12:02.0250 3332 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:12:02.0250 3332 NwlnkFlt - ok
20:12:02.0281 3332 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:12:02.0281 3332 NwlnkFwd - ok
20:12:02.0421 3332 [ 1A008CBB313F7A6644B883AE1829393B ] OAcat C:\Program Files\Online Armor\OAcat.exe
20:12:02.0421 3332 OAcat - ok
20:12:02.0484 3332 [ C0BA927C3A1A62F2BF664F242D91C082 ] OADevice C:\WINDOWS\system32\drivers\OADriver.sys
20:12:02.0484 3332 OADevice - ok
20:12:02.0531 3332 [ C968369E2BC5F6A8426C1E7D78E33F1B ] oahlpXX C:\WINDOWS\system32\drivers\oahlp32.sys
20:12:02.0531 3332 oahlpXX - ok
20:12:02.0562 3332 [ 04E7E92CD91E61E0CC1BDF849032AD81 ] OAmon C:\WINDOWS\system32\drivers\OAmon.sys
20:12:02.0562 3332 OAmon - ok
20:12:02.0609 3332 [ F3250D94BEE44A0D00939F10830B3563 ] OAnet C:\WINDOWS\system32\drivers\OAnet.sys
20:12:02.0609 3332 OAnet - ok
20:12:02.0640 3332 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
20:12:02.0656 3332 ohci1394 - ok
20:12:02.0734 3332 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:12:02.0734 3332 ose - ok
20:12:02.0812 3332 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\drivers\Parport.sys
20:12:02.0828 3332 Parport - ok
20:12:02.0859 3332 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
20:12:02.0859 3332 PartMgr - ok
20:12:02.0921 3332 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
20:12:02.0921 3332 ParVdm - ok
20:12:02.0953 3332 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
20:12:02.0953 3332 PCI - ok
20:12:02.0968 3332 PCIDump - ok
20:12:03.0000 3332 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
20:12:03.0000 3332 PCIIde - ok
20:12:03.0046 3332 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
20:12:03.0062 3332 Pcmcia - ok
20:12:03.0109 3332 [ 5B6C11DE7E839C05248CED8825470FEF ] pcouffin C:\WINDOWS\system32\Drivers\pcouffin.sys
20:12:03.0109 3332 pcouffin - ok
20:12:03.0125 3332 PDCOMP - ok
20:12:03.0156 3332 PDFRAME - ok
20:12:03.0171 3332 PDRELI - ok
20:12:03.0187 3332 PDRFRAME - ok
20:12:03.0203 3332 perc2 - ok
20:12:03.0234 3332 perc2hib - ok
20:12:03.0343 3332 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
20:12:03.0343 3332 PlugPlay - ok
20:12:03.0406 3332 [ D31F88C5F19EEFA366A415D6BC5F2ABC ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.exe
20:12:03.0406 3332 Pml Driver HPZ12 - ok
20:12:03.0421 3332 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
20:12:03.0421 3332 PolicyAgent - ok
20:12:03.0484 3332 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:12:03.0484 3332 PptpMiniport - ok
20:12:03.0500 3332 [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
20:12:03.0500 3332 Processor - ok
20:12:03.0515 3332 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
20:12:03.0531 3332 ProtectedStorage - ok
20:12:03.0578 3332 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:12:03.0578 3332 Ptilink - ok
20:12:03.0609 3332 [ 30CBAE0A34359F1CD19D1576245149ED ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
20:12:03.0609 3332 PxHelp20 - ok
20:12:03.0625 3332 ql1080 - ok
20:12:03.0640 3332 Ql10wnt - ok
20:12:03.0656 3332 ql12160 - ok
20:12:03.0671 3332 ql1240 - ok
20:12:03.0687 3332 ql1280 - ok
20:12:03.0718 3332 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:12:03.0718 3332 RasAcd - ok
20:12:03.0781 3332 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
20:12:03.0781 3332 RasAuto - ok
20:12:03.0812 3332 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:12:03.0828 3332 Rasl2tp - ok
20:12:03.0875 3332 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
20:12:03.0890 3332 RasMan - ok
20:12:03.0906 3332 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:12:03.0921 3332 RasPppoe - ok
20:12:03.0937 3332 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
20:12:03.0953 3332 Raspti - ok
20:12:04.0000 3332 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:12:04.0015 3332 Rdbss - ok
20:12:04.0031 3332 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:12:04.0031 3332 RDPCDD - ok
20:12:04.0109 3332 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
20:12:04.0125 3332 RDPWD - ok
20:12:04.0171 3332 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
20:12:04.0171 3332 RDSessMgr - ok
20:12:04.0203 3332 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
20:12:04.0203 3332 redbook - ok
20:12:04.0265 3332 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
20:12:04.0265 3332 RemoteAccess - ok
20:12:04.0312 3332 [ 4F4A4C09CC5BE58A76CAC1C337E004E6 ] RimUsb C:\WINDOWS\system32\Drivers\RimUsb.sys
20:12:04.0312 3332 RimUsb - ok
20:12:04.0343 3332 [ 3A5633AD615E2B15291BD0B1B97CCD8A ] RimVSerPort C:\WINDOWS\system32\DRIVERS\RimSerial.sys
20:12:04.0343 3332 RimVSerPort - ok
20:12:04.0390 3332 [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] ROOTMODEM C:\WINDOWS\system32\Drivers\RootMdm.sys
20:12:04.0390 3332 ROOTMODEM - ok
20:12:04.0453 3332 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
20:12:04.0453 3332 RpcLocator - ok
20:12:04.0500 3332 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll
20:12:04.0515 3332 RpcSs - ok
20:12:04.0546 3332 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
20:12:04.0546 3332 RSVP - ok
20:12:04.0609 3332 [ 3529828EC571FB2F64F6B142F9109993 ] RTL8023xp C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
20:12:04.0609 3332 RTL8023xp - ok
20:12:04.0656 3332 [ D507C1400284176573224903819FFDA3 ] rtl8139 C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
20:12:04.0671 3332 rtl8139 - ok
20:12:04.0687 3332 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
20:12:04.0687 3332 SamSs - ok
20:12:04.0750 3332 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
20:12:04.0765 3332 SCardSvr - ok
20:12:04.0812 3332 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
20:12:04.0828 3332 Schedule - ok
20:12:04.0890 3332 [ 8D04819A3CE51B9EB47E5689B44D43C4 ] sdbus C:\WINDOWS\system32\DRIVERS\sdbus.sys
20:12:04.0890 3332 sdbus - ok
20:12:04.0937 3332 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:12:04.0953 3332 Secdrv - ok
20:12:04.0984 3332 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
20:12:05.0000 3332 seclogon - ok
20:12:05.0062 3332 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
20:12:05.0078 3332 SENS - ok
20:12:05.0125 3332 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
20:12:05.0125 3332 Serial - ok
20:12:05.0156 3332 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
20:12:05.0171 3332 Sfloppy - ok
20:12:05.0218 3332 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
20:12:05.0234 3332 SharedAccess - ok
20:12:05.0265 3332 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
20:12:05.0265 3332 ShellHWDetection - ok
20:12:05.0281 3332 Simbad - ok
20:12:05.0359 3332 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
20:12:05.0359 3332 SkypeUpdate - ok
20:12:05.0437 3332 [ 5052DBAFC8F4E4507E6AD0D467DD3529 ] snapman C:\WINDOWS\system32\DRIVERS\snapman.sys
20:12:05.0437 3332 snapman - ok
20:12:05.0437 3332 Sparrow - ok
20:12:05.0500 3332 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
20:12:05.0500 3332 splitter - ok
20:12:05.0562 3332 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
20:12:05.0562 3332 Spooler - ok
20:12:05.0593 3332 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
20:12:05.0593 3332 sr - ok
20:12:05.0640 3332 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
20:12:05.0656 3332 srservice - ok
20:12:05.0718 3332 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
20:12:05.0734 3332 Srv - ok
20:12:05.0796 3332 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
20:12:05.0796 3332 SSDPSRV - ok
20:12:05.0859 3332 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
20:12:05.0875 3332 stisvc - ok
20:12:06.0078 3332 [ A54B4FBC24C4EDE34BEB5F8D8974752A ] SvcOnlineArmor C:\Program Files\Online Armor\oasrv.exe
20:12:06.0218 3332 SvcOnlineArmor - ok
20:12:06.0265 3332 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
20:12:06.0265 3332 swenum - ok
20:12:06.0296 3332 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
20:12:06.0296 3332 swmidi - ok
20:12:06.0328 3332 SwPrv - ok
20:12:06.0343 3332 symc810 - ok
20:12:06.0375 3332 symc8xx - ok
20:12:06.0390 3332 sym_hi - ok
20:12:06.0406 3332 sym_u3 - ok
20:12:06.0515 3332 [ 0F332C0BA9B968EBC8CBB906416F8597 ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
20:12:06.0531 3332 SynTP - ok
20:12:06.0562 3332 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
20:12:06.0562 3332 sysaudio - ok
20:12:06.0625 3332 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
20:12:06.0640 3332 SysmonLog - ok
20:12:06.0687 3332 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
20:12:06.0718 3332 TapiSrv - ok
20:12:06.0796 3332 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:12:06.0812 3332 Tcpip - ok
20:12:06.0875 3332 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
20:12:06.0875 3332 TDPIPE - ok
20:12:06.0921 3332 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
20:12:06.0921 3332 TDTCP - ok
20:12:06.0984 3332 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
20:12:06.0984 3332 TermDD - ok
20:12:07.0031 3332 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
20:12:07.0078 3332 TermService - ok
20:12:07.0125 3332 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
20:12:07.0140 3332 Themes - ok
20:12:07.0203 3332 [ E4C85C291DDB3DC5E4A2F227CA465BA6 ] tifm21 C:\WINDOWS\system32\drivers\tifm21.sys
20:12:07.0203 3332 tifm21 - ok
20:12:07.0265 3332 [ B84B82C0CBEB1B0D7EB7A946BADE5830 ] tifsfilter C:\WINDOWS\system32\DRIVERS\tifsfilt.sys
20:12:07.0265 3332 tifsfilter - ok
20:12:07.0343 3332 [ 74711884439BDF9CCF446C79CB05FAC0 ] timounter C:\WINDOWS\system32\DRIVERS\timntr.sys
20:12:07.0359 3332 timounter - ok
20:12:07.0375 3332 TosIde - ok
20:12:07.0421 3332 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
20:12:07.0437 3332 TrkWks - ok
20:12:07.0468 3332 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
20:12:07.0484 3332 Udfs - ok
20:12:07.0500 3332 ultra - ok
20:12:07.0578 3332 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
20:12:07.0593 3332 Update - ok
20:12:07.0640 3332 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
20:12:07.0656 3332 upnphost - ok
20:12:07.0687 3332 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
20:12:07.0703 3332 UPS - ok
20:12:07.0750 3332 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
20:12:07.0750 3332 usbaudio - ok
20:12:07.0812 3332 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
20:12:07.0812 3332 usbccgp - ok
20:12:07.0828 3332 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
20:12:07.0843 3332 usbehci - ok
20:12:07.0890 3332 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:12:07.0890 3332 usbhub - ok
20:12:07.0953 3332 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
20:12:07.0953 3332 usbohci - ok
20:12:07.0984 3332 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
20:12:07.0984 3332 usbprint - ok
20:12:08.0031 3332 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
20:12:08.0031 3332 usbscan - ok
20:12:08.0062 3332 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:12:08.0062 3332 USBSTOR - ok
20:12:08.0109 3332 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
20:12:08.0125 3332 VgaSave - ok
20:12:08.0140 3332 ViaIde - ok
20:12:08.0187 3332 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
20:12:08.0187 3332 VolSnap - ok
20:12:08.0281 3332 [ F7035815C23DF5DAD8A686C1CDA20F3E ] vsc32 C:\WINDOWS\system32\DRIVERS\vsc.sys
20:12:08.0312 3332 vsc32 - ok
20:12:08.0375 3332 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
20:12:08.0421 3332 VSS - ok
20:12:08.0468 3332 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
20:12:08.0500 3332 W32Time - ok
20:12:08.0562 3332 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:12:08.0578 3332 Wanarp - ok
20:12:08.0625 3332 [ 56242D5BE3BFC8F2A212E6D1F9A16697 ] wceusbsh C:\WINDOWS\system32\DRIVERS\wceusbsh.sys
20:12:08.0625 3332 wceusbsh - ok
20:12:08.0671 3332 [ BBCFEAB7E871CDDAC2D397EE7FA91FDC ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
20:12:08.0687 3332 Wdf01000 - ok
20:12:08.0718 3332 WDICA - ok
20:12:08.0765 3332 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
20:12:08.0765 3332 wdmaud - ok
20:12:08.0828 3332 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
20:12:08.0843 3332 WebClient - ok
20:12:08.0921 3332 [ 473EE64C368CE2EED110376C11960259 ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
20:12:08.0968 3332 winachsf - ok
20:12:09.0062 3332 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
20:12:09.0062 3332 winmgmt - ok
20:12:09.0203 3332 [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:12:09.0250 3332 wlidsvc - ok
20:12:09.0265 3332 wltrysvc - ok
20:12:09.0343 3332 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
20:12:09.0359 3332 WmdmPmSN - ok
20:12:09.0421 3332 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
20:12:09.0421 3332 WmiAcpi - ok
20:12:09.0468 3332 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
20:12:09.0468 3332 WmiApSrv - ok
20:12:09.0593 3332 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
20:12:09.0625 3332 WMPNetworkSvc - ok
20:12:09.0687 3332 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
20:12:09.0703 3332 wscsvc - ok
20:12:09.0765 3332 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
20:12:09.0781 3332 wuauserv - ok
20:12:09.0843 3332 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
20:12:09.0843 3332 WudfPf - ok
20:12:09.0875 3332 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
20:12:09.0875 3332 WudfRd - ok
20:12:09.0937 3332 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
20:12:09.0953 3332 WudfSvc - ok
20:12:10.0015 3332 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
20:12:10.0062 3332 WZCSVC - ok
20:12:10.0109 3332 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
20:12:10.0140 3332 xmlprov - ok
20:12:10.0156 3332 ================ Scan global ===============================
20:12:10.0203 3332 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
20:12:10.0250 3332 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
20:12:10.0312 3332 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
20:12:10.0343 3332 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
20:12:10.0359 3332 [Global] - ok
20:12:10.0359 3332 ================ Scan MBR ==================================
20:12:10.0390 3332 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
20:12:10.0625 3332 \Device\Harddisk0\DR0 - ok
20:12:10.0640 3332 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR2
20:12:10.0640 3332 \Device\Harddisk1\DR2 - ok
20:12:10.0656 3332 ================ Scan VBR ==================================
20:12:10.0656 3332 [ A28339583333C22573F5164FDDB3CC2B ] \Device\Harddisk0\DR0\Partition1
20:12:10.0656 3332 \Device\Harddisk0\DR0\Partition1 - ok
20:12:10.0671 3332 [ 3F2488EA63247D81C3AC1191208176F8 ] \Device\Harddisk1\DR2\Partition1
20:12:10.0687 3332 \Device\Harddisk1\DR2\Partition1 - ok
20:12:10.0687 3332 ============================================================
20:12:10.0687 3332 Scan finished
20:12:10.0687 3332 ============================================================
20:12:10.0718 2652 Detected object count: 0
20:12:10.0718 2652 Actual detected object count: 0
20:13:40.0015 1632 ============================================================
20:13:40.0015 1632 Scan started
20:13:40.0015 1632 Mode: Manual; SigCheck; TDLFS;
20:13:40.0015 1632 ============================================================
20:13:40.0640 1632 ================ Scan system memory ========================
20:13:40.0656 1632 System memory - ok
20:13:40.0671 1632 ================ Scan services =============================
20:13:40.0828 1632 [ 0352A73CD6B1782EA3ED7A03A8268F55 ] Aavmker4 C:\WINDOWS\system32\drivers\Aavmker4.sys
20:13:41.0093 1632 Aavmker4 - ok
20:13:41.0109 1632 Abiosdsk - ok
20:13:41.0125 1632 abp480n5 - ok
20:13:41.0203 1632 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:13:42.0015 1632 ACPI - ok
20:13:42.0031 1632 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
20:13:42.0203 1632 ACPIEC - ok
20:13:42.0296 1632 [ 09951DD226E17A62FED1178404846D02 ] AcrSch2Svc C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
20:13:42.0359 1632 AcrSch2Svc ( UnsignedFile.Multi.Generic ) - warning
20:13:42.0359 1632 AcrSch2Svc - detected UnsignedFile.Multi.Generic (1)
20:13:42.0375 1632 adpu160m - ok
20:13:42.0406 1632 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
20:13:42.0625 1632 aec - ok
20:13:42.0718 1632 [ 2C5C22990156A1063E19AD162191DC1D ] AegisP C:\WINDOWS\system32\DRIVERS\AegisP.sys
20:13:42.0750 1632 AegisP ( UnsignedFile.Multi.Generic ) - warning
20:13:42.0750 1632 AegisP - detected UnsignedFile.Multi.Generic (1)
20:13:42.0812 1632 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
20:13:42.0828 1632 AFD - ok
20:13:42.0843 1632 Aha154x - ok
20:13:42.0859 1632 aic78u2 - ok
20:13:42.0875 1632 aic78xx - ok
20:13:42.0921 1632 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
20:13:43.0109 1632 Alerter - ok
20:13:43.0140 1632 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
20:13:43.0218 1632 ALG - ok
20:13:43.0234 1632 AliIde - ok
20:13:43.0281 1632 [ A2D5F093F9CB160C183C77015704F156 ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys
20:13:43.0328 1632 AmdK8 - ok
20:13:43.0343 1632 amsint - ok
20:13:43.0437 1632 [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:13:43.0453 1632 Apple Mobile Device - ok
