Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Registry keys missing [Solved]


  • This topic is locked This topic is locked

#1
Aspall38

Aspall38

    Member

  • Member
  • PipPip
  • 13 posts
I've had numerous trojans/rootkits etc recently, and although appear to be rid of any malware etc that i had, I am aware i am now missing registry keys.
When wiping infected files, i'm assuming i've taken out some vital ones, as my laptop no longer recognises my sound hardware or my webcam.
I've ran FSS to see what isn't running, i just need help on where to go from there!

Thank you,
Aspall

Farbar Service Scanner Version: 27-05-2012
Ran by Martin (administrator) on 17-10-2012 at 16:20:20
Running from "C:\Users\Martin\Desktop"
Microsoft Windows 7 Home Premium (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.


Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\windows\system32\nsisvc.dll => MD5 is legit
C:\windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\windows\system32\dhcpcore.dll => MD5 is legit
C:\windows\system32\Drivers\afd.sys => MD5 is legit
C:\windows\system32\Drivers\tdx.sys => MD5 is legit
C:\windows\system32\Drivers\tcpip.sys
[2012-05-12 10:51] - [2012-03-30 11:29] - 1287024 ____A (Microsoft Corporation) 55E9965552741F3850CB22CBBA9671ED

C:\windows\system32\dnsrslvr.dll
[2011-04-14 19:24] - [2011-03-03 06:29] - 0132608 ____A (Microsoft Corporation) B15BE77A2BACF9C3177D27518AFE26A9

C:\windows\system32\mpssvc.dll
[2009-07-14 00:53] - [2009-07-14 02:15] - 0565760 ____A (Microsoft Corporation) 5CD996CECF45CBC3E8D109C86B82D69E

C:\windows\system32\bfe.dll
[2009-07-14 00:54] - [2009-07-14 02:14] - 0493568 ____A (Microsoft Corporation) 85AC71C045CEB054ED48A7841AAE0C11

C:\windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\windows\system32\SDRSVC.dll
[2009-07-14 00:23] - [2009-07-14 02:16] - 0125952 ____A (Microsoft Corporation) 5FD90ABDBFAEE85986802622CBB03446

C:\windows\system32\vssvc.exe
[2009-07-14 00:24] - [2009-07-14 02:14] - 1025536 ____A (Microsoft Corporation) 7EA2BCD94D9CFAF4C556F5CC94532A6C

C:\windows\system32\wscsvc.dll
[2011-02-23 18:43] - [2010-12-21 06:38] - 0073728 ____A (Microsoft Corporation) A661A76333057B383A06E65F0073222F

C:\windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\windows\system32\wuaueng.dll
[2009-07-14 01:15] - [2009-07-14 02:16] - 1912832 ____A (Microsoft Corporation) A33408CC036F9C08142B11BE5E93F0A1

C:\windows\system32\qmgr.dll
[2009-07-14 00:30] - [2009-07-14 02:16] - 0589312 ____A (Microsoft Corporation) 53F476476F55A27F580661BDE09C4EC4

C:\windows\system32\es.dll => MD5 is legit
C:\windows\system32\cryptsvc.dll => MD5 is legit
C:\windows\system32\svchost.exe => MD5 is legit
C:\windows\system32\rpcss.dll => MD5 is legit
  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi I can see a lot missing so I will need to check for malware first

Download OTL to your Desktop
Secondary link
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.

    Posted Image
  • Select All Users
  • Under the Custom Scan box paste this in

    netsvcs
    BASESERVICES
    %SYSTEMDRIVE%\*.exe
    /md5start
    services.*
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    winsock.*
    /md5stop
    CREATERESTOREPOINT

  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Post both logs

  • 0

#3
Aspall38

Aspall38

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts
OTL:

OTL logfile created on: 10/17/2012 7:18:41 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Martin\Desktop
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.25 Gb Total Physical Memory | 2.60 Gb Available Physical Memory | 79.90% Memory free
6.50 Gb Paging File | 5.60 Gb Available in Paging File | 86.14% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 273.39 Gb Total Space | 166.01 Gb Free Space | 60.72% Space Free | Partition Type: NTFS
Drive D: | 182.27 Gb Total Space | 179.73 Gb Free Space | 98.61% Space Free | Partition Type: NTFS

Computer Name: MARTIN-MSI | User Name: Martin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/10/17 18:47:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Martin\Desktop\OTL.exe
PRC - [2012/09/18 11:05:12 | 001,927,736 | ---- | M] (Micro-Star International) -- C:\Program Files\MSI\Live Update 5\LU5.exe
PRC - [2012/03/21 21:16:10 | 001,318,816 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2012/03/20 13:11:32 | 000,151,880 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\mfevtps.exe
PRC - [2012/03/20 13:05:00 | 000,161,632 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\Mcafee\SystemCore\mfefire.exe
PRC - [2012/03/20 13:04:32 | 000,166,288 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\Mcafee\SystemCore\mcshield.exe
PRC - [2011/02/26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
PRC - [2010/10/29 14:49:28 | 000,505,064 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2010/10/27 19:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010/08/25 12:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
PRC - [2010/05/20 15:27:26 | 000,762,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\vVX3000.exe
PRC - [2010/05/20 15:27:24 | 000,139,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2010/04/13 21:11:14 | 000,229,688 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Online Backup\MOBKbackup.exe
PRC - [2010/03/18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2009/10/30 02:54:19 | 000,647,680 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
PRC - [2009/07/30 04:03:56 | 000,348,160 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2009/07/30 04:03:26 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2009/07/24 17:52:08 | 002,068,480 | ---- | M] (Micro-Star International Co., Ltd.) -- C:\Program Files\System Control Manager\MGSysCtrl.exe
PRC - [2009/07/23 02:56:24 | 000,474,888 | ---- | M] (Motorola, Inc.) -- C:\Program Files\Motorola\Bluetooth\obexsrv.exe
PRC - [2009/07/23 02:55:46 | 003,473,672 | ---- | M] (Motorola, Inc.) -- C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
PRC - [2009/07/23 02:54:30 | 000,709,384 | ---- | M] (Motorola, Inc.) -- C:\Program Files\Motorola\Bluetooth\audiosrv.exe
PRC - [2009/07/14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/07/09 23:54:42 | 000,160,768 | ---- | M] (Micro-Star International Co., Ltd.) -- C:\Program Files\System Control Manager\MSIService.exe
PRC - [2007/01/04 20:48:50 | 000,112,152 | ---- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe


========== Modules (No Company Name) ==========


========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vmkbd2.dll -- (zpsc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\odclientservice.dll -- (zebrmdm)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\eaps2kbd.dll -- (z525obex)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tvald.dll -- (yukonwxp)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mhn.dll -- (yats32)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ldap.dll -- (Xyz777b)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\trackcam4.dll -- (XUIF)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\qmofiltr.dll -- (XFX_program)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mdmxsdk.dll -- (Wuser32)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\adsexpb.dll -- (WUSB54Gv4SVC)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pctavsvc.dll -- (wps)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\AEADIFilters.dll -- (WmHidLo)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\simbad.dll -- (WmaCDriverV32)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\w800bus.dll -- (wlancfg)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\awservice.dll -- (wkscfgsrv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nvcap.dll -- (winproxy)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\epfwtdi.dll -- (WINIO)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nwlnkflt.dll -- (webupdate)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cebdaldr.dll -- (websenseuserservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\hotspotshieldservice.dll -- (websensepolicyserver)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pctoolsfirewallplus.dll -- (websensecamserver)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cvsnt.dll -- (websensecamreportserver)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ups.dll -- (webrootenterpriseclientservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\null.dll -- (Wbutton)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\HWSCtrl.dll -- (was)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ibmsmbus.dll -- (W8335XP)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\firesvc.dll -- (w800obex)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\CTSBLFX.DLL.dll -- (w550bus)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\hamachi.dll -- (W2acehid)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\dsbrokerservice.dll -- (VrAcFil)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\DSI_SiUSBXp_3_1.dll -- (vpcnfltr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\Hardlock.dll -- (vncdrv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rdnaoflsvc.dll -- (Via4in1)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\issuser.dll -- (vhidmini)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\regmon701.dll -- (vcsw)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\adobeactivefilemonitor5.0.dll -- (VC6SecS)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\CVPNDRVA.dll -- (VAIOMediaPlatform-VideoServer-HTTP)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\zumbus.dll -- (V0080Dev)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mstdfrgs.dll -- (UxTuneUp)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\snpstd.dll -- (usprserv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\PTDCBus.dll -- (uscbs108)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\bdss.dll -- (usbsermptxp)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\atiavaiw.dll -- (USB28xxOEM)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\curtainssyssvc.dll -- (uploadmgr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cqmghost.dll -- (ufdsvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\viairda.dll -- (UDFReadr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\VAIOMediaPlatform-VideoServer-HTTP.dll -- (U3sHlpDr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\wintabservice.dll -- (U2SP)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\3comtftp.dll -- (tvicport)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\wlankeeper.dll -- (TUWinStylerThemeSvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\v124.dll -- (tunnelguardservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\wmdmpmsn.dll -- (TSHWMDTCP)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\atixsaudio.dll -- (trlokom_rmhsvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mfesmfk.dll -- (transbaseservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\netddedsdm.dll -- (transactional)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vmparport.dll -- (TPM)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\hsfhwazl.dll -- (tphkdrv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\gs30s.dll -- (tng-doba)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\o2flash.dll -- (TNaviSrv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\Xyz777b.dll -- (tmtdi)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vserial.dll -- (tmesrv3)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mnsframework.dll -- (tmactmon)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\E1000.dll -- (tlntsvr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\wltwo51b.dll -- (thotkey)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\uclauncherservice.dll -- (tfsndrct)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\lxcr_device.dll -- (tdsmapi)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nsm1serd.dll -- (tdrpman174)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\hwpsgt.dll -- (T6963C)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tifmsony.dll -- (symndis)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\NWUSBModem.dll -- (sweepsrv.sys)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\usrbridg.dll -- (ss_mdm)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\stylexpservice.dll -- (SRTSPL)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cicssfs.scmmc223.dll -- (SQTECH9080)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ithsgt.dll -- (spupdsvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\wg111nd5.dll -- (Spsmqvsm)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\backuplauncher.dll -- (speedfan)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\k750mdfl.dll -- (spbbcsvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\LRMINIPORT.dll -- (SNMP)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tfsnudf.dll -- (SndTDriverV32)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\lsdiorw.dll -- (SlNtHal)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\penrendezvous.dll -- (slave)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\HFACSVC.dll -- (slabser)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\Si3132.dll -- (sit_mdm)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tosrfsnd.dll -- (sgeclient)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\c34nb4c5.dll -- (sfvfs02)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\msk80service.dll -- (sfhlp01)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\savrtpel.dll -- (servicelayer)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\dxdebug.dll -- (SerTVOutCtlr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SQLWriter.dll -- (SED133x)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\NMSAccessU.dll -- (se44obex)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sony_ssm.sys.dll -- (se44nd5)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\BrPar.dll -- (SE2Cmgmt)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pwkntmon.dll -- (SE2Bmdm)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ONSIO.dll -- (SE26mgmt)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ASInsHelp.dll -- (sdcplh)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\clr_optimization_v2.0.50727_32.dll -- (ScanUSBEMPIA)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\WmVirHid.dll -- (savrtpel)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\zpsc.dll -- (sagefserver)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ATSWPDRV.dll -- (s716obex)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\arc.dll -- (s616unic)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\DritekPortIO.dll -- (s616mdm)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\NSSvcMgr.dll -- (s3ssavage)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ACDaemon.dll -- (s117obex)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\appmgmt.dll -- (s116bus)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\MA_CMIDI.dll -- (RTSTOR)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tifm.dll -- (RTL8169)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rrrspy.dll -- (rsvp)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SE2Cmdfl.dll -- (RR2Vbi)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\svchost.dll -- (rp32service)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ofcservice.dll -- (roxupnpserver)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ctljystk.dll -- (roxmediadb9)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\s117bus.dll -- (roxmediadb)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SWNC8U20.dll -- (ROCKEYNT)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\winss.dll -- (rmedia)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\oracle_load_balancer_60_client-forms6i.dll -- (rismxdp)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tones.dll -- (rimusb)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\PCDRSRVC.dll -- (rapapp)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\motoswitchservice.dll -- (raidmagt)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\e1express.dll -- (racsvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\3c1807pd.dll -- (ql12160)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ROB_V.dll -- (proxyhostdriver)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\VSP1284D.dll -- (prohlp02)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sr_watchdog.dll -- (prodrv06)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tpkd.dll -- (prevxagent)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\inetaccs.dll -- (pinetmgr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\dpfusmgr.dll -- (pdlndtdl)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nmraapache.dll -- (pdlndint)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\GoToAssist.dll -- (pdlncbas)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cdr4_2k.dll -- (pctavsvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\symantecantibotagent.dll -- (pcidrv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\om518p.dll -- (PciBus)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\noipducservice.dll -- (pcctlcom)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\netdevio.dll -- (p1131vid)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\{e2b953a6-195a-44f9-9ba3-3d5f4e32bb55}.dll -- (oracleorahometnslistener)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\DCamUSBMke2.dll -- (oracleorahomedatagatherer)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\v2imount.dll -- (oracleorahome811cmadmin)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\CdaD10BA.dll -- (oracle_load_balancer_60_server-forms6ip14)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ssmdrv.dll -- (oracle%oracle_home_service%clientcache80)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\winpppoverethernet.dll -- (OneCareMP)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\spsslm.dll -- (olregcap)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tfsnifs.dll -- (nwlnkspx)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\AsuhfivrO.dll -- (nwlnkflt)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\CTMFLT.dll -- (NWHOST)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\z525mdm.dll -- (nvnforce)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\Subsonic.dll -- (nvatabus)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pcx1nd5.dll -- (ntsecure)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nipsvc.dll -- (NTACCESS)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\wmccds.dll -- (nsysaudm)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\AR5416.dll -- (nsausvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\{a7447300-8075-4b0d-83f1-3d75c8ebc623}.dll -- (nmservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rfcomm.dll -- (nmap)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mcredirector.dll -- (nipsvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\atinevxx.dll -- (nimxdfk)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\bgs_sdservice.dll -- (nimcrpcsu)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\btserial.dll -- (nic1394)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\se58mgmt.dll -- (networkx)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mcvsrte.dll -- (NetMsmqActivator)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rtl8023.dll -- (ndasscsi)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\atitool.dll -- (naimagent32)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\oracleorahome92tnslistener.dll -- (mwstick)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\NEOFLTR_600_13319.dll -- (mwspollserver)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mxnic.dll -- (mrpostman)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\srv.dll -- (MRESP50)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mrobeservice.dll -- (mpservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\https-nassry.dll -- (modemcsa)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\NVXBAR.dll -- (mnsframework)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\wlsetupsvc.dll -- (Memctl)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pdlndoem.dll -- (megamonitorsrv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\wacomkey.dll -- (mcredirector)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ssm_mdfl.dll -- (mcafeeantispyware)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\CAMFLT.dll -- (MailService)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nimcdfxk.dll -- (ma763004)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\licenseservice.dll -- (lxrsge10s)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\M3AD.dll -- (lxcf_device)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\Video3D.dll -- (lxbt_device)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\TryAndDecideService.dll -- (lvupdtio)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\symevent.dll -- (lvtuner)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\dsproct.dll -- (lvpopflt)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rimusb.dll -- (LUsbKbd)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\MegaSR.dll -- (logmein)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ABVPN2K.dll -- (LMouKE)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pvservice.dll -- (LKbdFlt2)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\iPassPeriodicUpdateApp.dll -- (LHidUsbK)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\FlexBios.dll -- (lckfldservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cpqrcmc.dll -- (L6POD)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\kraidsvc.dll -- (kerbkey)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\wlancig.dll -- (k750obex)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\incdrm.dll -- (iviVD)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\secdrv.dll -- (InterBaseServer)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\EQDRV5.dll -- (int15.sys)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\aiclient.dll -- (imountsrv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\db2das00.dll -- (ibmsmbus)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\infrastructure.dll -- (ibmpmdrv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\genmcmn.dll -- (iap)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\uiusys.dll -- (iaimtv4)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\se2Bnd5.dll -- (hwpsgt)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tsp.dll -- (hsxhwazl)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nm.dll -- (HPSLPSVC)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SymIM.dll -- (hpqwmiex)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\IntelC51.dll -- (ghostsec)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\usbehci.dll -- (FlexBios)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\RalinkRegistryWriter.dll -- (flashcomadmin)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\fdc.dll -- (FireTDI)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\MxlW2k.dll -- (firelm01)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\beatjammusicstreamingserver.dll -- (FireHook)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\TUWinStylerThemeSvc.dll -- (filechecker)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\retrowdsvc.dll -- (FETNDIS)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rtl8029.dll -- (euq_monitor)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ncupdatesvc.dll -- (Epiusb)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\Sk9920nt.dll -- (epgspooler)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\websensecamreportserver.dll -- (emu10k1)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pgpserv.dll -- (emAudio)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\zfdwm.dll -- (elservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cpsvc.dll -- (ELmon)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\agpcpq.dll -- (EL90X)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\s716unic.dll -- (EKECioCtl)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\btkrnl.dll -- (EIO_XP)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ALABULK.dll -- (easdrv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\disk.dll -- (EACSvrMngr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\lightscribeservice.dll -- (e1express)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tsmapip.dll -- (dtscsi)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ASFWHide.dll -- (dntus26)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nchssvad.dll -- (dmio)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\PSDNServ.dll -- (d-link_st3402)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pae_avs.dll -- (dlbx_device)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ATIBTXBAR.dll -- (dlapoolm)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\odserv.dll -- (df5serv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ql1280.dll -- (deltafw)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ldlcserv.dll -- (DcLps)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nicconfigsvc.dll -- (DCamUSBGrandTek)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\XFX_program.dll -- (db2)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\smapint.dll -- (cwafrmiregistry)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\omsad.dll -- (curtainssyssvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\DgiVecp.dll -- (CrystalSysInfo)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\relational.dll -- (crystaloutputfileserver)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\dmboot.dll -- (cpqfcalm)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SE2Dmdfl.dll -- (contentindex)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\eventclientmultiplexer.dll -- (CnxTrLan)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\Defrag32b.dll -- (cmudau)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\iPassPeriodicUpdateService.dll -- (cdaudio)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pdframe.dll -- (ccdecode)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\retrolauncher.dll -- (CBTNDIS5)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ar5211.dll -- (carboniteservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\venturi2.dll -- (cachemgr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vpcvmm.dll -- (BVRPMPR5)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vhidmini.dll -- (Blfp)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nimcrpcsu.dll -- (bdrsdrv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\symwsc.dll -- (bdfdll)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\adiusbaw.dll -- (bcoreusb)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\winpowerrmi.dll -- (BCMTPM)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\TMHIDSRV.dll -- (bc_tdi_f)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\awlegacy.dll -- (avidstartup)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\inport.dll -- (avgio)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\PGPsdkDriver.dll -- (avgclean)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\VX3000.dll -- (AVCamUSB20)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\isapisearch.dll -- (atmarpc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\USB28xxBGA.dll -- (ativraxx)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\npkcrypt.dll -- (ATIBTXBAR)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\uphclean.dll -- (ATIBTCAP)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\webrootspysweeperservice.dll -- (atfsd)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\swwd.dll -- (asp.net_2.0.50727)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rp32service.dll -- (AsIO)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\UimBus.dll -- (asctrm)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\PGPdisk.dll -- (asc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rnadirectory.dll -- (ARPolicy)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cmpci.dll -- (armoucfltr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\slave.dll -- (ARCSOFTVIRTUALCAPTURE)
SRV - File not found [Auto | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (appmgmt)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rpcnet.dll -- (appdrv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\wg6n.dll -- (apache2)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sbpci.dll -- (amfilter)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SprintRcAppSvc.dll -- (ALYac_PZSrv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\imapiservice.dll -- (AlteraByteBlaster)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\splitter.dll -- (agpcpq)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\naveng.dll -- (advservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\hpqwmi.dll -- (aalogger)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\MA8032U.dll -- (3comtftp)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\zpmysql.dll -- ({a7447300-8075-4b0d-83f1-3d75c8ebc623})
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\fallback.dll -- ({95808DC4-FA4A-4c74-92FE-5B863F82066B})
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sglfb.dll -- ({85ccb53b-23d8-4e73-b1b7-9ddb71827d9b})
SRV - [2012/09/12 23:59:16 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/07/05 12:48:32 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/03/22 19:29:08 | 000,361,976 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2012/03/20 13:11:32 | 000,151,880 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\System32\mfevtps.exe -- (mfevtp)
SRV - [2012/03/20 13:05:00 | 000,161,632 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV - [2012/03/20 13:04:32 | 000,166,288 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV - [2011/02/28 18:44:14 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2011/02/24 04:03:24 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV - [2010/05/20 15:27:24 | 000,139,632 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2010/04/13 21:11:14 | 000,229,688 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee Online Backup\MOBKbackup.exe -- (MOBKbackup)
SRV - [2010/03/18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/10/30 02:54:19 | 000,647,680 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Running] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/07/30 04:03:26 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009/07/23 02:56:24 | 000,474,888 | ---- | M] (Motorola, Inc.) [Auto | Running] -- C:\Program Files\Motorola\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2009/07/23 02:55:46 | 003,473,672 | ---- | M] (Motorola, Inc.) [On_Demand | Running] -- C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe -- (Bluetooth Device Manager)
SRV - [2009/07/23 02:54:30 | 000,709,384 | ---- | M] (Motorola, Inc.) [On_Demand | Running] -- C:\Program Files\Motorola\Bluetooth\audiosrv.exe -- (Bluetooth Media Service)
SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/09 23:54:42 | 000,160,768 | ---- | M] (Micro-Star International Co., Ltd.) [Auto | Running] -- C:\Program Files\System Control Manager\MSIService.exe -- (Micro Star SCM)
SRV - [2007/01/04 20:48:50 | 000,112,152 | ---- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\RtsUCcid.sys -- (USBCCID)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\Rts516xIR.sys -- (RtsUIR)
DRV - File not found [Kernel | On_Demand | Stopped] -- E:\RESCUE\MGHwCtrl.sys -- (MGHwCtrl)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (mfeavfk01)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Martin\AppData\Local\Temp\CFcatchme.sys -- (CFcatchme)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Martin\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2012/02/22 13:29:46 | 000,464,304 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2012/02/22 13:29:46 | 000,340,920 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfefirek.sys -- (mfefirek)
DRV - [2012/02/22 13:29:46 | 000,180,848 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2012/02/22 13:29:46 | 000,169,608 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\mfewfpk.sys -- (mfewfpk)
DRV - [2012/02/22 13:29:46 | 000,121,544 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2012/02/22 13:29:46 | 000,087,656 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2012/02/22 13:29:46 | 000,064,912 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfenlfk.sys -- (mfenlfk)
DRV - [2012/02/22 13:29:46 | 000,059,456 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2012/02/22 13:29:46 | 000,057,600 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\cfwids.sys -- (cfwids)
DRV - [2010/10/20 14:43:08 | 000,007,680 | ---- | M] (MSI) [Kernel | On_Demand | Running] -- C:\Program Files\MSI\Live Update 5\NTIOLib.sys -- (NTIOLib_1_0_4)
DRV - [2010/05/20 15:27:26 | 001,961,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VX3000.sys -- (VX3000)
DRV - [2010/05/10 10:44:42 | 000,025,912 | ---- | M] (Your Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\MSI\Live Update 5\msibios32_100507.sys -- (MSI_MSIBIOS_010507)
DRV - [2010/04/13 21:10:22 | 000,054,776 | ---- | M] (Mozy, Inc.) [File_System | System | Running] -- C:\Windows\System32\drivers\MOBK.sys -- (MOBKFilter)
DRV - [2009/07/30 14:10:40 | 004,994,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009/07/14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009/07/13 23:13:45 | 001,068,032 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
DRV - [2009/07/13 22:01:42 | 000,516,608 | ---- | M] (Motorola, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btmusb.sys -- (BTMUSB)
DRV - [2009/07/10 01:13:30 | 000,040,448 | ---- | M] (Motorola, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btmcom.sys -- (BTMCOM)
DRV - [2009/06/29 22:30:50 | 000,027,008 | ---- | M] (Motorola, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btmhid.sys -- (btmhid)
DRV - [2009/06/24 11:23:12 | 000,159,776 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService)
DRV - [2009/06/04 09:45:48 | 000,166,912 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009/05/05 15:00:28 | 000,014,392 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie)
DRV - [2008/04/25 14:06:40 | 000,017,920 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV - [2007/04/17 21:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\regi.sys -- (regi)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: {f999a48b-1950-4d81-9971-79018f807b4b} - C:\Program Files\FreeOnlineRadioPlayerRecorder\prxtbFre0.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}: "URL" = http://search.imesh....q={searchTerms}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2737658