20:13:43.0468 1632 AppMgmt - ok
20:13:43.0500 1632 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
20:13:43.0687 1632 Arp1394 - ok
20:13:43.0703 1632 asc - ok
20:13:43.0718 1632 asc3350p - ok
20:13:43.0734 1632 asc3550 - ok
20:13:43.0875 1632 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
20:13:43.0890 1632 aspnet_state - ok
20:13:43.0937 1632 [ F5DC168BF77572D51BE28BA261B30CB4 ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
20:13:43.0953 1632 aswFsBlk - ok
20:13:43.0968 1632 [ 2B9B1DF809E965EF63402CBBA6DB50AE ] aswMon2 C:\WINDOWS\system32\drivers\aswMon2.sys
20:13:44.0000 1632 aswMon2 - ok
20:13:44.0046 1632 [ B7D5E4486BA658ED08624D8084ABB830 ] AswRdr C:\WINDOWS\system32\drivers\AswRdr.sys
20:13:44.0062 1632 AswRdr - ok
20:13:44.0125 1632 [ 30E45AF8B4D83176CA850FC9699E860B ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
20:13:44.0171 1632 aswSnx - ok
20:13:44.0203 1632 [ F04BDBCB965C05C51F4A7DE7B62063D6 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
20:13:44.0234 1632 aswSP - ok
20:13:44.0281 1632 [ DFE9152ABFA89BB8CFDC057409B2D4DA ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
20:13:44.0296 1632 aswTdi - ok
20:13:44.0312 1632 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:13:44.0500 1632 AsyncMac - ok
20:13:44.0515 1632 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
20:13:44.0718 1632 atapi - ok
20:13:44.0734 1632 Atdisk - ok
20:13:44.0796 1632 [ ABC57A6F6070BAF9786C318F59F29F0B ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
20:13:44.0859 1632 Ati HotKey Poller - ok
20:13:44.0921 1632 [ 03621F7F968FF63713943405DEB777F9 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
20:13:44.0984 1632 ati2mtag - ok
20:13:45.0031 1632 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:13:45.0203 1632 Atmarpc - ok
20:13:45.0250 1632 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
20:13:45.0468 1632 AudioSrv - ok
20:13:45.0500 1632 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
20:13:45.0703 1632 audstub - ok
20:13:45.0765 1632 [ 04AC21E821F259845BD7367CEE057290 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
20:13:45.0781 1632 avast! Antivirus - ok
20:13:45.0859 1632 [ 37F385A93C620CBE0F89C17E45F697A1 ] BCM43XX C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
20:13:45.0953 1632 BCM43XX - ok
20:13:46.0000 1632 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
20:13:46.0203 1632 Beep - ok
20:13:46.0265 1632 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
20:13:46.0515 1632 BITS - ok
20:13:46.0578 1632 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:13:46.0609 1632 Bonjour Service - ok
20:13:46.0656 1632 [ 4BA311473E0D8557827E6F2FE33A8095 ] brfilt C:\WINDOWS\system32\Drivers\Brfilt.sys
20:13:46.0890 1632 brfilt - ok
20:13:46.0953 1632 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
20:13:46.0984 1632 Browser - ok
20:13:47.0000 1632 [ 8E06CD96E00472C03770A697D04031C0 ] BrSerWDM C:\WINDOWS\system32\Drivers\BrSerWdm.sys
20:13:47.0218 1632 BrSerWDM - ok
20:13:47.0312 1632 [ 37E2D0B12DDF536CD64AF6EB3B580EF8 ] BrUsbMdm C:\WINDOWS\system32\Drivers\BrUsbMdm.sys
20:13:47.0531 1632 BrUsbMdm - ok
20:13:47.0562 1632 [ 1C5F014048E5B2748C1A8AD297C50B6F ] BrUsbScn C:\WINDOWS\system32\Drivers\BrUsbScn.sys
20:13:47.0734 1632 BrUsbScn - ok
20:13:47.0781 1632 [ 23913C28AC89875BBFA03BCCDC3A41E5 ] CAMCAUD C:\WINDOWS\system32\drivers\camc6aud.sys
20:13:47.0828 1632 CAMCAUD - ok
20:13:47.0859 1632 [ E6EDB12A44DAFCEF05DBDDF3ED652388 ] CAMCHALA C:\WINDOWS\system32\drivers\camc6hal.sys
20:13:47.0921 1632 CAMCHALA - ok
20:13:47.0968 1632 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
20:13:48.0187 1632 cbidf2k - ok
20:13:48.0203 1632 cd20xrnt - ok
20:13:48.0234 1632 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
20:13:48.0406 1632 Cdaudio - ok
20:13:48.0453 1632 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
20:13:48.0671 1632 Cdfs - ok
20:13:48.0718 1632 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:13:48.0921 1632 Cdrom - ok
20:13:48.0937 1632 Changer - ok
20:13:48.0984 1632 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
20:13:49.0156 1632 CiSvc - ok
20:13:49.0187 1632 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
20:13:49.0375 1632 ClipSrv - ok
20:13:49.0437 1632 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:13:49.0453 1632 clr_optimization_v2.0.50727_32 - ok
20:13:49.0468 1632 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
20:13:49.0640 1632 CmBatt - ok
20:13:49.0656 1632 CmdIde - ok
20:13:49.0671 1632 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
20:13:49.0875 1632 Compbatt - ok
20:13:49.0890 1632 COMSysApp - ok
20:13:49.0921 1632 Cpqarray - ok
20:13:50.0015 1632 [ 75FA19142531CBF490770C2988A7DB64 ] cpuz134 C:\swsetup\PCWizard\pc-wizard_2010.1.961\pcwiz_x32.sys
20:13:50.0031 1632 cpuz134 - ok
20:13:50.0078 1632 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
20:13:50.0250 1632 CryptSvc - ok
20:13:50.0265 1632 dac2w2k - ok
20:13:50.0281 1632 dac960nt - ok
20:13:50.0328 1632 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
20:13:50.0359 1632 DcomLaunch - ok
20:13:50.0406 1632 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
20:13:50.0593 1632 Dhcp - ok
20:13:50.0640 1632 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
20:13:50.0859 1632 Disk - ok
20:13:50.0875 1632 dmadmin - ok
20:13:50.0906 1632 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
20:13:51.0140 1632 dmboot - ok
20:13:51.0171 1632 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
20:13:51.0390 1632 dmio - ok
20:13:51.0421 1632 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
20:13:51.0609 1632 dmload - ok
20:13:51.0640 1632 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
20:13:51.0828 1632 dmserver - ok
20:13:51.0875 1632 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
20:13:52.0062 1632 DMusic - ok
20:13:52.0125 1632 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
20:13:52.0156 1632 Dnscache - ok
20:13:52.0203 1632 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
20:13:52.0390 1632 Dot3svc - ok
20:13:52.0390 1632 dpti2o - ok
20:13:52.0421 1632 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
20:13:52.0625 1632 drmkaud - ok
20:13:52.0671 1632 [ 1FC1EED3EA0C3A0ECF8A95B97E1B4831 ] dvd43llh C:\WINDOWS\system32\DRIVERS\dvd43llh.sys
20:13:52.0687 1632 dvd43llh ( UnsignedFile.Multi.Generic ) - warning
20:13:52.0687 1632 dvd43llh - detected UnsignedFile.Multi.Generic (1)
20:13:52.0718 1632 [ 81B7808D3B5892388F33273119C2DC31 ] eabfiltr C:\WINDOWS\system32\drivers\EABFiltr.sys
20:13:52.0734 1632 eabfiltr - ok
20:13:52.0765 1632 [ 1BA14DA377B66278335D4B9E8824CD42 ] eabusb C:\WINDOWS\system32\drivers\eabusb.sys
20:13:52.0796 1632 eabusb - ok
20:13:52.0828 1632 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
20:13:53.0015 1632 EapHost - ok
20:13:53.0062 1632 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
20:13:53.0250 1632 ERSvc - ok
20:13:53.0281 1632 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
20:13:53.0328 1632 Eventlog - ok
20:13:53.0390 1632 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
20:13:53.0421 1632 EventSystem - ok
20:13:53.0468 1632 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
20:13:53.0703 1632 Fastfat - ok
20:13:53.0734 1632 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
20:13:53.0781 1632 FastUserSwitchingCompatibility - ok
20:13:53.0812 1632 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
20:13:53.0984 1632 Fdc - ok
20:13:54.0015 1632 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
20:13:54.0203 1632 Fips - ok
20:13:54.0265 1632 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
20:13:54.0453 1632 Flpydisk - ok
20:13:54.0500 1632 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
20:13:54.0687 1632 FltMgr - ok
20:13:54.0765 1632 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
20:13:54.0781 1632 FontCache3.0.0.0 - ok
20:13:54.0812 1632 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:13:55.0015 1632 Fs_Rec - ok
20:13:55.0031 1632 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:13:55.0250 1632 Ftdisk - ok
20:13:55.0296 1632 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
20:13:55.0296 1632 GEARAspiWDM - ok
20:13:55.0343 1632 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:13:55.0515 1632 Gpc - ok
20:13:55.0578 1632 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
20:13:55.0609 1632 gupdate - ok
20:13:55.0625 1632 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
20:13:55.0640 1632 gupdatem - ok
20:13:55.0734 1632 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
20:13:55.0921 1632 helpsvc - ok
20:13:55.0953 1632 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
20:13:56.0125 1632 HidServ - ok
20:13:56.0156 1632 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
20:13:56.0328 1632 hidusb - ok
20:13:56.0359 1632 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
20:13:56.0546 1632 hkmsvc - ok
20:13:56.0656 1632 [ C5F00D15AA15CB7F55A027FF75E44BB7 ] HP Port Resolver C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE
20:13:56.0718 1632 HP Port Resolver - ok
20:13:56.0765 1632 [ C5A288E4CEEF5A26D105117BAA3763AB ] HP Status Server C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE
20:13:56.0828 1632 HP Status Server - ok
20:13:56.0843 1632 hpn - ok
20:13:56.0921 1632 [ 61556FA814F907BCED618B64DA66212A ] hpqwmi C:\Program Files\HPQ\shared\hpqwmi.exe
20:13:56.0953 1632 hpqwmi ( UnsignedFile.Multi.Generic ) - warning
20:13:56.0953 1632 hpqwmi - detected UnsignedFile.Multi.Generic (1)
20:13:57.0000 1632 [ 30CA91E657CEDE2F95359D6EF186F650 ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
20:13:57.0031 1632 HPZid412 - ok
20:13:57.0062 1632 [ EFD31AFA752AA7C7BBB57BCBE2B01C78 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
20:13:57.0093 1632 HPZipr12 - ok
20:13:57.0125 1632 [ 7AC43C38CA8FD7ED0B0A4466F753E06E ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
20:13:57.0171 1632 HPZius12 - ok
20:13:57.0218 1632 [ 13D4B70BF2F9BC550E9079DA864D3EC1 ] HSFHWATI C:\WINDOWS\system32\DRIVERS\HSFHWATI.sys
20:13:57.0281 1632 HSFHWATI - ok
20:13:57.0359 1632 [ DFA8F86C0DBCA7DB948043AA3BE6793B ] HSF_DP C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
20:13:57.0468 1632 HSF_DP - ok
20:13:57.0500 1632 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
20:13:57.0546 1632 HTTP - ok
20:13:57.0578 1632 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
20:13:57.0734 1632 HTTPFilter - ok
20:13:57.0750 1632 i2omgmt - ok
20:13:57.0765 1632 i2omp - ok
20:13:57.0812 1632 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
20:13:57.0984 1632 i8042prt - ok
20:13:58.0078 1632 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:13:58.0140 1632 idsvc - ok
20:13:58.0203 1632 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
20:13:58.0359 1632 Imapi - ok
20:13:58.0406 1632 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
20:13:58.0593 1632 ImapiService - ok
20:13:58.0609 1632 ini910u - ok
20:13:58.0625 1632 IntelIde - ok
20:13:58.0671 1632 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
20:13:58.0843 1632 Ip6Fw - ok
20:13:58.0875 1632 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:13:59.0015 1632 IpFilterDriver - ok
20:13:59.0046 1632 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:13:59.0203 1632 IpInIp - ok
20:13:59.0234 1632 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:13:59.0406 1632 IpNat - ok
20:13:59.0468 1632 [ 178FE38B7740F598391EB2F51AE4CCAC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
20:13:59.0500 1632 iPod Service - ok
20:13:59.0546 1632 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:13:59.0765 1632 IPSec - ok
20:13:59.0812 1632 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
20:13:59.0875 1632 IRENUM - ok
20:13:59.0921 1632 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:14:00.0046 1632 isapnp - ok
20:14:00.0171 1632 [ A12175F063302CD68F8FC6D572D7E5FD ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
20:14:00.0187 1632 JavaQuickStarterService - ok
20:14:00.0218 1632 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:14:00.0390 1632 Kbdclass - ok
20:14:00.0468 1632 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
20:14:00.0671 1632 kmixer - ok
20:14:00.0687 1632 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
20:14:00.0718 1632 KSecDD - ok
20:14:00.0765 1632 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
20:14:00.0796 1632 lanmanserver - ok
20:14:00.0843 1632 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
20:14:00.0875 1632 lanmanworkstation - ok
20:14:00.0875 1632 lbrtfdc - ok
20:14:00.0937 1632 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
20:14:01.0125 1632 LmHosts - ok
20:14:01.0125 1632 [ 3C318B9CD391371BED62126581EE9961 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
20:14:01.0187 1632 mdmxsdk - ok
20:14:01.0218 1632 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
20:14:01.0406 1632 Messenger - ok
20:14:01.0437 1632 [ A7DA20AB18A1BDAE28B0F349E57DA0D1 ] mf C:\WINDOWS\system32\DRIVERS\mf.sys
20:14:01.0625 1632 mf - ok
20:14:01.0687 1632 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
20:14:01.0843 1632 mnmdd - ok
20:14:01.0890 1632 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
20:14:02.0031 1632 mnmsrvc - ok
20:14:02.0078 1632 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
20:14:02.0250 1632 Modem - ok
20:14:02.0281 1632 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:14:02.0453 1632 Mouclass - ok
20:14:02.0484 1632 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
20:14:02.0656 1632 mouhid - ok
20:14:02.0687 1632 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
20:14:02.0875 1632 MountMgr - ok
20:14:02.0875 1632 mraid35x - ok
20:14:02.0890 1632 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:14:03.0062 1632 MRxDAV - ok
20:14:03.0109 1632 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:14:03.0140 1632 MRxSmb - ok
20:14:03.0187 1632 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
20:14:03.0328 1632 MSDTC - ok
20:14:03.0343 1632 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
20:14:03.0531 1632 Msfs - ok
20:14:03.0531 1632 MSIServer - ok
20:14:03.0562 1632 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:14:03.0703 1632 MSKSSRV - ok
20:14:03.0750 1632 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:14:03.0921 1632 MSPCLOCK - ok
20:14:03.0953 1632 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
20:14:04.0093 1632 MSPQM - ok
20:14:04.0125 1632 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:14:04.0281 1632 mssmbios - ok
20:14:04.0343 1632 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
20:14:04.0375 1632 Mup - ok
20:14:04.0421 1632 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
20:14:04.0625 1632 napagent - ok
20:14:04.0671 1632 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
20:14:04.0828 1632 NDIS - ok
20:14:04.0859 1632 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:14:04.0906 1632 NdisTapi - ok
20:14:04.0968 1632 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:14:05.0140 1632 Ndisuio - ok
20:14:05.0171 1632 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:14:05.0375 1632 NdisWan - ok
20:14:05.0421 1632 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
20:14:05.0437 1632 NDProxy - ok
20:14:05.0500 1632 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
20:14:05.0671 1632 NetBIOS - ok
20:14:05.0703 1632 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
20:14:05.0906 1632 NetBT - ok
20:14:05.0953 1632 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
20:14:06.0125 1632 NetDDE - ok
20:14:06.0140 1632 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
20:14:06.0343 1632 NetDDEdsdm - ok
20:14:06.0406 1632 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
20:14:06.0546 1632 Netlogon - ok
20:14:06.0593 1632 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
20:14:06.0812 1632 Netman - ok
20:14:06.0843 1632 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:14:06.0859 1632 NetTcpPortSharing - ok
20:14:06.0890 1632 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
20:14:07.0062 1632 NIC1394 - ok
20:14:07.0109 1632 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
20:14:07.0156 1632 Nla - ok
20:14:07.0203 1632 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
20:14:07.0375 1632 Npfs - ok
20:14:07.0421 1632 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
20:14:07.0593 1632 Ntfs - ok
20:14:07.0625 1632 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
20:14:07.0812 1632 NtLmSsp - ok
20:14:07.0859 1632 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
20:14:08.0078 1632 NtmsSvc - ok
20:14:08.0109 1632 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
20:14:08.0265 1632 Null - ok
20:14:08.0312 1632 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:14:08.0468 1632 NwlnkFlt - ok
20:14:08.0500 1632 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:14:08.0656 1632 NwlnkFwd - ok
20:14:08.0781 1632 [ 1A008CBB313F7A6644B883AE1829393B ] OAcat C:\Program Files\Online Armor\OAcat.exe
20:14:08.0812 1632 OAcat - ok
20:14:08.0843 1632 [ C0BA927C3A1A62F2BF664F242D91C082 ] OADevice C:\WINDOWS\system32\drivers\OADriver.sys
20:14:08.0875 1632 OADevice - ok
20:14:08.0921 1632 [ C968369E2BC5F6A8426C1E7D78E33F1B ] oahlpXX C:\WINDOWS\system32\drivers\oahlp32.sys
20:14:08.0937 1632 oahlpXX - ok
20:14:08.0953 1632 [ 04E7E92CD91E61E0CC1BDF849032AD81 ] OAmon C:\WINDOWS\system32\drivers\OAmon.sys
20:14:08.0968 1632 OAmon - ok
20:14:09.0000 1632 [ F3250D94BEE44A0D00939F10830B3563 ] OAnet C:\WINDOWS\system32\drivers\OAnet.sys
20:14:09.0015 1632 OAnet - ok
20:14:09.0031 1632 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
20:14:09.0218 1632 ohci1394 - ok
20:14:09.0296 1632 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:14:09.0312 1632 ose - ok
20:14:09.0375 1632 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\drivers\Parport.sys
20:14:09.0593 1632 Parport - ok
20:14:09.0625 1632 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
20:14:09.0812 1632 PartMgr - ok
20:14:09.0859 1632 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
20:14:10.0062 1632 ParVdm - ok
20:14:10.0093 1632 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
20:14:10.0281 1632 PCI - ok
20:14:10.0296 1632 PCIDump - ok
20:14:10.0312 1632 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
20:14:10.0484 1632 PCIIde - ok
20:14:10.0500 1632 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
20:14:10.0718 1632 Pcmcia - ok
20:14:10.0765 1632 [ 5B6C11DE7E839C05248CED8825470FEF ] pcouffin C:\WINDOWS\system32\Drivers\pcouffin.sys
20:14:10.0796 1632 pcouffin ( UnsignedFile.Multi.Generic ) - warning
20:14:10.0796 1632 pcouffin - detected UnsignedFile.Multi.Generic (1)
20:14:10.0812 1632 PDCOMP - ok
20:14:10.0828 1632 PDFRAME - ok
20:14:10.0828 1632 PDRELI - ok
20:14:10.0843 1632 PDRFRAME - ok
20:14:10.0859 1632 perc2 - ok
20:14:10.0875 1632 perc2hib - ok
20:14:10.0921 1632 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
20:14:10.0953 1632 PlugPlay - ok
20:14:11.0000 1632 [ D31F88C5F19EEFA366A415D6BC5F2ABC ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.exe
20:14:11.0046 1632 Pml Driver HPZ12 - ok
20:14:11.0062 1632 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
20:14:11.0218 1632 PolicyAgent - ok
20:14:11.0250 1632 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:14:11.0421 1632 PptpMiniport - ok
20:14:11.0453 1632 [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
20:14:11.0656 1632 Processor - ok
20:14:11.0671 1632 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
20:14:11.0828 1632 ProtectedStorage - ok
20:14:11.0875 1632 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:14:12.0078 1632 Ptilink - ok
20:14:12.0140 1632 [ 30CBAE0A34359F1CD19D1576245149ED ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
20:14:12.0156 1632 PxHelp20 ( UnsignedFile.Multi.Generic ) - warning
20:14:12.0156 1632 PxHelp20 - detected UnsignedFile.Multi.Generic (1)
20:14:12.0171 1632 ql1080 - ok
20:14:12.0171 1632 Ql10wnt - ok
20:14:12.0187 1632 ql12160 - ok
20:14:12.0203 1632 ql1240 - ok
20:14:12.0218 1632 ql1280 - ok
20:14:12.0250 1632 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:14:12.0390 1632 RasAcd - ok
20:14:12.0437 1632 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
20:14:12.0656 1632 RasAuto - ok
20:14:12.0687 1632 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:14:12.0890 1632 Rasl2tp - ok
20:14:12.0968 1632 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
20:14:13.0187 1632 RasMan - ok
20:14:13.0187 1632 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:14:13.0375 1632 RasPppoe - ok
20:14:13.0406 1632 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
20:14:13.0609 1632 Raspti - ok
20:14:13.0656 1632 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:14:13.0859 1632 Rdbss - ok
20:14:13.0890 1632 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:14:14.0046 1632 RDPCDD - ok
20:14:14.0125 1632 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
20:14:14.0156 1632 RDPWD - ok
20:14:14.0187 1632 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
20:14:14.0562 1632 RDSessMgr - ok
20:14:14.0593 1632 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
20:14:14.0781 1632 redbook - ok
20:14:14.0828 1632 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
20:14:15.0000 1632 RemoteAccess - ok
20:14:15.0046 1632 [ 4F4A4C09CC5BE58A76CAC1C337E004E6 ] RimUsb C:\WINDOWS\system32\Drivers\RimUsb.sys
20:14:15.0078 1632 RimUsb - ok
20:14:15.0125 1632 [ 3A5633AD615E2B15291BD0B1B97CCD8A ] RimVSerPort C:\WINDOWS\system32\DRIVERS\RimSerial.sys
20:14:15.0171 1632 RimVSerPort - ok
20:14:15.0203 1632 [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] ROOTMODEM C:\WINDOWS\system32\Drivers\RootMdm.sys
20:14:15.0390 1632 ROOTMODEM - ok
20:14:15.0468 1632 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
20:14:15.0734 1632 RpcLocator - ok
20:14:15.0828 1632 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll
20:14:15.0859 1632 RpcSs - ok
20:14:15.0890 1632 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
20:14:16.0078 1632 RSVP - ok
20:14:16.0125 1632 [ 3529828EC571FB2F64F6B142F9109993 ] RTL8023xp C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
20:14:16.0187 1632 RTL8023xp - ok
20:14:16.0234 1632 [ D507C1400284176573224903819FFDA3 ] rtl8139 C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
20:14:16.0437 1632 rtl8139 - ok
20:14:16.0468 1632 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
20:14:16.0640 1632 SamSs - ok
20:14:16.0703 1632 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
20:14:16.0921 1632 SCardSvr - ok
20:14:16.0984 1632 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
20:14:17.0203 1632 Schedule - ok
20:14:17.0250 1632 [ 8D04819A3CE51B9EB47E5689B44D43C4 ] sdbus C:\WINDOWS\system32\DRIVERS\sdbus.sys
20:14:17.0421 1632 sdbus - ok
20:14:17.0468 1632 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:14:17.0546 1632 Secdrv - ok
20:14:17.0562 1632 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
20:14:17.0734 1632 seclogon - ok
20:14:17.0750 1632 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
20:14:17.0968 1632 SENS - ok
20:14:18.0015 1632 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
20:14:18.0203 1632 Serial - ok
20:14:18.0250 1632 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
20:14:18.0390 1632 Sfloppy - ok
20:14:18.0453 1632 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
20:14:18.0656 1632 SharedAccess - ok
20:14:18.0687 1632 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
20:14:18.0703 1632 ShellHWDetection - ok
20:14:18.0718 1632 Simbad - ok
20:14:18.0781 1632 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
20:14:18.0796 1632 SkypeUpdate - ok
20:14:18.0859 1632 [ 5052DBAFC8F4E4507E6AD0D467DD3529 ] snapman C:\WINDOWS\system32\DRIVERS\snapman.sys
20:14:18.0890 1632 snapman ( UnsignedFile.Multi.Generic ) - warning
20:14:18.0890 1632 snapman - detected UnsignedFile.Multi.Generic (1)
20:14:18.0906 1632 Sparrow - ok
20:14:18.0953 1632 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
20:14:19.0109 1632 splitter - ok
20:14:19.0156 1632 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
20:14:19.0187 1632 Spooler - ok
20:14:19.0218 1632 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
20:14:19.0312 1632 sr - ok
20:14:19.0359 1632 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
20:14:19.0437 1632 srservice - ok
20:14:19.0500 1632 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
20:14:19.0546 1632 Srv - ok
20:14:19.0593 1632 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
20:14:19.0687 1632 SSDPSRV - ok
20:14:19.0734 1632 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
20:14:19.0953 1632 stisvc - ok
20:14:20.0156 1632 [ A54B4FBC24C4EDE34BEB5F8D8974752A ] SvcOnlineArmor C:\Program Files\Online Armor\oasrv.exe
20:14:20.0390 1632 SvcOnlineArmor - ok
20:14:20.0437 1632 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
20:14:20.0625 1632 swenum - ok
20:14:20.0656 1632 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
20:14:20.0859 1632 swmidi - ok
20:14:20.0875 1632 SwPrv - ok
20:14:20.0906 1632 symc810 - ok
20:14:20.0921 1632 symc8xx - ok
20:14:20.0937 1632 sym_hi - ok
20:14:20.0953 1632 sym_u3 - ok
20:14:21.0015 1632 [ 0F332C0BA9B968EBC8CBB906416F8597 ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
20:14:21.0046 1632 SynTP - ok
20:14:21.0078 1632 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
20:14:21.0218 1632 sysaudio - ok
20:14:21.0281 1632 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
20:14:21.0453 1632 SysmonLog - ok
20:14:21.0515 1632 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
20:14:21.0718 1632 TapiSrv - ok
20:14:21.0781 1632 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:14:21.0828 1632 Tcpip - ok
20:14:21.0875 1632 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
20:14:22.0031 1632 TDPIPE - ok
20:14:22.0093 1632 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
20:14:22.0265 1632 TDTCP - ok
20:14:22.0312 1632 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
20:14:22.0468 1632 TermDD - ok
20:14:22.0515 1632 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
20:14:22.0734 1632 TermService - ok
20:14:22.0765 1632 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
20:14:22.0796 1632 Themes - ok
20:14:22.0843 1632 [ E4C85C291DDB3DC5E4A2F227CA465BA6 ] tifm21 C:\WINDOWS\system32\drivers\tifm21.sys
20:14:22.0890 1632 tifm21 - ok
20:14:22.0921 1632 [ B84B82C0CBEB1B0D7EB7A946BADE5830 ] tifsfilter C:\WINDOWS\system32\DRIVERS\tifsfilt.sys
20:14:22.0921 1632 tifsfilter ( UnsignedFile.Multi.Generic ) - warning
20:14:22.0921 1632 tifsfilter - detected UnsignedFile.Multi.Generic (1)
20:14:22.0968 1632 [ 74711884439BDF9CCF446C79CB05FAC0 ] timounter C:\WINDOWS\system32\DRIVERS\timntr.sys
20:14:23.0015 1632 timounter ( UnsignedFile.Multi.Generic ) - warning
20:14:23.0015 1632 timounter - detected UnsignedFile.Multi.Generic (1)
20:14:23.0031 1632 TosIde - ok
20:14:23.0078 1632 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
20:14:23.0234 1632 TrkWks - ok
20:14:23.0250 1632 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
20:14:23.0453 1632 Udfs - ok
20:14:23.0453 1632 ultra - ok
20:14:23.0515 1632 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
20:14:23.0734 1632 Update - ok
20:14:23.0781 1632 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
20:14:23.0859 1632 upnphost - ok
20:14:23.0890 1632 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
20:14:24.0046 1632 UPS - ok
20:14:24.0093 1632 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
20:14:24.0265 1632 usbaudio - ok
20:14:24.0296 1632 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
20:14:24.0453 1632 usbccgp - ok
20:14:24.0468 1632 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
20:14:24.0640 1632 usbehci - ok
20:14:24.0687 1632 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:14:24.0875 1632 usbhub - ok
20:14:24.0921 1632 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
20:14:25.0078 1632 usbohci - ok
20:14:25.0109 1632 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
20:14:25.0265 1632 usbprint - ok
20:14:25.0312 1632 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
20:14:25.0484 1632 usbscan - ok
20:14:25.0515 1632 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:14:25.0703 1632 USBSTOR - ok
20:14:25.0734 1632 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
20:14:25.0875 1632 VgaSave - ok
20:14:25.0890 1632 ViaIde - ok
20:14:25.0953 1632 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
20:14:26.0125 1632 VolSnap - ok
20:14:26.0187 1632 [ F7035815C23DF5DAD8A686C1CDA20F3E ] vsc32 C:\WINDOWS\system32\DRIVERS\vsc.sys
20:14:26.0234 1632 vsc32 ( UnsignedFile.Multi.Generic ) - warning
20:14:26.0234 1632 vsc32 - detected UnsignedFile.Multi.Generic (1)
20:14:26.0296 1632 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
20:14:26.0375 1632 VSS - ok
20:14:26.0390 1632 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
20:14:26.0562 1632 W32Time - ok
20:14:26.0593 1632 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:14:26.0781 1632 Wanarp - ok
20:14:26.0828 1632 [ 56242D5BE3BFC8F2A212E6D1F9A16697 ] wceusbsh C:\WINDOWS\system32\DRIVERS\wceusbsh.sys
20:14:26.0875 1632 wceusbsh - ok
20:14:26.0953 1632 [ BBCFEAB7E871CDDAC2D397EE7FA91FDC ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
20:14:26.0984 1632 Wdf01000 - ok
20:14:27.0000 1632 WDICA - ok
20:14:27.0046 1632 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
20:14:27.0234 1632 wdmaud - ok
20:14:27.0250 1632 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
20:14:27.0453 1632 WebClient - ok
20:14:27.0531 1632 [ 473EE64C368CE2EED110376C11960259 ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
20:14:27.0625 1632 winachsf - ok
20:14:27.0718 1632 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
20:14:27.0937 1632 winmgmt - ok
20:14:28.0046 1632 [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:14:28.0140 1632 wlidsvc - ok
20:14:28.0156 1632 wltrysvc - ok
20:14:28.0218 1632 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
20:14:28.0234 1632 WmdmPmSN - ok
20:14:28.0296 1632 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
20:14:28.0468 1632 WmiAcpi - ok
20:14:28.0515 1632 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
20:14:28.0734 1632 WmiApSrv - ok
20:14:28.0859 1632 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
20:14:28.0921 1632 WMPNetworkSvc - ok
20:14:29.0000 1632 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
20:14:29.0187 1632 wscsvc - ok
20:14:29.0234 1632 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
20:14:29.0421 1632 wuauserv - ok
20:14:29.0468 1632 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
20:14:29.0484 1632 WudfPf - ok
20:14:29.0515 1632 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
20:14:29.0546 1632 WudfRd - ok
20:14:29.0625 1632 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
20:14:29.0656 1632 WudfSvc - ok
20:14:29.0718 1632 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
20:14:29.0984 1632 WZCSVC - ok
20:14:30.0031 1632 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
20:14:30.0234 1632 xmlprov - ok
20:14:30.0265 1632 ================ Scan global ===============================
20:14:30.0296 1632 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
20:14:30.0359 1632 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
20:14:30.0390 1632 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
20:14:30.0406 1632 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
20:14:30.0421 1632 [Global] - ok
20:14:30.0421 1632 ================ Scan MBR ==================================
20:14:30.0453 1632 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
20:14:30.0750 1632 \Device\Harddisk0\DR0 - ok
20:14:30.0750 1632 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR2
20:14:31.0265 1632 \Device\Harddisk1\DR2 - ok
20:14:31.0281 1632 ================ Scan VBR ==================================
20:14:31.0281 1632 [ A28339583333C22573F5164FDDB3CC2B ] \Device\Harddisk0\DR0\Partition1
20:14:31.0296 1632 \Device\Harddisk0\DR0\Partition1 - ok
20:14:31.0312 1632 [ 3F2488EA63247D81C3AC1191208176F8 ] \Device\Harddisk1\DR2\Partition1
20:14:31.0312 1632 \Device\Harddisk1\DR2\Partition1 - ok
20:14:31.0328 1632 ============================================================
20:14:31.0328 1632 Scan finished
20:14:31.0328 1632 ============================================================
20:14:31.0453 2556 Detected object count: 10
20:14:31.0453 2556 Actual detected object count: 10
20:15:39.0515 2556 AcrSch2Svc ( UnsignedFile.Multi.Generic ) - skipped by user
20:15:39.0515 2556 AcrSch2Svc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:15:39.0515 2556 AegisP ( UnsignedFile.Multi.Generic ) - skipped by user
20:15:39.0515 2556 AegisP ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:15:39.0515 2556 dvd43llh ( UnsignedFile.Multi.Generic ) - skipped by user
20:15:39.0515 2556 dvd43llh ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:15:39.0515 2556 hpqwmi ( UnsignedFile.Multi.Generic ) - skipped by user
20:15:39.0515 2556 hpqwmi ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:15:39.0531 2556 pcouffin ( UnsignedFile.Multi.Generic ) - skipped by user
20:15:39.0531 2556 pcouffin ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:15:39.0531 2556 PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user
20:15:39.0531 2556 PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:15:39.0531 2556 snapman ( UnsignedFile.Multi.Generic ) - skipped by user
20:15:39.0531 2556 snapman ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:15:39.0531 2556 tifsfilter ( UnsignedFile.Multi.Generic ) - skipped by user
20:15:39.0531 2556 tifsfilter ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:15:39.0531 2556 timounter ( UnsignedFile.Multi.Generic ) - skipped by user
20:15:39.0546 2556 timounter ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:15:39.0546 2556 vsc32 ( UnsignedFile.Multi.Generic ) - skipped by user
20:15:39.0546 2556 vsc32 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:15:50.0796 2508 Deinitialize success
Replaced MalwareBytes with the newest version. Log:
Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org
Database version: v2012.10.11.15
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Carl :: HOME-135978DFB9 [administrator]
10/11/2012 8:33:20 PM
mbam-log-2012-10-11 (20-33-20).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 214293
Time elapsed: 30 minute(s), 59 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
Used the Event Viewer to clear the System and Application logs. Rebooted.