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1552212946-2046552680-650322686-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...&ctid=CT2737658
IE - HKU\S-1-5-21-1552212946-2046552680-650322686-1000\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKU\S-1-5-21-1552212946-2046552680-650322686-1000\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - No CLSID value found
IE - HKU\S-1-5-21-1552212946-2046552680-650322686-1000\..\URLSearchHook: {f999a48b-1950-4d81-9971-79018f807b4b} - C:\Program Files\FreeOnlineRadioPlayerRecorder\prxtbFre0.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1552212946-2046552680-650322686-1000\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}
IE - HKU\S-1-5-21-1552212946-2046552680-650322686-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-1552212946-2046552680-650322686-1000\..\SearchScopes\{81BB7F73-58B4-44BC-B980-42A95D8974A1}: "URL" = http://uk.search.yah...p={SearchTerms}
IE - HKU\S-1-5-21-1552212946-2046552680-650322686-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}: "URL" = http://search.imesh....q={searchTerms}
IE - HKU\S-1-5-21-1552212946-2046552680-650322686-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2737658
IE - HKU\S-1-5-21-1552212946-2046552680-650322686-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Secure Search"
FF - prefs.js..browser.search.order.1: "iMesh Web Search"
FF - prefs.js..browser.search.selectedEngine: "Secure Search"
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledAddons: {D19CA586-DD6C-4a0a-96F8-14644F340D60}:14.4.1
FF - prefs.js..extensions.enabledAddons: {4ED1F68A-5463-4931-9384-8FFF5ED91D92}:3.4.1.195
FF - prefs.js..keyword.URL: "http://uk.search.yah...h?fr=mcafee&p="
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~1\mcafee\msc\npmcsn~1.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Martin\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2012/03/01 19:40:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files\Common Files\McAfee\SystemCore [2012/10/17 18:55:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/09/12 23:59:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2011/04/05 11:55:19 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Martin\AppData\Roaming\Mozilla\Extensions
[2012/08/28 08:24:29 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\tjwljtto.default\extensions
[2012/08/28 08:24:29 | 000,000,000 | ---D | M] (FreeOnlineRadioPlayerRecorder Community Toolbar) -- C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\tjwljtto.default\extensions\{f999a48b-1950-4d81-9971-79018f807b4b}
[2010/09/02 09:09:28 | 000,002,486 | -H-- | M] () -- C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\tjwljtto.default\searchplugins\iMeshWebSearch.xml
[2011/11/15 18:43:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/10/17 18:55:47 | 000,000,000 | ---D | M] (McAfee ScriptScan for Firefox) -- C:\PROGRAM FILES\COMMON FILES\MCAFEE\SYSTEMCORE
[2012/03/01 19:40:32 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES\MCAFEE\SITEADVISOR
[2012/09/12 23:59:17 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010/10/13 23:28:54 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files\mozilla firefox\components\Scriptff.dll
[2012/05/01 00:15:34 | 000,001,525 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2012/09/12 23:59:15 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/05/01 00:15:34 | 000,000,935 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2012/05/01 00:15:34 | 000,001,166 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2010/09/02 09:09:28 | 000,002,486 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\iMeshWebSearch.xml
[2011/09/30 14:06:01 | 000,002,027 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2012/09/12 23:59:15 | 000,002,253 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
[2012/05/01 00:15:34 | 000,001,121 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2012/06/06 07:11:17 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll File not found
O2 - BHO: (MediaBar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~1\IMESHA~1\MediaBar\ToolBar\imeshdtxmltbpi.dll File not found
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\Mcafee\SystemCore\ScriptSn.20120510121353.dll (McAfee, Inc.)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (FreeOnlineRadioPlayerRecorder Toolbar) - {f999a48b-1950-4d81-9971-79018f807b4b} - C:\Program Files\FreeOnlineRadioPlayerRecorder\prxtbFre0.dll (Conduit Ltd.)
O2 - BHO: (SMTTB2009 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\HyperCam Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (no name) - !{ba14329e-9550-4989-b3f2-9732e92d17cc} - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (MediaBar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~1\IMESHA~1\MediaBar\ToolBar\imeshdtxmltbpi.dll File not found
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (FreeOnlineRadioPlayerRecorder Toolbar) - {f999a48b-1950-4d81-9971-79018f807b4b} - C:\Program Files\FreeOnlineRadioPlayerRecorder\prxtbFre0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-1552212946-2046552680-650322686-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-1552212946-2046552680-650322686-1000\..\Toolbar\WebBrowser: (FreeOnlineRadioPlayerRecorder Toolbar) - {F999A48B-1950-4D81-9971-79018F807B4B} - C:\Program Files\FreeOnlineRadioPlayerRecorder\prxtbFre0.dll (Conduit Ltd.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [BTMTrayAgent] C:\Program Files\Motorola\Bluetooth\btmshell.dll (Motorola, Inc.)
O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Live Update 5] C:\Program Files\MSI\Live Update 5\BootStartLiveupdate.exe ()
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [MGSysCtrl] C:\Program Files\System Control Manager\MGSysCtrl.exe (Micro-Star International Co., Ltd.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [VX3000] C:\Windows\vVX3000.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1552212946-2046552680-650322686-1000..\Run: [Facebook Update] C:\Users\Martin\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1552212946-2046552680-650322686-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1552212946-2046552680-650322686-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {F9043C85-F6F2-101A-A3C9-08002B2F49FB} ms-its:C:\Program Files\The Tournament Director 3\TD.lib::/comdlg32.cab (Microsoft Common Dialog Control, version 6.0 (SP6))
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A6F539D9-1C12-4D93-8E59-8CA02D96789B}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Sharedaccess - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: appmgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: wuauserv - File not found
NetSvcs: BITS - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - %systemroot%\system32\curtainssyssvc.dll File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/10/17 18:47:48 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Martin\Desktop\OTL.exe
[2012/10/17 18:06:49 | 000,000,000 | ---D | C] -- C:\windows\System32\RTCOM
[2012/10/17 18:05:37 | 002,899,488 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\System32\RtkHDMI.dll
[2012/10/17 18:05:37 | 001,168,416 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\System32\RHDMIExt.dll
[2012/10/17 18:05:37 | 000,048,672 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\System32\RHCoInst.dll
[2012/10/17 18:05:36 | 000,290,304 | ---- | C] (Dolby Laboratories, Inc.) -- C:\windows\System32\RH3DHT32.dll
[2012/10/17 18:05:36 | 000,290,304 | ---- | C] (Dolby Laboratories, Inc.) -- C:\windows\System32\RH3DAA32.dll
[2012/10/17 18:05:33 | 001,784,352 | ---- | C] (Waves Audio Ltd.) -- C:\windows\System32\WavesLib.dll
[2012/10/17 18:05:32 | 000,339,968 | ---- | C] (SRS Labs, Inc.) -- C:\windows\System32\SRSTSXT.dll
[2012/10/17 18:05:32 | 000,185,776 | ---- | C] (SRS Labs, Inc.) -- C:\windows\System32\SRSTSHD.dll
[2012/10/17 18:05:32 | 000,167,936 | ---- | C] (SRS Labs, Inc.) -- C:\windows\System32\SRSHP360.dll
[2012/10/17 18:05:32 | 000,135,168 | ---- | C] (SRS Labs, Inc.) -- C:\windows\System32\SRSWOW.dll
[2012/10/17 18:05:31 | 001,168,928 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\System32\RtkPgExt.dll
[2012/10/17 18:05:31 | 000,326,176 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\System32\RtkApoApi.dll
[2012/10/17 18:05:31 | 000,048,672 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\System32\RtkCoInst.dll
[2012/10/17 18:05:30 | 002,899,488 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\System32\RtkAPO.dll
[2012/10/17 18:05:27 | 000,551,456 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\System32\RTSndMgr.cpl
[2012/10/17 18:05:25 | 000,290,304 | ---- | C] (Dolby Laboratories, Inc.) -- C:\windows\System32\RP3DHT32.dll
[2012/10/17 18:05:25 | 000,290,304 | ---- | C] (Dolby Laboratories, Inc.) -- C:\windows\System32\RP3DAA32.dll
[2012/10/17 18:05:24 | 001,933,312 | ---- | C] (Waves Audio Ltd.) -- C:\windows\System32\MaxxAudioEQ.dll
[2012/10/17 18:05:24 | 000,159,744 | ---- | C] (Waves Audio Ltd.) -- C:\windows\System32\MaxxAudioAPO20.dll
[2012/10/17 18:05:24 | 000,126,976 | ---- | C] (Waves Audio Ltd.) -- C:\windows\System32\MaxxAudioAPO.dll
[2012/10/17 18:05:22 | 000,159,232 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\windows\System32\FMAPO.dll
[2012/10/17 18:05:21 | 000,142,848 | ---- | C] (Andrea Electronics Corporation) -- C:\windows\System32\AERTACap.dll
[2012/10/17 18:05:21 | 000,125,952 | ---- | C] (Andrea Electronics Corporation) -- C:\windows\System32\AERTARen.dll
[2012/10/17 18:05:16 | 000,540,672 | R--- | C] (Realtek Semiconductor Corp.) -- C:\windows\RtlExUpd.dll
[2012/10/17 13:58:44 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Local\{1D2F320D-D238-4816-B8FA-FA62A2CDA446}
[2012/10/16 17:51:39 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Local\{BC1DF122-08DC-4EAF-A7A5-8C0959D664A8}
[2012/10/10 13:20:05 | 000,000,000 | ---D | C] -- C:\ProgramData\erwpusqgodbisol
[2012/10/07 19:11:52 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Local\{C5642557-6557-4FBB-815C-7EF6B013A4BC}
[2012/10/05 00:18:42 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Local\{48C305F2-27F7-4FFC-AC0A-1A0BDDF0F386}
[2012/10/04 19:34:01 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012/10/03 11:47:12 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Local\{B41229D3-F08A-44F6-9355-E66C9839BBD8}
[2012/09/24 12:26:33 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Local\{DE6991EE-F9EA-4F9B-9A71-F3CFFA47D533}
[1 C:\windows\System32\drivers\*.tmp files -> C:\windows\System32\drivers\*.tmp -> ]
[1 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/10/17 19:27:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2012/10/17 18:59:34 | 000,022,896 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/10/17 18:59:34 | 000,022,896 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/10/17 18:52:05 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/10/17 18:51:58 | 2616,696,832 | -HS- | M] () -- C:\hiberfil.sys
[2012/10/17 18:49:01 | 000,000,930 | -H-- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-1552212946-2046552680-650322686-1000UA.job
[2012/10/17 18:47:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Martin\Desktop\OTL.exe
[2012/10/17 15:23:18 | 000,005,256 | ---- | M] () -- C:\Users\Martin\Desktop\mkm.reg
[2012/10/17 15:18:26 | 139,060,642 | ---- | M] () -- C:\Users\Martin\Documents\mkm2.reg
[2012/10/10 13:20:05 | 000,069,779 | ---- | M] () -- C:\ProgramData\flssvpodwuejdxx
[2012/10/10 02:09:49 | 000,000,908 | -H-- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-1552212946-2046552680-650322686-1000Core.job
[2012/10/04 21:45:39 | 000,001,077 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[1 C:\windows\System32\drivers\*.tmp files -> C:\windows\System32\drivers\*.tmp -> ]
[1 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/10/17 15:47:00 | 000,005,256 | ---- | C] () -- C:\Users\Martin\Desktop\wscsvc.reg
[2012/10/17 15:23:18 | 000,005,256 | ---- | C] () -- C:\Users\Martin\Desktop\mkm.reg
[2012/10/17 15:18:12 | 139,060,642 | ---- | C] () -- C:\Users\Martin\Documents\mkm2.reg
[2012/10/10 13:19:54 | 000,069,779 | ---- | C] () -- C:\ProgramData\flssvpodwuejdxx
[2012/05/29 11:37:54 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe
[2012/05/29 11:37:54 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe
[2012/05/29 11:37:54 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe
[2012/05/29 11:37:54 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe
[2012/05/29 11:37:54 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe
[2012/05/24 14:21:54 | 000,000,056 | -H-- | C] () -- C:\windows\System32\ezsidmv.dat
[2011/02/25 00:48:36 | 000,000,096 | -H-- | C] () -- C:\ProgramData\CameraRecorder.ini