Ran the Event Viewer Tool and got the two logs:
Vino's Event Viewer v01c run on Windows XP in English
Report run at 11/10/2012 9:23:16 PM
Note: All dates below are in the format dd/mm/yyyy
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Vino's Event Viewer v01c run on Windows XP in English
Report run at 11/10/2012 9:24:29 PM
Note: All dates below are in the format dd/mm/yyyy
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Ran OTL as instructed and got two logs:
OTL logfile created on: 10/11/2012 9:34:27 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Carl\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1022.48 Mb Total Physical Memory | 395.16 Mb Available Physical Memory | 38.65% Memory free
2.40 Gb Paging File | 1.90 Gb Available in Paging File | 78.91% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 16.63 Gb Free Space | 22.32% Space Free | Partition Type: NTFS
Drive F: | 55.89 Gb Total Space | 3.14 Gb Free Space | 5.61% Space Free | Partition Type: NTFS
Computer Name: HOME-135978DFB9 | User Name: Carl | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2012/10/11 21:32:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Carl\Desktop\OTL.exe
PRC - [2012/10/11 10:34:31 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2012/10/02 15:02:10 | 004,463,864 | ---- | M] (Emsisoft GmbH) -- C:\Program Files\Online Armor\oasrv.exe
PRC - [2012/10/02 15:02:10 | 002,415,104 | ---- | M] (Emsisoft GmbH) -- C:\Program Files\Online Armor\oaui.exe
PRC - [2012/10/02 15:02:06 | 001,248,144 | ---- | M] (Emsisoft GmbH) -- C:\Program Files\Online Armor\oahlp.exe
PRC - [2012/10/02 15:02:04 | 000,216,072 | ---- | M] (Emsisoft GmbH) -- C:\Program Files\Online Armor\oacat.exe
PRC - [2012/08/21 05:12:26 | 004,282,728 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/08/21 05:12:25 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/05/24 14:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\Carl\Application Data\Dropbox\bin\Dropbox.exe
PRC - [2011/09/01 18:47:26 | 000,090,448 | ---- | M] (Research In Motion Limited) -- C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/11/06 20:40:54 | 000,815,104 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
PRC - [2006/12/01 10:43:42 | 001,852,329 | ---- | M] (Acronis) -- C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
PRC - [2006/11/30 18:49:10 | 000,135,168 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
PRC - [2006/11/30 18:49:06 | 000,397,312 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
PRC - [2006/11/30 18:48:08 | 001,115,317 | ---- | M] (Acronis) -- C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
PRC - [2006/03/03 21:03:10 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
PRC - [2005/05/11 18:48:22 | 001,044,480 | ---- | M] (Broadcom Corporation) -- C:\WINDOWS\system32\bcmntray.EXE
PRC - [2004/12/03 13:24:20 | 000,290,816 | ---- | M] (Hewlett-Packard ) -- C:\Program Files\HPQ\Quick Launch Buttons\eabservr.exe
PRC - [2002/08/12 10:00:40 | 001,568,768 | ---- | M] (Scansoft, Inc.) -- C:\Program Files\Scansoft\PaperPort\SmartUI\SmartUI.exe
PRC - [2000/02/08 23:19:48 | 000,036,864 | ---- | M] (Roland) -- C:\Program Files\Roland\VSC32\vscvol.exe
PRC - [2000/02/07 03:02:44 | 000,036,864 | ---- | M] (Roland) -- C:\Program Files\Roland\VSC32\Vsc32Cnf.exe
PRC - [1998/08/24 21:18:12 | 000,027,136 | ---- | M] (Intuit) -- C:\QUICKENW\QWDLLS.EXE
========== Modules (No Company Name) ========== MOD - [2012/10/11 17:13:12 | 001,816,576 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12101101\algo.dll
MOD - [2011/11/02 00:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/11/02 00:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2006/11/30 18:47:56 | 000,045,056 | ---- | M] () -- C:\Program Files\Common Files\Acronis\Common\rpc_client.dll
MOD - [2005/05/07 14:14:56 | 000,090,112 | ---- | M] () -- C:\WINDOWS\system32\custmon2k.dll
MOD - [2002/08/12 09:21:28 | 000,006,144 | ---- | M] () -- C:\Program Files\Scansoft\PaperPort\BliceCtr.dll
========== Services (SafeList) ========== SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012/10/11 10:34:31 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012/10/02 15:02:10 | 004,463,864 | ---- | M] (Emsisoft GmbH) [Auto | Running] -- C:\Program Files\Online Armor\oasrv.exe -- (SvcOnlineArmor)
SRV - [2012/10/02 15:02:04 | 000,216,072 | ---- | M] (Emsisoft GmbH) [Auto | Running] -- C:\Program Files\Online Armor\oacat.exe -- (OAcat)
SRV - [2012/08/21 05:12:25 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2006/11/30 18:49:06 | 000,397,312 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2006/03/03 21:03:10 | 000,069,632 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012/10/02 15:03:04 | 000,044,992 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\oahlp32.sys -- (oahlpXX)
DRV - [2012/10/02 15:02:34 | 000,031,920 | ---- | M] (Emsisoft) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\OAnet.sys -- (OAnet)
DRV - [2012/10/02 15:02:34 | 000,027,648 | ---- | M] (Emsisoft) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\OAmon.sys -- (OAmon)
DRV - [2012/10/02 15:02:32 | 000,208,320 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\system32\drivers\OADriver.sys -- (OADevice)
DRV - [2012/08/21 05:13:15 | 000,729,752 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/08/21 05:13:15 | 000,355,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/08/21 05:13:15 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/08/21 05:13:14 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012/08/21 05:13:14 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2012/08/21 05:13:13 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2012/08/21 05:13:13 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/02/10 17:45:00 | 000,020,328 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\swsetup\PCWizard\pc-wizard_2010.1.961\pcwiz_x32.sys -- (cpuz134)
DRV - [2010/05/10 20:24:07 | 000,392,320 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\timntr.sys -- (timounter)
DRV - [2010/05/10 20:24:07 | 000,032,768 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2010/05/10 20:24:02 | 000,099,776 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\snapman.sys -- (snapman)
DRV - [2008/10/23 01:58:36 | 001,391,104 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2008/04/14 00:06:42 | 000,063,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mf.sys -- (mf)
DRV - [2008/02/25 12:54:56 | 000,105,088 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2007/01/24 14:44:06 | 000,290,304 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2005/08/03 20:10:18 | 001,273,344 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005/01/12 00:13:00 | 000,346,496 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\camc6hal.sys -- (CAMCHALA)
DRV - [2005/01/12 00:12:12 | 000,037,760 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\camc6aud.sys -- (CAMCAUD)
DRV - [2004/12/15 15:18:30 | 000,200,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWATI.sys -- (HSFHWATI)
DRV - [2004/12/15 15:18:28 | 000,703,232 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2004/12/15 15:18:26 | 001,038,208 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2004/08/11 16:30:00 | 000,039,424 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2004/08/03 18:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139)
DRV - [2004/04/14 07:36:50 | 000,007,432 | ---- | M] (Hewlett-Packard Company) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\eabfiltr.sys -- (eabfiltr)
DRV - [2003/06/06 11:46:16 | 000,005,220 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EabUsb.sys -- (eabusb)
DRV - [2001/08/17 13:12:22 | 000,010,368 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BrUsbScn.sys -- (BrUsbScn)
DRV - [2001/08/17 13:12:12 | 000,002,944 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BrFilt.sys -- (brfilt)
DRV - [2001/04/16 09:16:58 | 000,951,284 | ---- | M] (Roland) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vsc.sys -- (vsc32)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
http://ie.redirect.h...sario&pf=laptopIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://barrie.fusionmls.com/IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{7D19B6E2-D977-4AA4-8823-A89D37FFE5F3}: "URL" =
http://websearch.ask...0D-BB4C6DEEA136IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ========== FF - prefs.js..extensions.enabledAddons: {bee6eb20-01e0-ebd1-da83-080329fb9a3a}:1.03
FF - prefs.js..extensions.enabledAddons:
[email protected]:7.0.1466
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Carl\Local Settings\Application Data\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Carl\Local Settings\Application Data\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\
[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/10/11 13:36:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/01/24 20:36:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
[2012/01/24 20:37:18 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Carl\Application Data\Mozilla\Extensions
[2012/01/24 20:46:35 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Carl\Application Data\Mozilla\Firefox\Profiles\12cgt0l3.default\extensions
[2012/01/24 20:46:35 | 000,000,000 | ---D | M] (Flash and Video Download) -- C:\Documents and Settings\Carl\Application Data\Mozilla\Firefox\Profiles\12cgt0l3.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
[2012/01/24 20:36:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) -- C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST5\WEBREP\FF
[2011/12/21 03:24:52 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/12/21 00:30:41 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/12/21 00:30:41 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
========== Chrome ========== CHR - homepage:
http://www.google.comCHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage:
http://www.google.comCHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Carl\Local Settings\Application Data\Google\Chrome\Application\22.0.1229.92\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Carl\Local Settings\Application Data\Google\Chrome\Application\22.0.1229.92\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Carl\Local Settings\Application Data\Google\Chrome\Application\22.0.1229.92\pdf.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Carl\Local Settings\Application Data\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Java Platform SE 7 U7 (Disabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.11 (Disabled) = C:\WINDOWS\system32\npDeployJava1.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: avast! WebRep = C:\Documents and Settings\Carl\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1466_0\
O1 HOSTS File: ([2004/08/04 08:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No CLSID value found.
O4 - HKLM..\Run: [@OnlineArmor GUI] C:\Program Files\Online Armor\OAui.exe (Emsisoft GmbH)
O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe (Acronis)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\System32\bcmntray.exe (Broadcom Corporation)
O4 - HKLM..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe (Hewlett-Packard )
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [RIMBBLaunchAgent.exe] C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" File not found
O4 - HKLM..\Run: [UpdateManager] C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe (Sonic Solutions)
O4 - HKLM..\Run: [vsc32cnf.exe] C:\Program Files\Roland\VSC32\Vsc32Cnf.exe (Roland)
O4 - HKLM..\Run: [vscvol.exe] C:\Program Files\Roland\VSC32\vscvol.exe (Roland)
O4 - HKLM..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe (InterVideo Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Billminder.lnk = C:\QUICKENW\BILLMIND.EXE (Intuit)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\DVDCheck.exe (InterVideo Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Quicken Startup.lnk = C:\QUICKENW\QWDLLS.EXE (Intuit)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\SmartUI.lnk = C:\Program Files\Scansoft\PaperPort\SmartUI\SmartUI.exe (Scansoft, Inc.)
O4 - Startup: C:\Documents and Settings\Carl\Start Menu\Programs\Startup\Dropbox.lnk = C:\Documents and Settings\Carl\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html File not found
O9 - Extra Button: PDFill PDF Editor - {FB858B22-55E2-413f-87F5-30ADC5552151} - C:\Program Files\PlotSoft\PDFill\\DownloadPDF.exe ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: mlxchange.com ([barrie] http in Trusted sites)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089}
http://office.micros...n/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700}
http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A}
https://h50203.www5....DataManager.CAB (Hewlett-Packard Online Support Services)
O16 - DPF: {41564D57-9980-0010-8000-00AA00389B71}
http://download.micr...01F/wmvadvd.cab (Reg Error: Key error.)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3}
http://www.update.mi...b?1272674739890 (MUWebControl Class)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC}
https://h20436.www2....re/HPDEXAXO.cab (HP Download Manager)
O16 - DPF: {83AB6E4D-CDD7-11D3-B5E7-00104B9AFF6E}
http://barrie.mlxcha...ol/IRCSharc.cab (GeacRevw Control)
O16 - DPF: {B198A72B-B4C3-42B5-B8DA-B364E76429AA}
http://barrie.mlxcha...trol/WebDog.cab (Cerebus Class)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}
https://akamaicdn.we...ent/ieatgpc.cab (GpcContainer Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9}
https://secure.logme...trl.cab?lmi=724 (Performance Viewer Activex Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 64.71.255.198
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{38282288-114D-4897-ABDC-178A55AE9C9B}: DhcpNameServer = 64.71.255.198
O18 - Protocol\Handler\intu-qt2009 {03947252-2355-4e9b-B446-8CCC75C43370} - C:\Program Files\QuickTax 2009\ic2009pp.dll (Intuit Canada, a general partnership/une société en nom collectif.)
O18 - Protocol\Handler\intu-tt2010 {97A0575E-2309-4e75-8509-B1F9390C4DE7} - C:\Program Files\TurboTax 2010\ic2010pp.dll (Intuit Canada, a general partnership/une société en nom collectif.)
O18 - Protocol\Handler\intu-tt2011 {B3B5DAD9-E96D-45b4-B636-B6CF2F773DE1} - C:\Program Files\TurboTax 2011\ic2011pp.dll (Intuit Canada, a general partnership/une société en nom collectif.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\WINDOWS\Amber Migration.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Amber Migration.bmp
O28 - HKLM ShellExecuteHooks: {4F07DA45-8170-4859-9B5F-037EF2970034} - C:\Program Files\Online Armor\oaevent.dll (Emsisoft GmbH)
O30 - LSA: Authentication Packages - (relog_ap) - C:\WINDOWS\System32\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/04/30 14:36:48 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
SafeBootMin: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
ActiveX: {0213C6AF-5562-4D09-884C-2ADCFC8C2F35} - Microsoft .NET Framework 1.1 Security Update (KB2656353)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {1897C549-AE52-4571-8996-44854F5612B2} - Microsoft .NET Framework 1.1 Security Update (KB2656370)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C3C986D6-06B1-43BF-90DD-BE30756C00DE} - RevokedRootsUpdate
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
Drivers32: MIDI1 - C:\WINDOWS\System32\vscapi.dll (Roland)
Drivers32: MSACM.CEGSM - C:\WINDOWS\System32\mobileV.acm ()
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: WAVE1 - C:\WINDOWS\System32\vscapi.dll (Roland)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ========== [2012/10/11 21:32:56 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Carl\Desktop\OTL.exe
[2012/10/11 20:28:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/10/11 20:28:08 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/10/11 20:28:08 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/10/11 19:49:47 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Carl\Desktop\aswMBR.exe
[2012/10/11 19:25:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Carl\Application Data\OnlineArmor
[2012/10/11 19:25:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\OnlineArmor
[2012/10/11 19:25:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Online Armor
[2012/10/11 19:25:17 | 000,031,920 | ---- | C] (Emsisoft) -- C:\WINDOWS\System32\drivers\OAnet.sys
[2012/10/11 19:25:17 | 000,027,648 | ---- | C] (Emsisoft) -- C:\WINDOWS\System32\drivers\OAmon.sys
[2012/10/11 19:25:10 | 000,000,000 | ---D | C] -- C:\Program Files\Online Armor
[2012/10/11 13:36:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
[2012/10/11 13:36:53 | 000,355,632 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2012/10/11 13:36:53 | 000,021,256 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2012/10/11 13:36:50 | 000,035,928 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2012/10/11 13:36:49 | 000,054,232 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2012/10/11 13:36:48 | 000,729,752 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2012/10/11 13:36:47 | 000,097,608 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2012/10/11 13:36:47 | 000,089,624 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2012/10/11 13:36:46 | 000,025,256 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2012/10/11 13:35:52 | 000,041,224 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2012/10/11 13:35:51 | 000,227,648 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2012/10/11 13:35:28 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012/10/11 13:35:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2012/10/11 11:05:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Carl\Local Settings\Application Data\Sun
[2012/10/11 10:36:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012/10/11 10:34:54 | 000,821,736 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2012/10/11 10:34:54 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2012/10/11 10:34:54 | 000,143,872 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2012/10/11 10:34:46 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012/10/11 10:34:46 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2012/10/11 10:34:46 | 000,093,672 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2012/10/06 09:52:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Carl\My Documents\My Kindle Content
[2012/10/06 09:52:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Carl\Start Menu\Programs\Amazon
[2012/10/06 09:52:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Carl\Local Settings\Application Data\Amazon
[2012/10/06 09:51:47 | 000,000,000 | ---D | C] -- C:\Program Files\Amazon
[2012/09/30 22:11:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\TeamViewer 7
[2012/09/13 21:59:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012/09/13 21:59:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Skype
[2011/01/10 15:22:40 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Carl\Application Data\pcouffin.sys
[9 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[12 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Documents and Settings\Carl\My Documents\*.tmp files -> C:\Documents and Settings\Carl\My Documents\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2012/10/11 21:32:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Carl\Desktop\OTL.exe
[2012/10/11 21:21:09 | 000,061,440 | ---- | M] ( ) -- C:\Documents and Settings\Carl\Desktop\VEW.exe
[2012/10/11 21:12:02 | 000,000,316 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2012/10/11 21:09:53 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/10/11 21:09:32 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/10/11 21:09:28 | 1072,222,208 | -HS- | M] () -- C:\hiberfil.sys
[2012/10/11 20:57:06 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/10/11 20:52:09 | 000,000,974 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1715567821-1177238915-839522115-1004UA.job
[2012/10/11 20:28:10 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/10/11 19:49:49 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Carl\Desktop\aswMBR.exe
[2012/10/11 19:25:32 | 000,443,506 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/10/11 19:25:32 | 000,072,494 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/10/11 16:21:04 | 000,000,420 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{D73A6A9A-E6EE-46BC-9EF9-0D1CECE340A1}.job
[2012/10/11 15:53:27 | 000,002,277 | ---- | M] () -- C:\Documents and Settings\Carl\Desktop\Google Chrome.lnk
[2012/10/11 15:53:27 | 000,002,255 | ---- | M] () -- C:\Documents and Settings\Carl\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/10/11 13:46:15 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012/10/11 13:36:55 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2012/10/11 11:21:39 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
[2012/10/11 10:34:34 | 000,093,672 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2012/10/11 10:34:28 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2012/10/11 10:34:28 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012/10/11 10:34:27 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2012/10/11 10:34:27 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2012/10/11 10:34:26 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2012/10/11 10:34:26 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll
[2012/10/09 23:47:48 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/10/09 10:19:50 | 000,649,864 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Documents and Settings\Carl\Desktop\autoruns.exe
[2012/10/09 10:19:50 | 000,567,944 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Documents and Settings\Carl\Desktop\autorunsc.exe
[2012/10/09 10:19:50 | 000,049,648 | ---- | M] () -- C:\Documents and Settings\Carl\Desktop\autoruns.chm
[2012/10/06 09:52:14 | 000,001,635 | ---- | M] () -- C:\Documents and Settings\Carl\Desktop\Kindle.lnk
[2012/10/04 18:01:20 | 000,002,652 | ---- | M] () -- C:\WINDOWS\BRMFBIDI.INI
[2012/10/04 10:14:26 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/10/02 21:52:01 | 000,000,922 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1715567821-1177238915-839522115-1004Core.job
[2012/10/02 15:03:04 | 000,044,992 | ---- | M] () -- C:\WINDOWS\System32\drivers\oahlp32.sys
[2012/10/02 15:02:34 | 000,031,920 | ---- | M] (Emsisoft) -- C:\WINDOWS\System32\drivers\OAnet.sys
[2012/10/02 15:02:34 | 000,027,648 | ---- | M] (Emsisoft) -- C:\WINDOWS\System32\drivers\OAmon.sys
[2012/10/02 15:02:32 | 000,208,320 | ---- | M] () -- C:\WINDOWS\System32\drivers\OADriver.sys
[2012/09/30 22:11:41 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\TeamViewer 7.lnk
[2012/09/26 14:08:02 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/09/13 21:59:13 | 000,001,878 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[9 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[12 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Documents and Settings\Carl\My Documents\*.tmp files -> C:\Documents and Settings\Carl\My Documents\*.tmp -> ]
========== Files Created - No Company Name ========== [2012/10/11 21:21:09 | 000,061,440 | ---- | C] ( ) -- C:\Documents and Settings\Carl\Desktop\VEW.exe
[2012/10/11 20:28:10 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/10/11 19:25:17 | 000,044,992 | ---- | C] () -- C:\WINDOWS\System32\drivers\oahlp32.sys
[2012/10/11 19:25:16 | 000,208,320 | ---- | C] () -- C:\WINDOWS\System32\drivers\OADriver.sys
[2012/10/11 13:36:55 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2012/10/11 13:36:48 | 000,000,316 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2012/10/11 11:21:39 | 000,002,315 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader X.lnk
[2012/10/11 11:21:39 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
[2012/10/06 09:52:14 | 000,001,635 | ---- | C] () -- C:\Documents and Settings\Carl\Desktop\Kindle.lnk
[2012/09/30 22:11:41 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\TeamViewer 7.lnk
[2012/05/30 12:59:26 | 000,000,028 | ---- | C] () -- C:\WINDOWS\ICOA.INI
[2012/05/30 12:59:13 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QFN.ini
[2012/05/30 12:59:13 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QDQICK.ini
[2012/05/22 14:28:47 | 000,194,104 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2012/04/04 13:59:10 | 000,060,304 | ---- | C] () -- C:\Documents and Settings\Carl\g2mdlhlpx.exe
[2012/02/15 11:15:51 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/12/07 22:44:10 | 000,645,632 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011/12/07 22:44:10 | 000,240,640 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011/08/16 14:14:25 | 000,076,664 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2011/04/24 17:41:51 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\AegisI5.exe
[2011/04/24 17:41:51 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\WLTRYSVC.EXE
[2011/04/24 17:41:49 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2011/04/24 17:41:48 | 001,212,416 | ---- | C] () -- C:\WINDOWS\System32\bcmwcfg.dll
[2011/04/24 17:41:48 | 000,950,272 | ---- | C] () -- C:\WINDOWS\System32\bcmacfg.dll
[2011/04/24 17:41:48 | 000,913,408 | ---- | C] () -- C:\WINDOWS\System32\bcmctrls.dll
[2011/03/04 18:06:24 | 000,038,486 | ---- | C] () -- C:\Documents and Settings\Carl\Application Data\Comma Separated Values (DOS).ADR
[2011/01/11 18:05:18 | 000,008,592 | ---- | C] () -- C:\WINDOWS\System32\ractrlkeyhook.dll
[2011/01/10 15:35:07 | 000,611,840 | ---- | C] () -- C:\WINDOWS\System32\DVD43.dll
[2011/01/10 15:22:40 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Carl\Application Data\inst.exe
[2011/01/10 15:22:40 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Carl\Application Data\pcouffin.cat
[2011/01/10 15:22:40 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Carl\Application Data\pcouffin.inf
[2010/12/19 16:30:40 | 000,000,155 | ---- | C] () -- C:\WINDOWS\INTUIT.INI
[2010/05/17 10:53:53 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\Carl\Local Settings\Application Data\fusioncache.dat
[2010/05/09 12:40:59 | 000,008,192 | ---- | C] () -- C:\Documents and Settings\Carl\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ========== [2010/04/30 14:31:47 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 05:42:06 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 08:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 05:42:10 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== Custom Scans ========== ========== Drive Information ========== Physical Drives
---------------
Drive: \\\\.\\PHYSICALDRIVE0 - Fixed\thard disk media
Interface type: IDE
Media Type: Fixed\thard disk media
Model: WDC WD800BEVE-00A0HT0
Partitions: 1
Status: OK
Status Info: 0
Drive: \\\\.\\PHYSICALDRIVE1 - Fixed\thard disk media
Interface type: USB
Media Type: Fixed\thard disk media
Model: HTS54106 0G9AT00 USB Device
Partitions: 1
Status: OK
Status Info: 0
Partitions
---------------
DeviceID: Disk #0, Partition #0
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 75.00GB
Starting Offset: 32256
Hidden sectors: 0
DeviceID: Disk #1, Partition #0
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 56.00GB
Starting Offset: 32256
Hidden sectors: 0
< %SYSTEMDRIVE%\*.exe >[2007/11/07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
[12 C:\*.tmp files -> C:\*.tmp -> ]
< %systemroot%\assembly\GAC_32\*.ini > < %systemroot%\assembly\GAC_64\*.ini > < %SYSTEMDRIVE%\*.exe >[2007/11/07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
[12 C:\*.tmp files -> C:\*.tmp -> ]
< %ALLUSERSPROFILE%\Application Data\*.exe > < %APPDATA%\*. >[2012/10/11 11:49:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carl\Application Data\Adobe
[2010/05/10 19:31:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carl\Application Data\AdobeUM
[2012/01/07 14:40:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carl\Application Data\Apple Computer
[2011/03/08 20:45:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carl\Application Data\AVS4YOU
[2012/10/06 14:46:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carl\Application Data\Canon
[2012/10/11 21:12:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carl\Application Data\Dropbox
[2011/01/10 15:30:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carl\Application Data\dvdcss
[2011/08/01 22:57:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carl\Application Data\ElevatedDiagnostics
[2012/08/16 14:07:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carl\Application Data\foobar2000
[2011/01/10 15:22:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carl\Application Data\GetRightToGo
[2011/08/24 16:19:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carl\Application Data\Google
[2010/05/17 10:28:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carl\Application Data\Help
[2010/08/05 09:46:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carl\Application Data\HP
[2010/04/30 14:19:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carl\Application Data\Identities
[2010/06/04 20:09:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carl\Application Data\InterVideo
[2012/06/27 21:02:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carl\Application Data\Intuit Canada
[2011/01/04 15:51:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carl\Application Data\Leadertech
[2010/04/30 16:01:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carl\Application Data\Macromedia
[2010/04/30 16:18:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carl\Application Data\Malwarebytes
[2012/10/11 11:49:18 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Carl\Application Data\Microsoft
[2010/05/10 20:14:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carl\Application Data\Microsoft Corporation
[2012/01/24 20:37:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carl\Application Data\Mozilla
[2012/10/11 19:25:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carl\Application Data\OnlineArmor
[2012/08/06 21:47:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carl\Application Data\PDFill
[2010/05/03 17:18:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carl\Application Data\PPIMAGES
[2011/12/19 10:58:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carl\Application Data\Research In Motion
[2012/09/30 23:16:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carl\Application Data\Skype
[2012/07/26 09:46:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carl\Application Data\skypePM
[2011/01/04 15:54:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carl\Application Data\Sonic
[2010/04/30 16:19:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carl\Application Data\Sun
[2012/09/30 22:11:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carl\Application Data\TeamViewer
[2012/05/25 16:29:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carl\Application Data\U3
[2012/06/03 12:21:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carl\Application Data\uTorrent
[2011/01/10 15:22:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carl\Application Data\Vso
[2011/06/09 14:36:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carl\Application Data\webex
< MD5 for: ATAPI.SYS >[2004/08/04 08:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/04/14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008/04/14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/04 08:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
< MD5 for: CSRSS.EXE >[2008/04/14 05:42:16 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=44F275C64738EA2056E3D9580C23B60F -- C:\WINDOWS\ServicePackFiles\i386\csrss.exe
[2008/04/14 05:42:16 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=44F275C64738EA2056E3D9580C23B60F -- C:\WINDOWS\system32\csrss.exe
[2004/08/04 08:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=F12B178B1678D778CFD3FF1FC38C71FB -- C:\WINDOWS\$NtServicePackUninstall$\csrss.exe
< MD5 for: EXPLORER.EXE >[2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004/08/04 08:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: MSWSOCK.DLL >[2004/08/04 08:00:00 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=4E74AF063C3271FBEA20DD940CFD1184 -- C:\WINDOWS\$NtServicePackUninstall$\mswsock.dll
[2008/06/20 13:46:57 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=832E4DD8964AB7ACC880B2837CB1ED20 -- C:\WINDOWS\$NtUninstallKB2509553$\mswsock.dll
[2008/06/20 12:02:47 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=943337D786A56729263071623BBB9DE5 -- C:\WINDOWS\system32\dllcache\mswsock.dll
[2008/06/20 12:02:47 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=943337D786A56729263071623BBB9DE5 -- C:\WINDOWS\system32\mswsock.dll
[2008/04/14 05:42:02 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=B4138E99236F0F57D4CF49BAE98A0746 -- C:\WINDOWS\$NtUninstallKB951748$\mswsock.dll
[2008/04/14 05:42:02 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=B4138E99236F0F57D4CF49BAE98A0746 -- C:\WINDOWS\ServicePackFiles\i386\mswsock.dll
[2008/06/20 13:43:05 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=FCEE5FCB99F7C724593365C706D28388 -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\mswsock.dll
[2008/06/20 13:43:05 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=FCEE5FCB99F7C724593365C706D28388 -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\mswsock.dll
< MD5 for: NWPROVAU.DLL >[2008/04/14 05:42:04 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=06E587F41466569F32BEAAC7260E8AEC -- C:\WINDOWS\ServicePackFiles\i386\nwprovau.dll
[2008/04/14 05:42:04 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=06E587F41466569F32BEAAC7260E8AEC -- C:\WINDOWS\system32\nwprovau.dll
[2004/08/04 08:00:00 | 000,144,384 | ---- | M] (Microsoft Corporation) MD5=F01D97A8E0380BA52F58249A7B3BD7F1 -- C:\WINDOWS\$NtServicePackUninstall$\nwprovau.dll
< MD5 for: PNRPNSP.DLL >[2004/08/04 08:00:00 | 000,048,640 | ---- | M] (Microsoft Corporation) MD5=74D3620D2E63489975E3956A40DDD35F -- C:\WINDOWS\$NtServicePackUninstall$\pnrpnsp.dll
[2008/04/14 05:42:04 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=AF1449AC1D79D37C7026C1D8912DDA8E -- C:\WINDOWS\ServicePackFiles\i386\pnrpnsp.dll
[2008/04/14 05:42:04 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=AF1449AC1D79D37C7026C1D8912DDA8E -- C:\WINDOWS\system32\pnrpnsp.dll
< MD5 for: SERVICES.EXE >[2009/02/06 07:06:24 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=020CEAAEDC8EB655B6506B8C70D53BB6 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2008/04/14 05:42:36 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
[2008/04/14 05:42:36 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\ServicePackFiles\i386\services.exe
[2009/02/06 07:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\system32\dllcache\services.exe
[2009/02/06 07:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\system32\services.exe
[2004/08/04 08:00:00 | 000,108,032 | ---- | M] (Microsoft Corporation) MD5=C6CE6EEC82F187615D1002BB3BB50ED4 -- C:\WINDOWS\$NtServicePackUninstall$\services.exe
< MD5 for: SVCHOST.EXE >[2008/04/14 05:42:38 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008/04/14 05:42:38 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
[2012/09/07 17:04:42 | 000,218,696 | ---- | M] () MD5=4E0D8C9F83B7FD82393F7D8CCC27E7AE -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2004/08/04 08:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
< MD5 for: USERINIT.EXE >[2004/08/04 08:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008/04/14 05:42:40 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008/04/14 05:42:40 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >[2004/08/04 08:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2012/09/07 17:04:42 | 000,218,696 | ---- | M] () MD5=4E0D8C9F83B7FD82393F7D8CCC27E7AE -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008/04/14 05:42:40 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/14 05:42:40 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WINRNR.DLL >[2004/08/04 08:00:00 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=2C8FDB176F22629EA5342DB474FAC391 -- C:\WINDOWS\$NtServicePackUninstall$\winrnr.dll
[2008/04/14 05:42:10 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=D72B9EC3337B247A666F098F3D6B43DE -- C:\WINDOWS\ServicePackFiles\i386\winrnr.dll
[2008/04/14 05:42:10 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=D72B9EC3337B247A666F098F3D6B43DE -- C:\WINDOWS\system32\winrnr.dll
< %systemroot%\*. /mp /s > < hklm\software\clients\startmenuinternet|command /rs >HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/12/21 03:24:52 | 000,715,216 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/12/21 03:24:52 | 000,715,216 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/12/21 03:24:52 | 000,715,216 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2011/12/21 03:24:51 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011/12/21 03:24:51 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2011/12/21 03:24:51 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Documents and Settings\Carl\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --show-icons [2012/10/10 06:06:17 | 001,239,064 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Documents and Settings\Carl\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --hide-icons [2012/10/10 06:06:17 | 001,239,064 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Documents and Settings\Carl\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/10/10 06:06:17 | 001,239,064 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Documents and Settings\Carl\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" [2012/10/10 06:06:17 | 001,239,064 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2012/08/28 08:07:34 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2012/08/28 08:07:34 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2012/08/28 08:07:34 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
< hklm\software\clients\startmenuinternet|command /64 /rs >HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/12/21 03:24:52 | 000,715,216 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/12/21 03:24:52 | 000,715,216 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/12/21 03:24:52 | 000,715,216 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2011/12/21 03:24:51 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011/12/21 03:24:51 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2011/12/21 03:24:51 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Documents and Settings\Carl\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --show-icons [2012/10/10 06:06:17 | 001,239,064 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Documents and Settings\Carl\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --hide-icons [2012/10/10 06:06:17 | 001,239,064 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Documents and Settings\Carl\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/10/10 06:06:17 | 001,239,064 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Documents and Settings\Carl\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" [2012/10/10 06:06:17 | 001,239,064 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2012/08/28 08:07:34 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2012/08/28 08:07:34 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2012/08/28 08:07:34 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
< %systemroot%\system32\*.dll /lockedfiles >[4 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles > < %systemdrive%\$Recycle.Bin|@;true;true;true /fp > < %systemroot%\system32\drivers\*.sys /lockedfiles >< End of report >
OTL Extras logfile created on: 10/11/2012 9:34:27 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Carl\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1022.48 Mb Total Physical Memory | 395.16 Mb Available Physical Memory | 38.65% Memory free
2.40 Gb Paging File | 1.90 Gb Available in Paging File | 78.91% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 16.63 Gb Free Space | 22.32% Space Free | Partition Type: NTFS
Drive F: | 55.89 Gb Total Space | 3.14 Gb Free Space | 5.61% Space Free | Partition Type: NTFS
Computer Name: HOME-135978DFB9 | User Name: Carl | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (All) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = comfile] -- "%1" %*
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\WINDOWS\System32\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\WINDOWS\System32\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\WINDOWS\System32\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\WINDOWS\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "C:\WINDOWS\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- winhlp32.exe %1 (Microsoft Corporation)
hlpfile [open] -- %SystemRoot%\System32\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\WINDOWS\system32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
"4481:TCP" = 4481:TCP:LocalSubNet:Enabled:BlackBerry Desktop Software Wireless Music Sync data transfer
"4481:UDP" = 4481:UDP:LocalSubNet:Enabled:BlackBerry Desktop Software Wireless Music Sync discovery
"4482:TCP" = 4482:TCP:LocalSubNet:Enabled:BlackBerry Desktop Software Wireless Music Sync data transfer
"4482:UDP" = 4482:UDP:LocalSubNet:Enabled:BlackBerry Desktop Software Wireless Music Sync discovery
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Intuit\QuickBooks 2006\QBDBMgrN.exe" = C:\Program Files\Intuit\QuickBooks 2006\QBDBMgrN.exe:*:Enabled:QuickBooks 2006 Data Manager -- (Intuit, Inc.)
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:*:Enabled:Connection Manager
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\WINDOWS\system32\rundll32.exe" = C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App -- (Microsoft Corporation)
"C:\Documents and Settings\Carl\Application Data\Dropbox\bin\Dropbox.exe" = C:\Documents and Settings\Carl\Application Data\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox -- (Dropbox, Inc.)
"C:\Program Files\Internet Explorer\iexplore.exe" = C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer -- (Microsoft Corporation)
"C:\Program Files\Google\Google Earth\plugin\geplugin.exe" = C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth -- (Google)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service -- (Apple Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe" = C:\Program Files\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe:*:Enabled:BlackBerry Desktop Software -- (Research In Motion)
"C:\WINDOWS\system32\mmc.exe" = C:\WINDOWS\system32\mmc.exe:*:Enabled:Microsoft Management Console -- (Microsoft Corporation)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Program Files\TeamViewer\Version7\TeamViewer.exe" = C:\Program Files\TeamViewer\Version7\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe" = C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH)
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01B93B3A-283F-411B-A648-69CABCACC986}" = Canon MF Drivers
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{09DA4F91-2A09-4232-AB8C-6BC740096DE3}" = Sonic Update Manager
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{0C3FCE48-6984-11D5-90F8-00E029591716}" = Brother MFL Pro Suite
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{12BAA98C-F8DD-4BC9-BBE6-1C8463114197}" = BlackBerry Device Software Updater
"{12CAA28E-56CA-4C3D-B3F2-7311540DD410}" = TurboTax 2011
"{132CA5D9-C745-4B0B-A3B2-8C7A6EC3EE7E}" = Canon MF Toolbox 4.7.0.0.mf04
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{24AE6B5B-3D5A-488C-9224-1BEE11F75DD9}" = TurboTax 2010
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{37E31FCE-A048-4D8C-B167-31891BCF6585}" = muvee autoProducer 3.5 - SE
"{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime
"{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}" = Microsoft Works
"{4302B2DD-D958-40E3-BAF3-B07FFE1978CE}" = HP Wireless Assistant
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{59D1195A-7E64-4120-BB37-F053D9FD45FB}" = ODF Add-in for Microsoft Office
"{5D97A4A7-C274-4B63-86D9-07A33435F505}" = InterVideo DVD Check
"{66910000-8B30-4973-A159-6371345AFFA5}" = WebReg
"{68763C27-235D-4165-A961-FDEA228CE504}" = AiOSoftwareNPI
"{69B02159-7622-4DBB-B9EE-F933039830AD}" = QuickBooks Pro 2006
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72A28FB5-718C-41EC-8956-7A4FEB850A73}" = Top Producer Outlook Connector 2.0
"{736C803C-DD3B-4015-BC51-AFB9E67B9076}" = Readme
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{91490409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Primary Interop Assemblies
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD
"{9242140C-E909-45B4-8315-2A3CC0786FB0}" = PDFill PDF Editor 4.1 with Writer and Tools (Unicode)
"{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!