========== ZeroAccess Check ==========

[2012/09/09 11:31:18 | 000,002,048 | -HS- | M] () -- C:\$RECYCLE.BIN\S-1-5-18\$09e7d81ee082c3ccf1679bba57bd5a4e\@
[2012/09/13 00:19:15 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN\S-1-5-18\$09e7d81ee082c3ccf1679bba57bd5a4e\L
[2012/10/05 00:14:50 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN\S-1-5-18\$09e7d81ee082c3ccf1679bba57bd5a4e\U
[2012/10/04 21:42:13 | 000,000,804 | ---- | M] () -- C:\$RECYCLE.BIN\S-1-5-18\$09e7d81ee082c3ccf1679bba57bd5a4e\L\[email protected]
[2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
[2012/10/04 21:42:07 | 000,005,120 | -HS- | M] () -- C:\windows\assembly\GAC\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
"ThreadingModel" = Both
"" = shell32.dll -- [2012/01/04 10:03:45 | 012,868,096 | ---- | M] (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/01/04 10:03:45 | 012,868,096 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = fastprox.dll -- [2009/07/14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Custom Scans ==========

========== Base Services ==========
SRV - [2009/07/14 02:14:53 | 000,062,464 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\aelupsvc.dll -- (AeLookupSvc)
SRV - [2009/07/14 02:14:53 | 000,046,592 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appinfo.dll -- (Appinfo)
SRV - [2009/07/14 02:14:11 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\alg.exe -- (ALG)
No service found with a name of BITS
No service found with a name of BFE
SRV - [2011/11/17 06:36:26 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\lsass.exe -- (KeyIso)
SRV - [2009/07/14 02:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\es.dll -- (EventSystem)
SRV - [2009/07/14 02:15:00 | 000,102,400 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\browser.dll -- (Browser)
SRV - [2009/07/14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\cryptsvc.dll -- (CryptSvc)
SRV - [2009/07/14 02:16:13 | 000,376,320 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\rpcss.dll -- (DcomLaunch)
SRV - [2009/07/14 02:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2011/03/03 06:29:23 | 000,132,608 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dnsrslvr.dll -- (Dnscache)
SRV - [2009/07/14 02:15:13 | 000,098,304 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\eapsvc.dll -- (EapHost)
SRV - [2009/07/14 02:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\hidserv.dll -- (hidserv)
No service found with a name of SharedAccess
SRV - [2009/07/14 02:15:33 | 000,350,720 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV - [2009/07/14 02:16:15 | 000,313,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\swprv.dll -- (swprv)
SRV - [2009/07/14 02:15:41 | 000,049,664 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\mmcss.dll -- (MMCSS)
SRV - [2009/07/14 02:16:03 | 000,280,576 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netman.dll -- (Netman)
SRV - [2009/07/14 02:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netprofm.dll -- (netprofm)
SRV - [2009/07/14 02:16:03 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nlasvc.dll -- (NlaSvc)
SRV - [2009/07/14 02:16:11 | 000,019,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nsisvc.dll -- (nsi)
SRV - [2011/05/24 11:35:34 | 000,294,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpnpmgr.dll -- (PlugPlay)
SRV - [2010/08/21 06:32:37 | 000,316,928 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\spoolsv.exe -- (Spooler)
SRV - [2011/11/17 06:36:26 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\lsass.exe -- (ProtectedStorage)
No service found with a name of EMDMgmt
SRV - [2009/07/14 02:16:12 | 000,090,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\rasauto.dll -- (RasAuto)
SRV - [2009/07/14 02:16:12 | 000,285,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\rasmans.dll -- (RasMan)
SRV - [2009/07/14 02:16:13 | 000,376,320 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\rpcss.dll -- (RpcSs)
SRV - [2009/07/14 02:16:13 | 000,021,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\seclogon.dll -- (seclogon)
SRV - [2011/11/17 06:36:26 | 000,022,528 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lsass.exe -- (SamSs)
SRV - [2010/12/21 06:38:24 | 000,073,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wscsvc.dll -- (wscsvc)
SRV - [2010/08/27 06:46:48 | 000,168,448 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\srvsvc.dll -- (LanmanServer)
SRV - [2009/07/14 02:16:14 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV - [2010/11/02 05:39:32 | 000,749,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\schedsvc.dll -- (Schedule)
SRV - [2009/07/14 02:16:15 | 000,241,664 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\tapisrv.dll -- (TapiSrv)
SRV - [2009/07/14 02:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2009/07/14 02:16:12 | 000,162,816 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\profsvc.dll -- (ProfSvc)
SRV - [2009/07/14 02:14:43 | 001,025,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\VSSVC.exe -- (VSS)
No service found with a name of AudioSrv
No service found with a name of AudioEndpointBuilder
SRV - [2009/07/14 02:16:13 | 000,125,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sdrsvc.dll -- (SDRSVC)
No service found with a name of WinDefend
SRV - [2009/07/14 02:16:18 | 001,086,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wevtsvc.dll -- (eventlog)
No service found with a name of MpsSvc
SRV - [2009/07/14 02:16:18 | 000,462,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wiaservc.dll -- (StiSvc)
SRV - [2009/07/14 02:14:25 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\System32\msiexec.exe -- (msiserver)
SRV - [2009/07/14 02:16:19 | 000,168,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wbem\WMIsvc.dll -- (Winmgmt)
No service found with a name of wuauserv
SRV - [2009/07/14 02:15:12 | 000,214,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\dot3svc.dll -- (dot3svc)
SRV - [2009/07/14 02:16:19 | 000,829,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wlansvc.dll -- (Wlansvc)
SRV - [2009/07/14 02:16:19 | 000,084,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wkssvc.dll -- (LanmanWorkstation)

< %SYSTEMDRIVE%\*.exe >

< MD5 for: EXPLORER.EXE >
[2011/02/26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011/02/26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011/02/26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\ERDNT\cache\explorer.exe
[2011/02/26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\explorer.exe
[2011/02/26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010/11/20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009/08/03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009/08/03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009/10/31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: SERVICES >
[2009/06/10 22:39:37 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\System32\drivers\etc\services
[2009/06/10 22:39:37 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_045b589158ae90da\services

< MD5 for: SERVICES.EXE >
[2009/07/14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\ERDNT\cache\services.exe
[2009/07/14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009/07/14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe

< MD5 for: SERVICES.EXE.MUI >
[2009/07/14 03:03:06 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=0DA5F221169DEB5AC3A22465CD6F0281 -- C:\Windows\System32\en-US\services.exe.mui
[2009/07/14 03:03:06 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=0DA5F221169DEB5AC3A22465CD6F0281 -- C:\Windows\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_en-us_69d39d3a8748c332\services.exe.mui

< MD5 for: SERVICES.LNK >
[2009/07/14 05:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 05:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 05:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 05:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 05:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 05:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 05:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 05:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Documents and Settings\All Users\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 05:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Documents and Settings\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 05:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 05:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 05:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 05:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 05:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 05:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 05:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 05:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\ProgramData\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 05:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\ProgramData\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 05:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\ProgramData\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 05:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 05:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Qoobox\Quarantine\C\Users\Martin\AppData\Local\Temp\smtmp\1\Programs\Administrative Tools\services.lnk
[2009/07/14 05:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 05:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 05:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 05:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 05:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 05:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 05:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Users\All Users\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 05:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Users\All Users\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 05:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Users\All Users\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 05:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
File not found Unable to obtain MD5 -- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
File not found Unable to obtain MD5 -- C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk

< MD5 for: SERVICES.MOCHIADS.COM.SOL >
[2012/05/17 10:29:57 | 000,003,022 | ---- | M] () MD5=2C7BC154F6E056E3F98CFBB6680835B2 -- C:\Documents and Settings\Martin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\R84LQEG4\mochiads.com\services.mochiads.com.sol
[2012/05/17 10:29:57 | 000,003,022 | ---- | M] () MD5=2C7BC154F6E056E3F98CFBB6680835B2 -- C:\Users\Martin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\R84LQEG4\mochiads.com\services.mochiads.com.sol

< MD5 for: SERVICES.MOF >
[2009/06/10 22:26:14 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\System32\wbem\services.mof
[2009/06/10 22:26:14 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.mof

< MD5 for: SERVICES.MSC >
[2009/07/14 03:08:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\System32\en-US\services.msc
[2009/06/10 22:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\System32\services.msc
[2009/07/14 03:08:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_a4156d265db25d25\services.msc
[2009/06/10 22:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_cf3a38c7a70e7a54\services.msc

< MD5 for: SERVICES.PTXML >
[2009/07/13 21:20:01 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\System32\wdi\perftrack\Services.ptxml
[2009/07/13 21:20:01 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\Services.ptxml

< MD5 for: SVCHOST.EXE >
[2012/09/07 17:04:42 | 000,218,696 | ---- | M] () MD5=4E0D8C9F83B7FD82393F7D8CCC27E7AE -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\ERDNT\cache\svchost.exe
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: USERINIT.EXE >
[2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\ERDNT\cache\userinit.exe
[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\System32\userinit.exe
[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009/10/28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\ERDNT\cache\winlogon.exe
[2009/10/28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\System32\winlogon.exe
[2009/10/28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009/10/28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2012/09/07 17:04:42 | 000,218,696 | ---- | M] () MD5=4E0D8C9F83B7FD82393F7D8CCC27E7AE -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2010/11/20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009/07/14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< MD5 for: WINSOCK.DLL >
[2009/07/13 22:41:34 | 000,002,864 | ---- | M] (Microsoft Corporation) MD5=68485C5EF0E2EFCEBF21BBB1042B823B -- C:\Windows\System32\WINSOCK.DLL
[2009/07/13 22:41:34 | 000,002,864 | ---- | M] (Microsoft Corporation) MD5=68485C5EF0E2EFCEBF21BBB1042B823B -- C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7600.16385_none_fde3cf3dd3e16d0d\WINSOCK.DLL
[2009/07/13 22:41:34 | 000,002,864 | ---- | M] (Microsoft Corporation) MD5=68485C5EF0E2EFCEBF21BBB1042B823B -- C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7\WINSOCK.DLL