"{97355297-21C8-40CD-96D3-48E58037A9B8}" = TI1620/1520
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}" = HP Help and Support
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4)
"{AEB9948B-4FF2-47C9-990E-47014492A0FE}" = MSXML 6.0 Parser
"{AEF2D1F3-0696-11D5-8E6A-00C04F7FA234}" = PaperPort 8.0 SE
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B1914265-0D07-48E0-A937-F20A76D0032D}" = Acronis True Image Home
"{B7DBF6E8-0D17-4BE4-853B-ACD6EFBD4A1F}" = iTunes
"{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}" = HP Photosmart, Officejet and Deskjet 7.0.A
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = Athlon 64 Processor Driver
"{C8753E28-2680-49BF-BD48-DD38FD086EFE}" = AiO_Scan_CDA
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEB326EC-8F40-47B2-BA22-BB092565D66F}" = Quick Launch Buttons 5.10 A2
"{DB780B85-B4B5-4864-A49C-9B706B169C93}" = TIPCI
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{ECB9C58E-C565-4683-9599-B72290BD3B25}" = QuickTax 2009
"{EE39FFBD-544E-49E4-A999-6819828EAE91}" = Windows Live Photo Gallery
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F3760724-B29D-465B-BC53-E5D72095BCC4}" = Scan
"{F6076EF9-08E1-442F-B6A2-BFB61B295A14}" = Fax_CDA
"{F909BB1B-3FC1-4EDA-AF1F-8F1A89163591}" = BlackBerry Desktop Software 6.1
"{FBB980B0-63F8-4B48-8D65-90F1D9F81D9F}" = NewCopy_CDA
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"1Click DVD Copy 5_is1" = 1Click DVD Copy 5.9.1.0
"ActiveTouchMeetingClient" = WebEx
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AFPL Ghostscript 8.53" = AFPL Ghostscript 8.53
"AFPL Ghostscript Fonts" = AFPL Ghostscript Fonts
"All ATI Software" = ATI - Software Uninstall Utility
"Amazon Kindle" = Amazon Kindle
"ATI Display Driver" = ATI Display Driver
"avast" = avast! Free Antivirus
"BB_is1" = Band-in-a-Box Font Update
"BlackBerry_Desktop" = BlackBerry Desktop Software 6.1
"Broadcom 802.11 Application" = Broadcom Wireless Utility
"Broadcom 802.11b Network Adapter" = Broadcom 802.11 Wireless LAN Adapter
"CNXT_MODEM_PCI_VEN_1002&DEV_4378&SUBSYS_3085103C" = Data Fax SoftModem with SmartCP
"Conexant PCI Audio" = Conexant AC-Link Audio
"DesignerTool" = DesignerTool
"DVD43 Plug-in_is1" = DVD43 Plug-in v1.0.0.5
"DVD43_is1" = DVD43 v4.6.0
"DVDSmith Movie Backup_is1" = DVDSmith Movie Backup 1.0.5
"FinePrint" = FinePrint
"foobar2000" = foobar2000 v1.1.13
"ie8" = Windows Internet Explorer 8
"InstallShield_{97355297-21C8-40CD-96D3-48E58037A9B8}" = PCI 1620 Cardbus Controller and Software
"InstallShield_{DB780B85-B4B5-4864-A49C-9B706B169C93}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.65.0.1400
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Visual Studio 2005 Tools for Office Runtime" = Visual Studio 2005 Tools for Office Second Edition Runtime
"Mozilla Firefox 9.0.1 (x86 en-US)" = Mozilla Firefox 9.0.1 (x86 en-US)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSPUB4" = Microsoft Publisher 97
"OnlineArmor_is1" = Online Armor 6.0
"PDFill PDF Writer" = PDFill PDF Writer
"Quicken Deluxe 99" = Quicken Deluxe 99
"Security Task Manager" = Security Task Manager 1.8d
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeamViewer 7" = TeamViewer 7
"Top Producer Editor_is1" = Top Producer Editor
"uTorrent" = µTorrent
"VSC32" = Virtual Sound Canvas 3.2
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Xvid Video Codec 1.3.2" = Xvid Video Codec
"YTdetect" = Yahoo! Detect
========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"GoToMeeting" = GoToMeeting 5.1.0.880
< End of report >
Ran Farbar Service Scanner. Log:
Farbar Service Scanner Version: 07-10-2012
Ran by Carl (administrator) on 11-10-2012 at 22:10:43
Running from "C:\Documents and Settings\Carl\Desktop"
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.
Windows Firewall:
=============
sharedaccess Service is not running. Checking service configuration:
The start type of sharedaccess service is set to Disabled. The default start type is Auto.
The ImagePath of sharedaccess service is OK.
The ServiceDll of sharedaccess service is OK.
Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0
System Restore:
============
System Restore Disabled Policy:
========================
Security Center:
============
Windows Update:
============
Windows Autoupdate Disabled Policy:
============================
File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit
Extra List:
=======
AegisP(10) aswTdi(8) Gpc(3) IPSec(5) NetBT(6) OAmon(11) Tcpip(4)
0x080000000500000003000000040000000B0000000800000006000000070000000A000000
IpSec Tag value is correct.
**** End of log ****
Ran ESETScan and got two logs, as instructed. First log:
C:\swsetup\Unlocker\unlocker1.9.0.exe Win32/Adware.ADON application
Second log:
ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=a56d344fc293f84988087db1bb2efaad
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-10-12 04:05:29
# local_time=2012-10-12 12:05:29 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=768 16777215 100 0 76402198 76402198 0 0
# compatibility_mode=6401 16777214 66 100 0 0 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=86256
# found=1
# cleaned=0
# scan_time=6016
C:\swsetup\Unlocker\unlocker1.9.0.exe Win32/Adware.ADON application (unable to clean) 00000000000000000000000000000000 I
Finally, ran BitDefender online scan. Log:
QuickScan 32-bit v0.9.9.118
---------------------------
Scan date: Fri Oct 12 00:20:19 2012
Machine ID: CC2BACCB
No infection found.
-------------------
Processes
---------
Acronis Scheduler 2 1440 C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
Acronis Scheduler Helper 2560 C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
Acronis True Image 2620 C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
Acronis True Image 2488 C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
ATI Desktop Component 1984 C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
ATI External Event Utility for WindowsN 868 C:\WINDOWS\system32\ati2evxx.exe
ATI External Event Utility for WindowsN 1940 C:\WINDOWS\system32\ati2evxx.exe
avast! Antivirus 1524 C:\Program Files\AVAST Software\Avast\AvastSvc.exe
avast! Antivirus 456 C:\Program Files\AVAST Software\Avast\AvastUI.exe
Bonjour 428 C:\Program Files\Bonjour\mDNSResponder.exe
Broadcom 802.11 Network Adapter Wireles 3256 C:\WINDOWS\system32\bcmntray.EXE
Broadcom 802.11 Network Adapter Wireles 1300 C:\WINDOWS\system32\BCMWLTRY.EXE
Dropbox 2664 C:\Documents and Settings\Carl\Application Data\Dropbox\bin\Dropbox.exe
Emsisoft Online Armor 1308 C:\Program Files\Online Armor\oacat.exe
HP PML 2428 C:\WINDOWS\system32\HPZipm12.exe
hp Wireless Assistant 2292 C:\Program Files\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe
hpqwmi Module 3564 C:\Program Files\HPQ\shared\hpqwmi.exe
iTunes 2348 C:\Program Files\iPod\bin\iPodService.exe
iTunes 3376 C:\Program Files\iTunes\iTunesHelper.exe
Java Platform SE 7 U7 2140 C:\Program Files\Java\jre7\bin\jqs.exe
Java Platform SE Auto Updater 2 0 3684 C:\Program Files\Common Files\Java\Java Update\jusched.exe
Microsoft® Windows Live ID 2752 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
Microsoft® Windows Live ID 3824 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
Microsoft® Windows® Operating System 1588 C:\WINDOWS\system32\spoolsv.exe
Microsoft® Windows® Operating System 1604 C:\WINDOWS\system32\wscntfy.exe
MobileDeviceService 1916 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PaperPort 2416 C:\Program Files\Scansoft\PaperPort\pptd40nt.exe
Quick Launch Buttons 2076 C:\Program Files\HPQ\Quick Launch Buttons\eabservr.exe
QuickBooks Automatic Update 3308 C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
Quicken 98 for Windows 3568 C:\QUICKENW\QWDLLS.EXE
QuickTime 3612 C:\Program Files\QuickTime\QTTask.exe
RIMBBLaunchAgent 3452 C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
SmartUI Application 3440 C:\Program Files\Scansoft\PaperPort\SmartUI\SmartUI.exe
Synaptics Pointing Device Driver 1076 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Virtual Sound Canvas 3.2 2684 C:\Program Files\Roland\VSC32\Vsc32Cnf.exe
Virtual Sound Canvas 3.2 3048 C:\Program Files\Roland\VSC32\vscvol.exe
WLTRYSVC.EXE 1288 C:\WINDOWS\system32\WLTRYSVC.EXE
(verified) Microsoft® Windows® Operating System 400 C:\WINDOWS\explorer.exe
(verified) Microsoft® Windows® Operating System 608 C:\WINDOWS\system32\csrss.exe
(verified) Microsoft® Windows® Operating System 2136 C:\WINDOWS\system32\ctfmon.exe
(verified) Microsoft® Windows® Operating System 700 C:\WINDOWS\system32\lsass.exe
(verified) Microsoft® Windows® Operating System 688 C:\WINDOWS\system32\services.exe
(verified) Microsoft® Windows® Operating System 532 C:\WINDOWS\system32\smss.exe
(verified) Microsoft® Windows® Operating System 1164 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 1064 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 984 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 944 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 896 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 2608 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 1708 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 3548 C:\WINDOWS\system32\wbem\wmiprvse.exe
(verified) Microsoft® Windows® Operating System 644 C:\WINDOWS\system32\winlogon.exe
(verified) Windows® Internet Explorer 2944 C:\Program Files\Internet Explorer\iexplore.exe
(verified) Windows® Internet Explorer 2484 C:\Program Files\Internet Explorer\iexplore.exe
(verified) Windows® Internet Explorer 3032 C:\Program Files\Internet Explorer\iexplore.exe
Network activity
----------------
Process AvastSvc.exe (1524) connected on port 80 (HTTP) --> 77.234.40.54
Process iexplore.exe (2484) connected on port 80 (HTTP) --> 23.60.127.139
Process iexplore.exe (2484) connected on port 80 (HTTP) --> 74.125.226.72
Process iexplore.exe (2484) connected on port 80 (HTTP) --> 66.235.142.2
Process Dropbox.exe (2664) connected on port 80 (HTTP) --> 199.47.219.150
Process svchost.exe (944) listens on ports: 135 (RPC)
Process spoolsv.exe (1588) listens on ports: 47544
Process Dropbox.exe (2664) listens on ports: 17500
Autoruns and critical files
---------------------------
Acronis Scheduler Helper C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
Acronis True Image C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
Acronis True Image C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
Adobe Reader and Acrobat Manager C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Apple Push C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
Apple Software Update C:\Program Files\Apple Software Update\SoftwareUpdate.exe
ATI Desktop Component C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
ATI External Event Utility for NT, W2K C:\WINDOWS\system32\Ati2evxx.dll
avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastUI.exe
Broadcom 802.11 Network Adapter Wireles C:\WINDOWS\system32\bcmntray.EXE
Dropbox C:\Documents and Settings\Carl\Application Data\Dropbox\bin\Dropbox.exe
DVDCheck Application C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
Emsisoft Online Armor C:\Program Files\Online Armor\oaevent.dll
Emsisoft Online Armor C:\Program Files\Online Armor\OAui.exe
hp Wireless Assistant C:\Program Files\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe
iTunes C:\Program Files\iTunes\iTunesHelper.exe
Java Platform SE Auto Updater 2 0 C:\Program Files\Common Files\Java\Java Update\jusched.exe
Microsoft® Windows® Operating System C:\WINDOWS\system32\CRYPT32.dll
Microsoft® Windows® Operating System C:\WINDOWS\system32\cryptnet.dll
Microsoft® Windows® Operating System C:\WINDOWS\System32\CSCDLL.dll
Microsoft® Windows® Operating System C:\WINDOWS\System32\dimsntfy.dll
Microsoft® Windows® Operating System C:\WINDOWS\system32\logon.scr
Microsoft® Windows® Operating System C:\WINDOWS\system32\SHELL32.dll
Microsoft® Windows® Operating System C:\WINDOWS\system32\upnpui.dll
Microsoft® Windows® Operating System c:\windows\system32\userinit.exe
Microsoft® Windows® Operating System C:\WINDOWS\system32\WlNotify.dll
PaperPort C:\Program Files\Scansoft\PaperPort\pptd40nt.exe
Quick Launch Buttons C:\Program Files\HPQ\Quick Launch Buttons\eabservr.exe
QuickBooks Automatic Update C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
Quicken 98 for Windows C:\QUICKENW\QWDLLS.EXE
Quicken 99 for Windows C:\QUICKENW\BILLMIND.EXE
QuickTime C:\Program Files\QuickTime\QTTask.exe
RIMBBLaunchAgent C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
Sonic Update Manager C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe
Synaptics Pointing Device Driver C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Synaptics Pointing Device Driver C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
Synaptics Pointing Device Driver C:\Program Files\Synaptics\SynTP\SynTPStart.exe
Virtual Sound Canvas 3.2 C:\Program Files\Roland\VSC32\Vsc32Cnf.exe
Virtual Sound Canvas 3.2 C:\Program Files\Roland\VSC32\vscvol.exe
新注音 C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE
(verified) Google Update C:\Documents and Settings\Carl\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
(verified) Google Update C:\Program Files\Google\Update\GoogleUpdate.exe
(verified) Microsoft IME 2002 C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\BROWSEUI.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\ctfmon.exe
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\logonui.exe
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\sclgntfy.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\stobject.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\WPDShServiceObj.dll
(verified) Windows® Internet Explorer C:\WINDOWS\system32\msfeedssync.exe
(verified) Windows® Internet Explorer C:\WINDOWS\system32\webcheck.dll
Browser plugins
---------------
AcroIEHelperShim Library C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
Adobe Acrobat C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
Adobe Acrobat C:\Program Files\Internet Explorer\plugins\nppdf32.dll
atcliun C:\WINDOWS\Downloaded Program Files\atcliun.exe
avast! Antivirus C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
Bitdefender QuickScan C:\WINDOWS\Downloaded Program Files\qsax.dll
Bonjour C:\Program Files\Bonjour\mdnsNSP.dll
Download PDF Files C:\Program Files\PlotSoft\PDFill\\DownloadPDF.exe
Geac ReView ActiveX Control Module C:\WINDOWS\Downloaded Program Files\GeacRevw.ocx
Google Earth Plugin C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
Google Update C:\Documents and Settings\Carl\Local Settings\Application Data\Google\Update\1.3.21.123\npGoogleUpdate3.dll
Google Update C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
Hewlett-Packard Online Support Services C:\WINDOWS\Downloaded Program Files\HPISDataManager.dll
HPDEXAXO C:\WINDOWS\Downloaded Program Files\HPDEXAXO.dll
Java Deployment Toolkit 7.0.70.11 C:\WINDOWS\system32\npDeployJava1.dll
Java Platform SE 7 U7 C:\Program Files\Java\jre7\bin\jp2ssv.dll
Java Platform SE 7 U7 C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
Java Platform SE 7 U7 C:\Program Files\Java\jre7\bin\ssv.dll
LMIGuardianDll C:\WINDOWS\Downloaded Program Files\LMIGuardianDll.dll
LMIGuardianEvt C:\WINDOWS\Downloaded Program Files\LMIGuardianEvt.dll
LMIGuardianSvc C:\WINDOWS\Downloaded Program Files\LMIGuardian.exe
LMIProxyHelper.exe C:\WINDOWS\Downloaded Program Files\LMIProxyHelper.exe