< End of report >





extras:

OTL Extras logfile created on: 10/17/2012 7:18:41 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Martin\Desktop
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.25 Gb Total Physical Memory | 2.60 Gb Available Physical Memory | 79.90% Memory free
6.50 Gb Paging File | 5.60 Gb Available in Paging File | 86.14% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 273.39 Gb Total Space | 166.01 Gb Free Space | 60.72% Space Free | Partition Type: NTFS
Drive D: | 182.27 Gb Total Space | 179.73 Gb Free Space | 98.61% Space Free | Partition Type: NTFS

Computer Name: MARTIN-MSI | User Name: Martin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1552212946-2046552680-650322686-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{007B37D9-0C45-4202-834B-DD5FAAE99D63}" = ArcSoft Print Creations - Slimline Card
"{009E5DF2-3F97-480B-89DA-F2D5E672E14A}_is1" = Live Update 5
"{01A1A019-E1D8-482A-BE17-5E118D17C0A0}" = ArcSoft Print Creations - Brochures & Flyers
"{04EA5050-C67C-2C10-541E-D7E5C40EC436}" = ATI Catalyst Install Manager
"{07690F1C-04B1-4060-9691-6748ED1826B9}" = MSI Software Install
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = InterVideo WinDVD 8
"{25478065-4CB1-448C-80E4-8C4529017EE3}" = ArcSoft WebCam Companion 3
"{25D677EB-E581-6A02-589B-BBF8E574EE66}" = CCC Help Portuguese
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java™ 6 Update 24
"{27C467F8-F8EF-4f68-BD72-D63632B2096C}" = McAfee Online Backup
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2892E1B7-E24D-4CCB-B8A7-B63D4B66F89F}" = BurnRecovery
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2EB67C68-2771-099F-62FE-CE55D9AF86CA}" = Catalyst Control Center Core Implementation
"{324DD2A2-EBF4-4D59-6DEF-298B25740453}" = Catalyst Control Center Graphics Light
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3A9DABA1-6190-0FCD-A7E4-44C844B667D3}" = Catalyst Control Center Graphics Full Existing
"{3BDDA587-7CDE-430C-90A4-E2C4E48D3AE9}" = Camera Recorder
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C6037CF-584D-1F36-62AE-55EFA7C7168C}" = CCC Help English
"{3CE47E6B-AE27-4E40-AC54-329EED96B933}" = ArcSoft Print Creations - Funhouse II
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{543508B7-4BB3-9FB6-9233-3AFE77FAA775}" = Catalyst Control Center Graphics Full New
"{56589DFE-0C29-4DFE-8E42-887B771ECD23}" = ArcSoft Print Creations - Photo Book
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{5D1C82E7-7EC0-4404-A8AD-36C3B444BC34}" = ArcSoft Print Creations - Poster Creator
"{5FC7AB5C-61FC-42DF-A923-5139BCF10D42}" = Microsoft LifeCam
"{62583F2E-0E2B-BC02-AAA6-C3F261196912}" = ccc-core-static
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}" = Bing Bar
"{7CAC6A44-C3DE-4153-ACA6-7524602C789E}" = Facebook Video Calling 1.2.0.159
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{85643AB7-2687-4F5B-A0D1-0CC8E764B677}" = CCC Help Chinese Standard
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E90189A-A5D4-4C0E-A908-06C4236F98EE}" = ArcSoft Magic-i Visual Effects 2
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0408-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Greek) 2007
"{90120000-0016-0408-0000-0000000FF1CE}_HOMESTUDENTR_{F86B508B-F1A2-4841-B906-CDDA3A548A2A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0413-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Dutch) 2007
"{90120000-0016-0413-0000-0000000FF1CE}_HOMESTUDENTR_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0408-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Greek) 2007
"{90120000-0018-0408-0000-0000000FF1CE}_HOMESTUDENTR_{F86B508B-F1A2-4841-B906-CDDA3A548A2A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0413-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Dutch) 2007
"{90120000-0018-0413-0000-0000000FF1CE}_HOMESTUDENTR_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0408-0000-0000000FF1CE}" = Microsoft Office Word MUI (Greek) 2007
"{90120000-001B-0408-0000-0000000FF1CE}_HOMESTUDENTR_{F86B508B-F1A2-4841-B906-CDDA3A548A2A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0413-0000-0000000FF1CE}" = Microsoft Office Word MUI (Dutch) 2007
"{90120000-001B-0413-0000-0000000FF1CE}_HOMESTUDENTR_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{3E8EA473-ECCE-405F-A9CA-59446AEADD3A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0408-0000-0000000FF1CE}" = Microsoft Office Proof (Greek) 2007
"{90120000-001F-0408-0000-0000000FF1CE}_HOMESTUDENTR_{DB0C1C5A-7998-4B95-8BD5-ACACD18B0B53}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{2C95E7EE-FEA7-4B3A-A6E5-DF90A88B816A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-002C-0408-0000-0000000FF1CE}" = Microsoft Office Proofing (Greek) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-002C-0413-0000-0000000FF1CE}" = Microsoft Office Proofing (Dutch) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0408-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Greek) 2007
"{90120000-006E-0408-0000-0000000FF1CE}_HOMESTUDENTR_{58D10C7E-20DE-47F0-BAFA-37A870A625F9}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{8283FD64-6A3B-4104-9E12-7CA25EF29A1A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0413-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Dutch) 2007
"{90120000-006E-0413-0000-0000000FF1CE}_HOMESTUDENTR_{1D12BC91-360E-424C-97C4-813651313660}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0408-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Greek) 2007
"{90120000-00A1-0408-0000-0000000FF1CE}_HOMESTUDENTR_{F86B508B-F1A2-4841-B906-CDDA3A548A2A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007
"{90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0413-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Dutch) 2007
"{90120000-00A1-0413-0000-0000000FF1CE}_HOMESTUDENTR_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{93ED8388-3C43-4D49-8081-03A0BE7D4E2F}_is1" = Poker Tournament Supervisor
"{93FE7A5C-B7B7-D638-AF72-C9FDB55C6D2B}" = ccc-utility
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9591C049-5CAE-4E89-A8D9-191F1899628B}" = ArcSoft Print Creations - Funhouse
"{95F875CC-1B85-43E6-B3E0-13EA04F3D995}" = ArcSoft Print Creations - Photo Prints
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9D53EB3E-EDEA-2D0D-07C1-CBF446A44E7D}" = Catalyst Control Center Graphics Previews Vista
"{A29549FD-65F3-440C-A552-6B8114CF319D}" = Skype Toolbars
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AC6364D6-6A32-D198-7FFB-0F171E00BF22}" = CCC Help Italian
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1
"{B0D83FCD-9D42-43ED-8315-250326AADA02}" = ArcSoft Print Creations - Scrapbook
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B1D17925-F0B1-9C94-7FDC-6DFFC0122FDC}" = Catalyst Control Center InstallProxy
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C6B4A51C-65B9-0424-A29A-1C3423172E65}" = CCC Help German
"{CA9ED5E4-1548-485B-A293-417840060158}" = ArcSoft Print Creations - Photo Calendar
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFF4500E-C5D6-695D-A027-B3D4DDED2CC3}" = McAfee Online Backup
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DD7E7757-1C6F-4C35-B380-FFF587973C89}" = CCC Help Japanese
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{E6B4117F-AC59-4B13-9274-EB136E8897EE}" = ArcSoft Print Creations - Album Page
"{EAFD83A5-3C5A-25FD-4109-487872B4106F}" = Catalyst Control Center Localization All
"{EC7F0D7F-F77F-654F-1776-4D53CBD47570}" = CCC Help Spanish
"{ED9C5D25-55DF-48D8-9328-2AC0D75DE5D8}" = System Control Manager
"{F04F9557-81A9-4293-BC49-2C216FA325A7}" = ArcSoft Print Creations - Greeting Card
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FB0FDAEE-0C21-8610-B072-8B0028904E94}" = CCC Help French
"{FC2822D9-926E-4F55-B2A2-C49A0588802E}" = ArcSoft Print Creations
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"888poker" = 888poker
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"ESET Online Scanner" = ESET Online Scanner v3
"FreeOnlineRadioPlayerRecorder Toolbar" = FreeOnlineRadioPlayerRecorder Toolbar
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HyperCam 2" = HyperCam 2
"HyperCam Toolbar" = HyperCam Toolbar
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = InterVideo WinDVD 8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.65.0.1400
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Motorola Bluetooth_is1" = Motorola Bluetooth
"Mozilla Firefox 15.0.1 (x86 en-GB)" = Mozilla Firefox 15.0.1 (x86 en-GB)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSC" = McAfee Total Protection
"Music Editor Free" = Music Editor Free
"PokerStars" = PokerStars
"Speccy" = Speccy
"The Tournament Director 3" = The Tournament Director 3
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.11
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 10/3/2012 5:28:21 AM | Computer Name = Martin-msi | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: The data is invalid. .

Error - 10/3/2012 5:28:21 AM | Computer Name = Martin-msi | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: The data is invalid. .

Error - 10/3/2012 5:28:22 AM | Computer Name = Martin-msi | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: The data is invalid. .