LogMeIn, Inc. Remote Access Components C:\WINDOWS\Downloaded Program Files\avutil-51.dll
LogMeIn, Inc. Remote Access Components C:\WINDOWS\Downloaded Program Files\swscale-2.dll
Messenger C:\Program Files\Messenger\msmsgs.exe
Microsoft® Windows Live ID C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
Microsoft® Windows® Operating System C:\WINDOWS\system32\mswsock.dll
Microsoft® Windows® Operating System C:\WINDOWS\system32\rsvpsp.dll
Microsoft® Windows® Operating System C:\WINDOWS\System32\winrnr.dll
NICEClient Module C:\WINDOWS\Downloaded Program Files\NICEClient.dll
npitunes.dll C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
NPSWF32.dll C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
NPWebSLLauncher.dll C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
Quicken 99 for Windows C:\Program Files\Internet Explorer\plugins\NPIPA32S.DLL
QuickTime Plug-in 7.7.2 C:\Program Files\Internet Explorer\plugins\npqtplugin.dll
QuickTime Plug-in 7.7.2 C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll
QuickTime Plug-in 7.7.2 C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll
QuickTime Plug-in 7.7.2 C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll
QuickTime Plug-in 7.7.2 C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll
QuickTime Plug-in 7.7.2 C:\Program Files\Internet Explorer\plugins\npqtplugin6.dll
QuickTime Plug-in 7.7.2 C:\Program Files\Internet Explorer\plugins\npqtplugin7.dll
RACtrl.dll C:\WINDOWS\Downloaded Program Files\RACtrl.dll
Silverlight Plug-In c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
WebEx Download Module C:\WINDOWS\Downloaded Program Files\ieatgpc.dll
Windows Live® Photo Gallery C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
Windows Presentation Foundation c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
Windows® Internet Explorer C:\WINDOWS\system32\ieframe.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
Missing files
-------------
File not found: C:\Program Files\Unlocker\UnlockerAssistant.exe
--> HKLM\Software\Microsoft\Windows\CurrentVersion\Run\"UnlockerAssistant"
Scan
----
MD5: 51464b6c373cd07e7d4a6cc9294ed67c C:\Documents and Settings\Carl\Application Data\Dropbox\bin\Dropbox.exe
MD5: 6d74290856347cf8682277a54b433d4b C:\Documents and Settings\Carl\Application Data\Dropbox\bin\DropboxExt.14.dll
MD5: 586fdc4e02623ee228ec35b9604ae5f2 C:\Documents and Settings\Carl\Local Settings\Application Data\Google\Update\1.3.21.123\npGoogleUpdate3.dll
MD5: 6967bb5fe689ba4b1ddf5d3a1b089b16 C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
MD5: d1f5888200266a102b3a02b68f3564f5 C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
MD5: 84cbd6f6aa7ee399fbdc265b8ea64474 C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
MD5: 34ebd4ff6a24d86bb4716d6afcc1a89b C:\Program Files\Apple Software Update\SoftwareUpdate.exe
MD5: e66c464bd44819419fd06be53808b502 C:\Program Files\ATI Technologies\ATI Control Panel\atipdsxx.dll
MD5: b3c8bd20ff23c2cf8c12df787eb3d95f C:\Program Files\ATI Technologies\ATI Control Panel\atipdxxx.dll
MD5: 6a9834bf17482ff089c62d12bc09985f C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
MD5: e66808be541b0e7b153b82864e7cc87c C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI CONTROL PANEL\ATRPUIXX.ENU
MD5: 4cc47e4fea86625fd5419d864e6a16d1 C:\Program Files\AVAST Software\Avast\1033\Base.dll
MD5: 6dbfcd6270bc91eaee1ccdfcb02e4378 C:\Program Files\AVAST Software\Avast\1033\UILangRes.dll
MD5: 3a2cf698443ead2c14cf528b4f2a51a0 C:\Program Files\AVAST Software\Avast\Aavm4h.dll
MD5: c5dbd35cf4eb0cb8e72a7b6da2edea51 C:\Program Files\AVAST Software\Avast\AavmRpch.dll
MD5: 44df3797cd24300ba70d94d61a0ddd4b C:\Program Files\AVAST Software\Avast\AhAScr.dll
MD5: 545de96d552aedcde95d1c86bdc9b95b C:\Program Files\AVAST Software\Avast\AhResBhv.dll
MD5: d7bf4e050440cf0b7b2a2596f0f370f3 C:\Program Files\AVAST Software\Avast\AhResJs.dll
MD5: 37dad7ca011038616e067c8f62029fd0 C:\Program Files\AVAST Software\Avast\AhResMai.dll
MD5: 8122ee05f327ef470670e2cddffeb929 C:\Program Files\AVAST Software\Avast\AhResMes.dll
MD5: effa04908678ef527ea32b2e2ee6ec93 C:\Program Files\AVAST Software\Avast\AhResNS.dll
MD5: a5905c582c88ae8d56834ce4a3627fd1 C:\Program Files\AVAST Software\Avast\AhResP2P.dll
MD5: 9207f1a1440eaf18be0d0c1d487e4f02 C:\Program Files\AVAST Software\Avast\AhResStd.dll
MD5: 4509d54df9276534ac433f80e8392206 C:\Program Files\AVAST Software\Avast\AhResWS.dll
MD5: 1d716eb7bcc07f5b1ef442b13a5fddfe C:\Program Files\AVAST Software\Avast\ashBase.dll
MD5: 7e118d66ecaccf3299f732ed0f3ce467 C:\Program Files\AVAST Software\Avast\ashServ.dll
MD5: c98fac19a0ffa2a65f2bd73fa2d9d693 C:\Program Files\AVAST Software\Avast\ashShell.dll
MD5: dea2847bfcd2bcce777c27db47a69eb8 C:\Program Files\AVAST Software\Avast\ashTask.dll
MD5: 2566c94919f8f46215e38f3357011ebf C:\Program Files\AVAST Software\Avast\ashTaskEx.dll
MD5: d77b93504cafe32d9051a241bdc21b33 C:\Program Files\AVAST Software\Avast\aswAra.dll
MD5: 3c1513365eff8d185c5bb2bdebbe5d3a C:\Program Files\AVAST Software\Avast\aswAux.dll
MD5: 46856447f0ebf2f7b2473660b056b419 C:\Program Files\AVAST Software\Avast\aswCmnBS.dll
MD5: 061e11a56cdcab73188e216280c05d66 C:\Program Files\AVAST Software\Avast\aswCmnIS.dll
MD5: 3c1ee2fffcbef877934efdf3a5c3bcb1 C:\Program Files\AVAST Software\Avast\aswCmnOS.dll
MD5: a4865dd58110a6455921d9b4f2d6d991 C:\Program Files\AVAST Software\Avast\aswData.dll
MD5: 0f84219e9fc89d4fec963f78e4983e0b C:\Program Files\AVAST Software\Avast\aswDld.dll
MD5: 42a6dc8b861ef5bd6af8dc2cbd7df321 C:\Program Files\AVAST Software\Avast\aswEngLdr.dll
MD5: 35bd2aabe21e86d760d4fb93225d8bb4 C:\Program Files\AVAST Software\Avast\aswIdle.dll
MD5: c97002a83722ad37a37a35cde3ff3ffa C:\Program Files\AVAST Software\Avast\aswJsFlt.dll
MD5: 3079f9345ed39d0e9da1d5e8cc407235 C:\Program Files\AVAST Software\Avast\aswLog.dll
MD5: 662e62f776a508ca4c997f7da8007769 C:\Program Files\AVAST Software\Avast\aswProperty.dll
MD5: 1d445e0fd43be0f81c07dffbf6ab92ec C:\Program Files\AVAST Software\Avast\aswSqLt.dll
MD5: 3b3ad17faaa838cc0368f0947b5d43db C:\Program Files\AVAST Software\Avast\aswStrm.dll
MD5: 28f9344a4adfe21d1be8d05b2529df4a C:\Program Files\AVAST Software\Avast\aswUtil.dll
MD5: 69985f4660a5e6ce99a603e492011d2f C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
MD5: b174de0de6c9aa8affd3b926653e625f C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
MD5: 04ac21e821f259845bd7367cee057290 C:\Program Files\AVAST Software\Avast\AvastSvc.exe
MD5: bad0d303ef0a519409c625738f3e10a3 C:\Program Files\AVAST Software\Avast\AvastUI.exe
MD5: c678f64dc988a4aacecddb459fdb7a25 C:\Program Files\AVAST Software\Avast\CommonRes.dll
MD5: 839be94fd89ee545a900de8454c6e07d C:\Program Files\AVAST Software\Avast\defs\12101101\algo.dll
MD5: aa11564cf8c3a8c70d707135264703a8 C:\Program Files\AVAST Software\Avast\defs\12101101\aswCmnBS.dll
MD5: 2935740e9e6b71c6d28cda78e2ecdabd C:\Program Files\AVAST Software\Avast\defs\12101101\aswCmnIS.dll
MD5: 9ab833956eb46ba28fae9611569ab921 C:\Program Files\AVAST Software\Avast\defs\12101101\aswCmnOS.dll
MD5: 1869c1a8abb6d3e0b7fa81ee4346dc14 C:\Program Files\AVAST Software\Avast\defs\12101101\aswEngin.dll
MD5: 6f870133450801aaaf72aab95ab58f95 C:\Program Files\AVAST Software\Avast\defs\12101101\aswFiDb.dll
MD5: 9ae6fe1cbc6d3654d1be931b331176ec C:\Program Files\AVAST Software\Avast\defs\12101101\aswRep.dll
MD5: 45551558282528dd5ad76606d51e6f09 C:\Program Files\AVAST Software\Avast\defs\12101101\aswScan.dll
MD5: 695106df3c15a9ea30069cceceec2b66 C:\Program Files\AVAST Software\Avast\defs\12101101\uiExt.dll
MD5: 2b460ca1ac9a2249c92e54e39a8acf42 C:\Program Files\AVAST Software\Avast\snxhk.dll
MD5: 40947436a70e0034e41123df5a0a7702 C:\Program Files\Bonjour\mdnsNSP.dll
MD5: db5bea73edaf19ac68b2c0fad0f92b1a C:\Program Files\Bonjour\mDNSResponder.exe
MD5: af327fd79ae84b67003cc65a2d7a9534 C:\Program Files\Common Files\Acronis\Common\rpc_client.dll
MD5: 4207ce28bfa4c6443ead3e650c938498 C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
MD5: 09951dd226e17a62fed1178404846d02 C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
MD5: 6cd44651413ce8f6f8a66760b027d23c C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
MD5: ba0ed7aa3c36a8da27ded1d6b3508158 C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
MD5: 280d33db8697fdef8ccf2b9eef9ea5cb C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
MD5: b63e5c7807334a3a8f731062f15462cc C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
MD5: 605c6370240fc79cadbcd34960a741d2 C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll
MD5: 35ac4b63cbb9fb6b4472913e9948b517 C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
MD5: ba02f01be7ed88e8974c798acb3075f5 C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll
MD5: 5d76c8cc87d0efbe0b4a3bef6b67ebf0 C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll
MD5: 67b539d844f804ebac7a1e3828fde709 C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll
MD5: 149d74e1128a86dc9cfb2851fbea11eb C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll
MD5: 3bde52411df2fe4252c9289f51cb0f7e C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll
MD5: 5a963c340de1a01ba6e24945ce05d16a C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll
MD5: f4bc62990e7e5c29799a895b80fc3177 C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll
MD5: 5e33c164dc7fa74728d8a83036c438bb C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MD5: 32d78dcabfb942275e01363d5232c77d C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll
MD5: 8ba9851e671e8b5e49e303748ffd530c C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll
MD5: 2dedc3afe3c49b5dae717d0a9bebf298 C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll
MD5: 2e14406e05789f91c9282ae7cfca3a07 C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MD5: 3debbecf665dcdde3a95d9b902010817 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
MD5: 1224bc6de919f8cd8c1c945280e63852 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
MD5: 06a4250c9e3606cae3f68da45702f342 C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
MD5: 905b5bf5be0a86e8412801bf20357195 C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll
MD5: f5dd097058c147cde4c5aa476b2f3f2c C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\dbghelp.dll
MD5: 82ae62c028e3891a9f916a2ebcebe451 C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\QBMsgMgrps.dll
MD5: 5a95d6fd0d4c2f9da2409a19cf15c3cb C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\QBMsgRequestMgr.dll
MD5: 61d6d25088621dd783e23fcad891c756 C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\QBUChannel.dll
MD5: 28957d38b5b769c2ed64795ff8c968ce C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
MD5: b5c7aee98577e442849b7cf1100bfa1c C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\SendError.dll
MD5: 58c48b7039f902a1d3925a94f9a93fd0 C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\stlport_vc746.dll
MD5: 12916e0642e92561c98b18a2a2d01b14 C:\Program Files\Common Files\Java\Java Update\jusched.exe
MD5: fb4c7b747d17882f8c5e3644cf07012f C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll
MD5: 5eb87ba0b93ca7e894fc8002e3ce4c2a C:\Program Files\Common Files\Microsoft Shared\Windows Live\sqmapi.dll
MD5: 76ca0cd601b068dfd028683b7d2ba365 C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
MD5: 58c336b8d6744f7e7b895748f3c92cea C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
MD5: 22fd4e58d69969a9165721c797d54931 C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe
MD5: 751ee920d6811584e5b1f0b153a5a4e2 C:\Program Files\ESET\ESET Online Scanner\OnlineScanner.ocx
MD5: 2437be68d5a37a75fad51c5f0e9a03ed C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
MD5: 586fdc4e02623ee228ec35b9604ae5f2 C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
MD5: 70afb763fbbd9725b753184253d323cb C:\Program Files\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe
MD5: eb064a80cc5c4d6ed9f1992830d3226b C:\Program Files\HPQ\Quick Launch Buttons\CPQINFO.DLL
MD5: c81a184bc726ca2541c75483e40265c2 C:\Program Files\HPQ\Quick Launch Buttons\eabservr.exe
MD5: 16ba2e5ac0b9a71ba44dcca8e67a94f3 C:\Program Files\HPQ\Quick Launch Buttons\HPQPRES.DLL
MD5: 61556fa814f907bced618b64da66212a C:\Program Files\HPQ\shared\hpqwmi.exe
MD5: 028fd0e10b2248c75f07e2fec2562e2e C:\Program Files\Internet Explorer\ieproxy.dll
MD5: 75abd8046a91ddf6c4bba9ec552e13f4 C:\Program Files\Internet Explorer\plugins\NPIPA32S.DLL
MD5: 0a7b01235b1cbfa387b04a91e2f2b7d0 C:\Program Files\Internet Explorer\plugins\nppdf32.dll
MD5: c0ed6e0f33ac13dccd339a1480a308f3 C:\Program Files\Internet Explorer\plugins\npqtplugin.dll
MD5: c0ed6e0f33ac13dccd339a1480a308f3 C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll
MD5: c0ed6e0f33ac13dccd339a1480a308f3 C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll
MD5: c0ed6e0f33ac13dccd339a1480a308f3 C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll
MD5: c0ed6e0f33ac13dccd339a1480a308f3 C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll
MD5: c0ed6e0f33ac13dccd339a1480a308f3 C:\Program Files\Internet Explorer\plugins\npqtplugin6.dll
MD5: c0ed6e0f33ac13dccd339a1480a308f3 C:\Program Files\Internet Explorer\plugins\npqtplugin7.dll
MD5: bc95b80d8699f3ecccc467bff97fd9a4 C:\Program Files\Internet Explorer\xpshims.dll
MD5: 54339984fd1de5495563d751ecf350a9 C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
MD5: 178fe38b7740f598391eb2f51ae4ccac C:\Program Files\iPod\bin\iPodService.exe
MD5: 7732270d44bb0f8c3111848f9e1a0b53 C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.DLL
MD5: b8a7305083996a333089119e63c29d51 C:\Program Files\iPod\bin\iPodService.Resources\iPodService.DLL
MD5: bbf53397690ba8931c21352d246c744c C:\Program Files\iTunes\iTunesHelper.dll
MD5: 444eb38a256be60f2013488c49d2ab3f C:\Program Files\iTunes\iTunesHelper.exe
MD5: f70af9eb44cc52c2da23ba23a69ae977 C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.DLL
MD5: ca4674baeb26baee4e54ae588c2c74fb C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.DLL
MD5: 64151c0799431e0304ae1bd6202131a7 C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
MD5: 87e063f1e676c99b6c1c047794deb115 C:\Program Files\Java\jre7\bin\jp2ssv.dll
MD5: a12175f063302cd68f8fc6d572d7e5fd C:\Program Files\Java\jre7\bin\jqs.exe
MD5: 67ec459e42d3081dd8fd34356f7cafc1 C:\Program Files\Java\jre7\bin\MSVCR100.dll
MD5: 632f5b29e8c27631e7ac76e330fe2980 C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
MD5: a8ea3f37f4f31e620383f40526e723fe C:\Program Files\Java\jre7\bin\ssv.dll
MD5: 3e930c641079443d4de036167a69caa2 C:\Program Files\Messenger\msmsgs.exe
MD5: 9013599b12923a45c029c34e8d2211ac c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
MD5: 1a008cbb313f7a6644b883ae1829393b C:\Program Files\Online Armor\oacat.exe
MD5: e43911a8c5fe61cf9cf17faff404a17a C:\Program Files\Online Armor\oaevent.dll
MD5: a54b4fbc24c4ede34beb5f8d8974752a C:\Program Files\Online Armor\oasrv.exe
MD5: 0aefdadcda44d8ce3c57bb32b7a3ced5 C:\Program Files\Online Armor\OAui.exe
MD5: b96bec4b15f353ea25b173120662ea61 C:\Program Files\Online Armor\OAwatch.dll
MD5: aac11c63106b5d92631d5892315c975b C:\Program Files\PlotSoft\PDFill\\DownloadPDF.exe
MD5: 916a2c4eb028604783fd5ea169236c1d C:\Program Files\QuickTime\QTTask.exe
MD5: 939e091564a2d1df9fc185909e0e0592 C:\Program Files\Roland\VSC32\Vsc32Cnf.exe
MD5: bb15e7ac61895a9d9aa107a3be5f1612 C:\Program Files\Roland\VSC32\vscvol.exe
MD5: 1bf96a5ed033719387c50008b70d0d80 C:\Program Files\Scansoft\PaperPort\blicectr.dll
MD5: ccdc00f353963e9e7dd839817b89d593 C:\Program Files\Scansoft\PaperPort\pptd40nt.exe
MD5: 80f90a0f0b293c276a5235ce334088a7 C:\Program Files\Scansoft\PaperPort\SmartUI\psom.dll
MD5: 7893e209a13b52651560fab999614ff2 C:\Program Files\Scansoft\PaperPort\SmartUI\SmartUI.exe
MD5: f07af60b152221472fbdb2fecec4896d C:\Program Files\Skype\Updater\Updater.exe
MD5: cf76682825ba63d4527de57da469d325 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
MD5: ab349998e551de1c0dcc5ad63ce41d31 C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
MD5: a3418e4d4a5ee636d44922dc2567fa18 C:\Program Files\Synaptics\SynTP\SynTPStart.exe
MD5: c7160fe5db910734b5c525b771b2fa0f C:\QUICKENW\BILLMIND.EXE
MD5: f9f23f028fe0bb26a71cfaf98117fcf8 C:\QUICKENW\INET\COMMON\SYSTEM\excite.dll
MD5: 45fc28ade3ea135d2138b3ca6617df27 C:\QUICKENW\LFCMP70N.DLL
MD5: 13787615e10a4757f555c37326ad0e9f C:\QUICKENW\LTFIL70N.DLL
MD5: 46f06ce18b280b88f84cc9fd06e784ad C:\QUICKENW\LTKRN70N.dll
MD5: 0f68d1e8d4e93e9c83e97470c7b1d30b C:\QUICKENW\ONLNCALL.dll
MD5: 0c9af60868fc373604c2cf4b1ed1355e C:\QUICKENW\QACCES32.DLL
MD5: bfa6de8cd999894c0d98d33e41032d98 C:\QUICKENW\QDB.dll
MD5: 1886576897947393425ce5f268c171c1 C:\QUICKENW\qdbbase.dll
MD5: 4cf0340064bdf2ebf08e6fe86e88f422 C:\QUICKENW\QVERSION.dll
MD5: 50303f9068f231fcf1983f9ef6bcdcb7 C:\QUICKENW\QWDLLS.EXE
MD5: 08ce4262c7c386062593a662fae2a5a8 C:\QUICKENW\QWENC.dll
MD5: 87fdd3ba711c8dde7bcdc1bcbb6761f0 C:\QUICKENW\QWRMND.DLL
MD5: 24016cabfc21b462130db0983fbc0ae0 C:\QUICKENW\QWUTIL7.dll
MD5: 96221a7c40996e0d2ff1f43d82040216 C:\QUICKENW\QWWIN.DLL
MD5: 310c15fd8358b2c4cd7a5b98a112883f C:\WINDOWS\AppPatch\AcGenral.DLL
MD5: 77e6673a112c98f99ef44776f4de2e4d C:\WINDOWS\AppPatch\AcLayers.DLL
MD5: 1b773bc7fb903eb95dfb51943079491d C:\WINDOWS\Downloaded Program Files\atcliun.exe
MD5: 09561c776803b43bc3ea65241dad578a C:\WINDOWS\Downloaded Program Files\avutil-51.dll
MD5: 1c68d0ba06a143bbad9da8cc460caa95 C:\WINDOWS\Downloaded Program Files\GeacRevw.ocx
MD5: cde357cd3fc047f5c7d8b8345b6a42bf C:\WINDOWS\Downloaded Program Files\HPDEXAXO.dll
MD5: 50c0949e6219214df11d7519e5052c3b C:\WINDOWS\Downloaded Program Files\HPISDataManager.dll
MD5: 88171510eeb371cd063de0879fabb84f C:\WINDOWS\Downloaded Program Files\ieatgpc.dll
MD5: 8ddb1dc9b41b152e2c01e6cc6b26e684 C:\WINDOWS\Downloaded Program Files\LMIGuardian.exe
MD5: a02a4fde3191f652857d9c087c6c12a9 C:\WINDOWS\Downloaded Program Files\LMIGuardianDll.dll
MD5: 990ed734254b1d43884bd4a856e75b2e C:\WINDOWS\Downloaded Program Files\LMIGuardianEvt.dll
MD5: 2715012b6615d3bbd3eb45cb6aeb57f3 C:\WINDOWS\Downloaded Program Files\NICEClient.dll
MD5: 56940b50ab0e5923822f47b0e4463885 C:\WINDOWS\Downloaded Program Files\qsax.dll
MD5: da90c98f231e25fd87d7984a6831f8ae C:\WINDOWS\Downloaded Program Files\RACtrl.dll
MD5: 190040d02e6b16047d63e3bebb2e174c C:\WINDOWS\Downloaded Program Files\swscale-2.dll
MD5: 219af0f9a54ebeeb3e7e20025d801034 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\culture.dll
MD5: ea3af33a9341b88d23fdc20d6ec826fe c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Fusion.dll
MD5: 1c88cf5977c016a37bfac1178daa7822 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
MD5: 36ba8022693af7e967359ff3f97531d7 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Shfusion.dll
MD5: 327de7a9766cc9aa302c8d7f3925c8ce c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll
MD5: ab87eeffd18f2baafc274e7075ea6c67 c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
MD5: 82519dcb6f4f0c346f393911cf892e16 C:\WINDOWS\System32\AegisE5.dll
MD5: 8bcd3a1aff14feafe8466aaec7fc900c C:\WINDOWS\system32\Ati2edxx.dll
MD5: 7fb0a47ea30dd0c4d614accf9e87c0d0 C:\WINDOWS\system32\Ati2evxx.dll
MD5: abc57a6f6070baf9786c318f59f29f0b C:\WINDOWS\system32\ati2evxx.exe
MD5: 5a4557451d70524f78200d63d7bb0f6b C:\WINDOWS\system32\bcmntray.EXE
MD5: 2f6688ad4d722af6b40761fc8fc8f63c C:\WINDOWS\system32\BCMWLTRY.EXE
MD5: cfd4e51402da9838b5a04ae680af54a0 c:\windows\system32\browser.dll
MD5: 7f264ba2145c56eeb7b81ea8badd3d4f C:\WINDOWS\system32\CNARLMNT.DLL
MD5: 4fc7917656395df2f171a99dfb141a16 C:\WINDOWS\system32\CNCF2Lm.DLL
MD5: aa584a3112d129fe7ed2356efbb28a8f C:\WINDOWS\system32\CNMLMA7.DLL
MD5: 8adc2947ff8ef5a7b7d0409702069273 C:\WINDOWS\system32\CNMNPPM.DLL
MD5: 93afb83fbc1f9443cac722fca63d73bf C:\WINDOWS\system32\comctl32.dll
MD5: ed0c0df222209e43ad9afbf3fe87dde0 C:\WINDOWS\system32\comsvcs.dll
MD5: 8fcf03e4d7be9b5587ccf11719959006 C:\WINDOWS\system32\corpol.dll
MD5: 6bee5d4eff0a0341bcc4a462d81ccfc1 C:\WINDOWS\system32\CRYPT32.dll
MD5: c14350fc0d47d806699c4f907fc6785b C:\WINDOWS\system32\cryptnet.dll
MD5: 515a7fae2070c2b0242b2353443e2f11 C:\WINDOWS\System32\CSCDLL.dll
MD5: dd40363abad230a84c5e2178b11efa88 C:\WINDOWS\system32\CSRSRV.dll
MD5: d5f2ea37664ea5a75bff95246861beee C:\WINDOWS\system32\custmon2k.dll
MD5: 56adb11f7d4d0816c0be1e701c1b5e52 C:\WINDOWS\system32\D3DIM700.DLL
MD5: b1762156256b0238c21baa4c06cef727 C:\WINDOWS\system32\DEVMGR.DLL
MD5: e2092f0a1d7abc243f9c2362483d150d C:\WINDOWS\System32\dimsntfy.dll
MD5: aa0507f0516a4dff1b1279ab4a2abb37 C:\WINDOWS\system32\DINPUT8.dll
MD5: 389496118b3b03c2328024af320132ac C:\WINDOWS\system32\DNSAPI.dll
MD5: 5f7e24fa9eab896051ffb87f840730d2 c:\windows\system32\dnsrslvr.dll
MD5: 062373995eae5f0eac9eaa9192136bfb C:\WINDOWS\system32\dnssd.dll
MD5: 2c5c22990156a1063e19ad162191dc1d C:\WINDOWS\system32\DRIVERS\AegisP.sys
MD5: 1e44bc1e83d8fd2305f8d452db109cf9 C:\WINDOWS\System32\drivers\afd.sys
MD5: a2d5f093f9cb160c183c77015704f156 C:\WINDOWS\system32\DRIVERS\AmdK8.sys
MD5: 03621f7f968ff63713943405deb777f9 C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
MD5: 37f385a93c620cbe0f89c17e45f697a1 C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
MD5: 4ba311473e0d8557827e6f2fe33a8095 C:\WINDOWS\System32\Drivers\Brfilt.sys
MD5: 8e06cd96e00472c03770a697d04031c0 C:\WINDOWS\System32\Drivers\BrSerWdm.sys
MD5: 37e2d0b12ddf536cd64af6eb3b580ef8 C:\WINDOWS\System32\Drivers\BrUsbMdm.sys
MD5: 1c5f014048e5b2748c1a8ad297c50b6f C:\WINDOWS\System32\Drivers\BrUsbScn.sys
MD5: 23913c28ac89875bbfa03bccdc3a41e5 C:\WINDOWS\system32\drivers\camc6aud.sys
MD5: e6edb12a44dafcef05dbddf3ed652388 C:\WINDOWS\system32\drivers\camc6hal.sys
MD5: 1fc1eed3ea0c3a0ecf8a95b97e1b4831 C:\WINDOWS\System32\DRIVERS\dvd43llh.sys
MD5: 81b7808d3b5892388f33273119c2dc31 C:\WINDOWS\system32\drivers\EABFiltr.sys
MD5: 1ba14da377b66278335d4b9e8824cd42 C:\WINDOWS\system32\drivers\eabusb.sys
MD5: 30ca91e657cede2f95359d6ef186f650 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
MD5: efd31afa752aa7c7bbb57bcbe2b01c78 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
MD5: 7ac43c38ca8fd7ed0b0a4466f753e06e C:\WINDOWS\system32\DRIVERS\HPZius12.sys
MD5: 473ee64c368ce2eed110376c11960259 C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
MD5: dfa8f86c0dbca7db948043aa3be6793b C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
MD5: 13d4b70bf2f9bc550e9079da864d3ec1 C:\WINDOWS\system32\DRIVERS\HSFHWATI.sys
MD5: 3c318b9cd391371bed62126581ee9961 C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
MD5: a7da20ab18a1bdae28b0f349e57da0d1 C:\WINDOWS\system32\DRIVERS\mf.sys
MD5: 7d304a5eb4344ebeeab53a2fe3ffb9f0 C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
MD5: 0109c4f3850dfbab279542515386ae22 C:\WINDOWS\system32\DRIVERS\ndistapi.sys
MD5: c0ba927c3a1a62f2bf664f242d91c082 C:\WINDOWS\system32\drivers\OADriver.sys
MD5: c968369e2bc5f6a8426c1e7d78e33f1b C:\WINDOWS\system32\drivers\oahlp32.sys
MD5: 04e7e92cd91e61e0cc1bdf849032ad81 C:\WINDOWS\system32\drivers\OAmon.sys
MD5: f3250d94bee44a0d00939f10830b3563 C:\WINDOWS\system32\drivers\OAnet.sys
MD5: 30cbae0a34359f1cd19d1576245149ed C:\WINDOWS\System32\Drivers\PxHelp20.sys
MD5: 3a5633ad615e2b15291bd0b1b97ccd8a C:\WINDOWS\system32\DRIVERS\RimSerial.sys
MD5: 4f4a4c09cc5be58a76cac1c337e004e6 C:\WINDOWS\System32\Drivers\RimUsb.sys
MD5: 3529828ec571fb2f64f6b142f9109993 C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
MD5: 5052dbafc8f4e4507e6ad0d467dd3529 C:\WINDOWS\system32\DRIVERS\snapman.sys
MD5: 47ddfc2f003f7f9f0592c6874962a2e7 C:\WINDOWS\system32\DRIVERS\srv.sys
MD5: 0f332c0ba9b968ebc8cbb906416f8597 C:\WINDOWS\system32\DRIVERS\SynTP.sys
MD5: e4c85c291ddb3dc5e4a2f227ca465ba6 C:\WINDOWS\system32\drivers\tifm21.sys
MD5: b84b82c0cbeb1b0d7eb7a946bade5830 C:\WINDOWS\system32\DRIVERS\tifsfilt.sys
MD5: 74711884439bdf9ccf446c79cb05fac0 C:\WINDOWS\system32\DRIVERS\timntr.sys
MD5: f7035815c23df5dad8a686c1cda20f3e C:\WINDOWS\system32\DRIVERS\vsc.sys
MD5: 56242d5be3bfc8f2a212e6d1f9a16697 C:\WINDOWS\system32\DRIVERS\wceusbsh.sys
MD5: f5b754cdea20bbb3a31e16a776ede6d6 c:\windows\system32\ESENT.dll
MD5: 06f6ee9bb3e128f5b686d9f1a2d649b7 C:\WINDOWS\system32\fpmon5.dll
MD5: 985f5979a3737bfaeb97a7d5858fa4d5 C:\WINDOWS\system32\fpres532.dll
MD5: adbb61bf0b9c97de818090738ec71e57 C:\WINDOWS\system32\hptcpmib.dll
MD5: 4e460240cb29778f5f8c1feb38806679 C:\WINDOWS\system32\HpTcpMon.dll
MD5: e2a611081dc6d6a13ad3a9dd2f291f30 C:\WINDOWS\system32\HPTcpMUI.dll
MD5: fdb859f93c8491f961c3b9168fa90f51 C:\WINDOWS\system32\hpz3l054.dll
MD5: d31f88c5f19eefa366a415d6bc5f2abc C:\WINDOWS\system32\HPZipm12.exe
MD5: ee142789631138c42112b5b757dde6a9 C:\WINDOWS\system32\hpzjrd01.dll
MD5: d573deb87cb2df4e5116d2a4e284eab4 C:\WINDOWS\system32\ieframe.dll
MD5: ff5dc0e7b0fb876523751bc39b0ffc9f C:\WINDOWS\system32\iepeers.dll
MD5: 0579cc3b95edd1ce664a35e016f3dd58 C:\WINDOWS\system32\iertutil.dll
MD5: ffc01a72d1c25ccb39f61b202ce60819 C:\WINDOWS\system32\IMAGEHLP.dll
MD5: 024dc0f68df5fd6ae9dd82dfbaf479d6 C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE
MD5: 7ef7d22a23d5e8a20f2361ecaa77a26e C:\WINDOWS\system32\InetClnt.dll
MD5: e4ce951351eec584c177418776b24224 C:\WINDOWS\system32\IPROF32.dll
MD5: 0689622e6484934eb6e5f4d3a96311f9 C:\WINDOWS\system32\jscript.dll
MD5: a525c96c51d55111fdf3bea9ffffc7ae C:\WINDOWS\system32\kerberos.dll
MD5: 20fa028cb6506591a99c51432a3c0174 C:\WINDOWS\system32\LangWrbk.dll
MD5: 5677dfe438ec1f009273fc84feed6b10 C:\WINDOWS\system32\localspl.dll
MD5: 9fad7dff67555ff1e06bc4a3893024a7 C:\WINDOWS\system32\logon.scr
MD5: bd31dc6dbe9333c4fbd4bdf0899f2160 C:\WINDOWS\system32\LSASRV.dll
MD5: c7d41058eeb57f425fbd1585f9de71c4 C:\WINDOWS\system32\Macromed\Flash\Flash32_11_4_402_265.ocx
MD5: de3745a51b7ac7fedc356a83f76c8023 C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MD5: 76848cb1aa5818db47d5f5986e0a7485 C:\WINDOWS\System32\MFC42.DLL
MD5: f6f2bfc17069eb335acceef7595f9302 C:\WINDOWS\System32\mfc42u.dll
MD5: f35a584e947a5b401feb0fe01db4a0d7 C:\WINDOWS\system32\MFC71.DLL
MD5: 1e744353bd534405187a404667da3dc3 C:\WINDOWS\system32\mgmtapi.dll
MD5: c5648be5409e0aabda8c9047bac8f603 C:\WINDOWS\system32\msadp32.acm
MD5: 7473fecbcc12090389df7c60191ec09f C:\WINDOWS\system32\msfeeds.dll
MD5: df3c3ca94cbc9de07ac3eb49440a8d45 C:\WINDOWS\system32\mshtml.dll
MD5: d3f72d50de53f9f1f55240115af4d42e C:\WINDOWS\system32\msi.dll
MD5: 29bd913d8fd1feb6728dc9b43b55c1d2 C:\WINDOWS\system32\MSRATING.dll
MD5: 943337d786a56729263071623bbb9de5 C:\WINDOWS\system32\mswsock.dll
MD5: acfee2392503dd5e457363a0510b8bcb C:\WINDOWS\system32\msxml3.dll
MD5: cac752bf84db4666ed3ce0948e6ea937 C:\WINDOWS\system32\NETAPI32.dll
MD5: 062f837c1fbdb6a0a75f82efc2ee8e74 C:\WINDOWS\system32\NETSHELL.dll
MD5: ab87c54ca19675880b0cae65b8af140c C:\WINDOWS\system32\npDeployJava1.dll
MD5: f8f0d25ca553e39dde485d8fc7fcce89 C:\WINDOWS\system32\ntdll.dll
MD5: 40b0f98bad16ad5def894e88c3ef8014 C:\WINDOWS\system32\ODBC32.dll
MD5: 6bad1bed9872e62049e487fb91ae2f3a C:\WINDOWS\system32\ole32.dll
MD5: 20200ee3cfe10e9f0c028d8653be11c6 C:\WINDOWS\system32\OLEACC.dll
MD5: 1b2be5777f69a71778f52ffee1c798d6 C:\WINDOWS\system32\OLEAUT32.dll
MD5: 0c22278be781620b0aa2f0c85c981773 C:\WINDOWS\system32\Q_ENCLIB.DLL
MD5: 88edfc806322a1707f7aa4ae950daa5e C:\WINDOWS\system32\Q_ENCUTL.DLL
MD5: 87b45e02b60b09fd420b82e9aad06a5b C:\WINDOWS\system32\relog_ap.dll
MD5: d4502f124289a31976130cccb014c9aa C:\WINDOWS\system32\RPCRT4.dll
MD5: 72451fd61ddbb0a1fb071b7c3cde5594 C:\WINDOWS\system32\rsvpsp.dll
MD5: 0f64207b49390c8063c36ae7cbf9c2db C:\WINDOWS\system32\schannel.dll
MD5: 8bcd11d38fce43a519246a91cc40de6a C:\WINDOWS\system32\security.dll
MD5: 26cb10fa893f940ab09713ff46dcdade C:\WINDOWS\system32\SHDOCVW.dll
MD5: 6843d54bc4a40cc8c5741af750233d10 C:\WINDOWS\system32\SHELL32.dll
MD5: 99bc0b50f511924348be19c7c7313bbf C:\WINDOWS\system32\SHSVCS.dll
MD5: c5a288e4ceef5a26d105117baa3763ab C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE
MD5: c5f00d15aa15cb7f55a027ff75e44bb7 C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE
MD5: 4b410e9dbc93846d2e6c9ebde8304845 C:\WINDOWS\System32\spool\PRTPROCS\W32X86\hpzpp054.dll
MD5: 091baf6a902261f235b734defe0473ec C:\WINDOWS\System32\spool\PRTPROCS\W32X86\ppbipr.dll
MD5: 60784f891563fb1b767f70117fc2428f C:\WINDOWS\system32\spoolsv.exe
MD5: 3a7c3cbe5d96b8ae96ce81f0b22fb527 c:\windows\system32\srvsvc.dll
MD5: 3caeae7608f1bd7ba873a3b02895b106 C:\WINDOWS\system32\sti.dll
MD5: d9dc6bf7dfc07bd4b76c34412c550f16 C:\WINDOWS\system32\SynCOM.dll
MD5: a895c257ddcc405c2f89117b65ce1251 C:\WINDOWS\system32\SynTPAPI.dll
MD5: 5c4adb808b54126c1ed2fba0eae06c63 C:\WINDOWS\system32\upnpui.dll
MD5: 9371862d37e8f0af21e4dea95e867c39 C:\WINDOWS\system32\urlmon.dll
MD5: a93aee1928a9d7ce3e16d24ec7380f89 c:\windows\system32\userinit.exe
MD5: 9e03dc5ab51cfd0190541ce2038d819d C:\WINDOWS\system32\USP10.dll
MD5: eb2f1cd6c50b6f9f7048f556fd367e9d C:\WINDOWS\system32\vscapi.dll
MD5: 960f6d3cd9a1ba6435d7aadd102b297f C:\WINDOWS\system32\wbem\wmiprov.dll
MD5: 684559a03cbc1d05ba120a18b0d8ba5d C:\WINDOWS\system32\WINHTTP.dll
MD5: ff1c14bca1a797ce45dd359fa2c9eda8 C:\WINDOWS\system32\WININET.dll
MD5: 4a953f13942867ba8fb41f141ec1b80c C:\WINDOWS\system32\WINMM.dll
MD5: d72b9ec3337b247a666f098f3d6b43de C:\WINDOWS\System32\winrnr.dll
MD5: 8c7dca4b158bf16894120786a7a5f366 C:\WINDOWS\system32\winsrv.dll
MD5: d458b738b4c2ce33174cfb2ce12412db C:\WINDOWS\system32\WINTRUST.dll
MD5: 2cc34e8bb667eef78899546e12649196 C:\WINDOWS\system32\WlNotify.dll
MD5: 5185047fa6fc614f4770b5eacceaa8d8 C:\WINDOWS\System32\wltrynt.dll
MD5: 05457d93e41ebbfb47bcb1b897836855 C:\WINDOWS\system32\WLTRYSVC.EXE
MD5: f92e1076c42fcd6db3d72d8cfe9816d5 C:\WINDOWS\system32\wscntfy.exe
MD5: 277f3e3333f1d10ca428568197fcce70 C:\WINDOWS\system32\wsnmp32.dll
MD5: fc3ec24fce372c89423e015a2ac1a31e C:\WINDOWS\system32\wuaueng.dll
MD5: 16403217ab6fc5c30c14c6b12098ad4b C:\WINDOWS\system32\xpsp2res.dll
MD5: 0b3595a4ff0b36d68e5fc67fd7d70fdc C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCP80.dll
MD5: c9564cf4976e7e96b4052737aa2492b4 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll
MD5: 4c39358ebdd2ffcd9132a30e1ec31e16 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\MSVCP90.dll
MD5: cdbe9690cf2b8409facad94fac9479c9 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\MSVCR90.dll
MD5: ca6ade4f7761bb15b3325356dc3b82bb C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_028bc148\mfc90u.dll
MD5: fbfca1a574d47ee575448b719cbbf2e4 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\MFC90ENU.DLL
MD5: 736b12b725aeb2b07f0241a9f680cb10 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MD5: 80776884e7a05d6da5040926f82b0273 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\gdiplus.dll
No file uploaded.
Scan finished - communication took 2 sec
Total traffic - 0.01 MB sent, 1.32 KB recvd
Scanned 750 files and modules - 71 seconds
==============================================================================