Error - 10/3/2012 6:47:38 AM | Computer Name = Martin-msi | Source = VSS | ID = 8194
Description =

Error - 10/3/2012 6:52:34 AM | Computer Name = Martin-msi | Source = Application Error | ID = 1000
Description = Faulting application name: McSvHost.exe, version: 2.0.230.0, time
stamp: 0x4d41ff35 Faulting module name: naiann.dll_unloaded, version: 0.0.0.0, time
stamp: 0x4d545190 Exception code: 0xc0000005 Fault offset: 0x67550296 Faulting process
id: 0x670 Faulting application start time: 0x01cda1543005440e Faulting application
path: C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe Faulting module
path: naiann.dll Report Id: 6fb8ed1f-0d48-11e2-89a4-4061861eafe5

Error - 10/3/2012 12:58:29 PM | Computer Name = Martin-msi | Source = Google Update | ID = 20
Description =

Error - 10/4/2012 7:44:27 AM | Computer Name = Martin-msi | Source = VSS | ID = 8194
Description =

Error - 10/4/2012 4:12:53 PM | Computer Name = Martin-msi | Source = Microsoft-Windows-CAPI2 | ID = 512
Description = The Cryptographic Services service failed to initialize the VSS backup
"System Writer" object. Details: Could not query the status of the EventSystem service.

System
Error: A system shutdown is in progress. .

Error - 10/4/2012 7:18:58 PM | Computer Name = Martin-msi | Source = VSS | ID = 8194
Description =

Error - 10/4/2012 7:23:51 PM | Computer Name = Martin-msi | Source = Application Error | ID = 1000
Description = Faulting application name: McSvHost.exe, version: 2.0.230.0, time
stamp: 0x4d41ff35 Faulting module name: naiann.dll_unloaded, version: 0.0.0.0, time
stamp: 0x4d545190 Exception code: 0xc0000005 Fault offset: 0x68a90296 Faulting process
id: 0x678 Faulting application start time: 0x01cda28650d8c198 Faulting application
path: C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe Faulting module
path: naiann.dll Report Id: 8e3c5c77-0e7a-11e2-8b96-4061861eafe5

[ System Events ]
Error - 10/17/2012 1:52:07 PM | Computer Name = Martin-msi | Source = Service Control Manager | ID = 7003
Description = The IKE and AuthIP IPsec Keying Modules service depends the following
service: BFE. This service might not be installed.

Error - 10/17/2012 1:52:07 PM | Computer Name = Martin-msi | Source = Service Control Manager | ID = 7003
Description = The McAfee Personal Firewall Service service depends the following
service: MpsSvc. This service might not be installed.

Error - 10/17/2012 1:52:08 PM | Computer Name = Martin-msi | Source = Service Control Manager | ID = 7003
Description = The IPsec Policy Agent service depends the following service: BFE.
This service might not be installed.

Error - 10/17/2012 1:52:08 PM | Computer Name = Martin-msi | Source = Service Control Manager | ID = 7023
Description = The Mwsejcap service terminated with the following error: %%126

Error - 10/17/2012 1:54:23 PM | Computer Name = Martin-msi | Source = Service Control Manager | ID = 7023
Description = The McAfee VirusScan Announcer service terminated with the following
error: %%-2147024890

Error - 10/17/2012 1:59:31 PM | Computer Name = Martin-msi | Source = Service Control Manager | ID = 7034
Description = The McAfee SiteAdvisor Service service terminated unexpectedly. It
has done this 1 time(s).

Error - 10/17/2012 1:59:31 PM | Computer Name = Martin-msi | Source = Service Control Manager | ID = 7031
Description = The McAfee Services service terminated unexpectedly. It has done
this 1 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.

Error - 10/17/2012 1:59:31 PM | Computer Name = Martin-msi | Source = Service Control Manager | ID = 7031
Description = The McAfee Network Agent service terminated unexpectedly. It has
done this 1 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.

Error - 10/17/2012 1:59:31 PM | Computer Name = Martin-msi | Source = Service Control Manager | ID = 7031
Description = The McAfee Proxy Service service terminated unexpectedly. It has
done this 1 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.

Error - 10/17/2012 1:59:31 PM | Computer Name = Martin-msi | Source = Service Control Manager | ID = 7031
Description = The McAfee Anti-Spam Service service terminated unexpectedly. It
has done this 1 time(s). The following corrective action will be taken in 60000
milliseconds: Restart the service.


< End of report >
  • 0

#4
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi it is a zero access infection

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    Posted Image
:OTL
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}: "URL" = http://search.imesh....q={searchTerms}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2737658
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKU\S-1-5-21-1552212946-2046552680-650322686-1000\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - No CLSID value found
IE - HKU\S-1-5-21-1552212946-2046552680-650322686-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...&ctid=CT2737658
IE - HKU\S-1-5-21-1552212946-2046552680-650322686-1000\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}
IE - HKU\S-1-5-21-1552212946-2046552680-650322686-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}: "URL" = http://search.imesh....q={searchTerms}
IE - HKU\S-1-5-21-1552212946-2046552680-650322686-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2737658
FF - prefs.js..browser.search.defaultenginename: "Secure Search"
FF - prefs.js..browser.search.order.1: "iMesh Web Search"
FF - prefs.js..browser.search.selectedEngine: "Secure Search"
[2010/09/02 09:09:28 | 000,002,486 | -H-- | M] () -- C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\tjwljtto.default\searchplugins\iMeshWebSearch.xml
[2010/09/02 09:09:28 | 000,002,486 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\iMeshWebSearch.xml
O2 - BHO: (MediaBar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~1\IMESHA~1\MediaBar\ToolBar\imeshdtxmltbpi.dll File not found
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - !{ba14329e-9550-4989-b3f2-9732e92d17cc} - No CLSID value found.
O3 - HKLM\..\Toolbar: (MediaBar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~1\IMESHA~1\MediaBar\ToolBar\imeshdtxmltbpi.dll File not found
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-1552212946-2046552680-650322686-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
[2012/10/10 13:20:05 | 000,069,779 | ---- | M] () -- C:\ProgramData\flssvpodwuejdxx
[2012/10/04 21:42:07 | 000,005,120 | -HS- | M] () -- C:\windows\assembly\GAC\Desktop.ini

:Files
C:\$RECYCLE.BIN\S-1-5-18\$09e7d81ee082c3ccf1679bba57bd5a4e

:Commands
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

THEN

Download and Install Combofix

Download ComboFix from one of the following locations:
Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop

* IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
  • Double click on ComboFix.exe & follow the prompts.
  • Accept the disclaimer and allow to update if it asks

    Posted Image

    Posted Image
  • When finished, it shall produce a log for you.
  • Please include the C:\ComboFix.txt in your next reply.

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.

3. If after the reboot you get errors about programmes being marked for deletion then reboot, that will cure it.


Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now
  • 0

#5
Aspall38

Aspall38

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts
OTL logfile created on: 10/18/2012 3:15:51 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Martin\Desktop
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.25 Gb Total Physical Memory | 2.20 Gb Available Physical Memory | 67.64% Memory free
6.50 Gb Paging File | 5.22 Gb Available in Paging File | 80.39% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 273.39 Gb Total Space | 166.66 Gb Free Space | 60.96% Space Free | Partition Type: NTFS
Drive D: | 182.27 Gb Total Space | 179.73 Gb Free Space | 98.61% Space Free | Partition Type: NTFS

Computer Name: MARTIN-MSI | User Name: Martin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/10/17 18:47:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Martin\Desktop\OTL.exe
PRC - [2012/09/18 11:05:12 | 001,927,736 | ---- | M] (Micro-Star International) -- C:\Program Files\MSI\Live Update 5\LU5.exe
PRC - [2012/03/21 21:16:10 | 001,318,816 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2012/03/20 13:11:32 | 000,151,880 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\mfevtps.exe
PRC - [2012/03/20 13:05:00 | 000,161,632 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\Mcafee\SystemCore\mfefire.exe
PRC - [2012/03/20 13:04:32 | 000,166,288 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\Mcafee\SystemCore\mcshield.exe
PRC - [2011/02/26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
PRC - [2010/10/29 14:49:28 | 000,505,064 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2010/10/27 19:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010/08/25 12:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
PRC - [2010/05/20 15:27:26 | 000,762,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\vVX3000.exe
PRC - [2010/05/20 15:27:24 | 000,139,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2010/04/13 21:11:14 | 000,229,688 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Online Backup\MOBKbackup.exe
PRC - [2010/03/18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2009/10/30 02:54:19 | 000,647,680 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
PRC - [2009/07/30 04:03:56 | 000,348,160 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2009/07/30 04:03:26 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2009/07/24 17:52:08 | 002,068,480 | ---- | M] (Micro-Star International Co., Ltd.) -- C:\Program Files\System Control Manager\MGSysCtrl.exe
PRC - [2009/07/23 02:56:24 | 000,474,888 | ---- | M] (Motorola, Inc.) -- C:\Program Files\Motorola\Bluetooth\obexsrv.exe
PRC - [2009/07/23 02:55:46 | 003,473,672 | ---- | M] (Motorola, Inc.) -- C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
PRC - [2009/07/23 02:54:30 | 000,709,384 | ---- | M] (Motorola, Inc.) -- C:\Program Files\Motorola\Bluetooth\audiosrv.exe
PRC - [2009/07/14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/07/09 23:54:42 | 000,160,768 | ---- | M] (Micro-Star International Co., Ltd.) -- C:\Program Files\System Control Manager\MSIService.exe
PRC - [2007/01/04 20:48:50 | 000,112,152 | ---- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe


========== Modules (No Company Name) ==========

MOD - [2009/07/14 02:15:51 | 000,232,448 | ---- | M] () -- \\?\globalroot\systemroot\system32\mswsock.DLL


========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vmkbd2.dll -- (zpsc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\odclientservice.dll -- (zebrmdm)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\eaps2kbd.dll -- (z525obex)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tvald.dll -- (yukonwxp)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mhn.dll -- (yats32)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ldap.dll -- (Xyz777b)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\trackcam4.dll -- (XUIF)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\qmofiltr.dll -- (XFX_program)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mdmxsdk.dll -- (Wuser32)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\adsexpb.dll -- (WUSB54Gv4SVC)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pctavsvc.dll -- (wps)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\AEADIFilters.dll -- (WmHidLo)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\simbad.dll -- (WmaCDriverV32)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\w800bus.dll -- (wlancfg)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\awservice.dll -- (wkscfgsrv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nvcap.dll -- (winproxy)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\epfwtdi.dll -- (WINIO)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nwlnkflt.dll -- (webupdate)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cebdaldr.dll -- (websenseuserservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\hotspotshieldservice.dll -- (websensepolicyserver)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pctoolsfirewallplus.dll -- (websensecamserver)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cvsnt.dll -- (websensecamreportserver)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ups.dll -- (webrootenterpriseclientservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\null.dll -- (Wbutton)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\HWSCtrl.dll -- (was)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ibmsmbus.dll -- (W8335XP)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\firesvc.dll -- (w800obex)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\CTSBLFX.DLL.dll -- (w550bus)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\hamachi.dll -- (W2acehid)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\dsbrokerservice.dll -- (VrAcFil)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\DSI_SiUSBXp_3_1.dll -- (vpcnfltr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\Hardlock.dll -- (vncdrv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rdnaoflsvc.dll -- (Via4in1)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\issuser.dll -- (vhidmini)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\regmon701.dll -- (vcsw)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\adobeactivefilemonitor5.0.dll -- (VC6SecS)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\CVPNDRVA.dll -- (VAIOMediaPlatform-VideoServer-HTTP)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\zumbus.dll -- (V0080Dev)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mstdfrgs.dll -- (UxTuneUp)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\snpstd.dll -- (usprserv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\PTDCBus.dll -- (uscbs108)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\bdss.dll -- (usbsermptxp)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\atiavaiw.dll -- (USB28xxOEM)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\curtainssyssvc.dll -- (uploadmgr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cqmghost.dll -- (ufdsvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\viairda.dll -- (UDFReadr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\VAIOMediaPlatform-VideoServer-HTTP.dll -- (U3sHlpDr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\wintabservice.dll -- (U2SP)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\3comtftp.dll -- (tvicport)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\wlankeeper.dll -- (TUWinStylerThemeSvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\v124.dll -- (tunnelguardservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\wmdmpmsn.dll -- (TSHWMDTCP)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\atixsaudio.dll -- (trlokom_rmhsvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mfesmfk.dll -- (transbaseservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\netddedsdm.dll -- (transactional)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vmparport.dll -- (TPM)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\hsfhwazl.dll -- (tphkdrv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\gs30s.dll -- (tng-doba)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\o2flash.dll -- (TNaviSrv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\Xyz777b.dll -- (tmtdi)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vserial.dll -- (tmesrv3)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mnsframework.dll -- (tmactmon)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\E1000.dll -- (tlntsvr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\wltwo51b.dll -- (thotkey)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\uclauncherservice.dll -- (tfsndrct)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\lxcr_device.dll -- (tdsmapi)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nsm1serd.dll -- (tdrpman174)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\hwpsgt.dll -- (T6963C)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tifmsony.dll -- (symndis)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\NWUSBModem.dll -- (sweepsrv.sys)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\usrbridg.dll -- (ss_mdm)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\stylexpservice.dll -- (SRTSPL)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cicssfs.scmmc223.dll -- (SQTECH9080)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ithsgt.dll -- (spupdsvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\wg111nd5.dll -- (Spsmqvsm)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\backuplauncher.dll -- (speedfan)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\k750mdfl.dll -- (spbbcsvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\LRMINIPORT.dll -- (SNMP)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tfsnudf.dll -- (SndTDriverV32)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\lsdiorw.dll -- (SlNtHal)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\penrendezvous.dll -- (slave)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\HFACSVC.dll -- (slabser)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\Si3132.dll -- (sit_mdm)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tosrfsnd.dll -- (sgeclient)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\c34nb4c5.dll -- (sfvfs02)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\msk80service.dll -- (sfhlp01)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\savrtpel.dll -- (servicelayer)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\dxdebug.dll -- (SerTVOutCtlr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SQLWriter.dll -- (SED133x)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\NMSAccessU.dll -- (se44obex)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sony_ssm.sys.dll -- (se44nd5)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\BrPar.dll -- (SE2Cmgmt)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pwkntmon.dll -- (SE2Bmdm)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ONSIO.dll -- (SE26mgmt)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ASInsHelp.dll -- (sdcplh)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\clr_optimization_v2.0.50727_32.dll -- (ScanUSBEMPIA)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\WmVirHid.dll -- (savrtpel)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\zpsc.dll -- (sagefserver)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ATSWPDRV.dll -- (s716obex)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\arc.dll -- (s616unic)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\DritekPortIO.dll -- (s616mdm)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\NSSvcMgr.dll -- (s3ssavage)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ACDaemon.dll -- (s117obex)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\appmgmt.dll -- (s116bus)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\MA_CMIDI.dll -- (RTSTOR)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tifm.dll -- (RTL8169)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rrrspy.dll -- (rsvp)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SE2Cmdfl.dll -- (RR2Vbi)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\svchost.dll -- (rp32service)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ofcservice.dll -- (roxupnpserver)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ctljystk.dll -- (roxmediadb9)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\s117bus.dll -- (roxmediadb)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SWNC8U20.dll -- (ROCKEYNT)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\winss.dll -- (rmedia)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\oracle_load_balancer_60_client-forms6i.dll -- (rismxdp)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tones.dll -- (rimusb)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\PCDRSRVC.dll -- (rapapp)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\motoswitchservice.dll -- (raidmagt)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\e1express.dll -- (racsvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\3c1807pd.dll -- (ql12160)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ROB_V.dll -- (proxyhostdriver)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\VSP1284D.dll -- (prohlp02)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sr_watchdog.dll -- (prodrv06)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tpkd.dll -- (prevxagent)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\inetaccs.dll -- (pinetmgr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\dpfusmgr.dll -- (pdlndtdl)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nmraapache.dll -- (pdlndint)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\GoToAssist.dll -- (pdlncbas)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cdr4_2k.dll -- (pctavsvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\symantecantibotagent.dll -- (pcidrv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\om518p.dll -- (PciBus)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\noipducservice.dll -- (pcctlcom)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\netdevio.dll -- (p1131vid)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\{e2b953a6-195a-44f9-9ba3-3d5f4e32bb55}.dll -- (oracleorahometnslistener)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\DCamUSBMke2.dll -- (oracleorahomedatagatherer)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\v2imount.dll -- (oracleorahome811cmadmin)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\CdaD10BA.dll -- (oracle_load_balancer_60_server-forms6ip14)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ssmdrv.dll -- (oracle%oracle_home_service%clientcache80)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\winpppoverethernet.dll -- (OneCareMP)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\spsslm.dll -- (olregcap)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tfsnifs.dll -- (nwlnkspx)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\AsuhfivrO.dll -- (nwlnkflt)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\CTMFLT.dll -- (NWHOST)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\z525mdm.dll -- (nvnforce)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\Subsonic.dll -- (nvatabus)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pcx1nd5.dll -- (ntsecure)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nipsvc.dll -- (NTACCESS)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\wmccds.dll -- (nsysaudm)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\AR5416.dll -- (nsausvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\{a7447300-8075-4b0d-83f1-3d75c8ebc623}.dll -- (nmservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rfcomm.dll -- (nmap)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mcredirector.dll -- (nipsvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\atinevxx.dll -- (nimxdfk)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\bgs_sdservice.dll -- (nimcrpcsu)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\btserial.dll -- (nic1394)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\se58mgmt.dll -- (networkx)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mcvsrte.dll -- (NetMsmqActivator)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rtl8023.dll -- (ndasscsi)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\atitool.dll -- (naimagent32)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\oracleorahome92tnslistener.dll -- (mwstick)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\NEOFLTR_600_13319.dll -- (mwspollserver)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mxnic.dll -- (mrpostman)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\srv.dll -- (MRESP50)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mrobeservice.dll -- (mpservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\https-nassry.dll -- (modemcsa)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\NVXBAR.dll -- (mnsframework)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\wlsetupsvc.dll -- (Memctl)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pdlndoem.dll -- (megamonitorsrv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\wacomkey.dll -- (mcredirector)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ssm_mdfl.dll -- (mcafeeantispyware)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\CAMFLT.dll -- (MailService)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nimcdfxk.dll -- (ma763004)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\licenseservice.dll -- (lxrsge10s)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\M3AD.dll -- (lxcf_device)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\Video3D.dll -- (lxbt_device)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\TryAndDecideService.dll -- (lvupdtio)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\symevent.dll -- (lvtuner)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\dsproct.dll -- (lvpopflt)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rimusb.dll -- (LUsbKbd)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\MegaSR.dll -- (logmein)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ABVPN2K.dll -- (LMouKE)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pvservice.dll -- (LKbdFlt2)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\iPassPeriodicUpdateApp.dll -- (LHidUsbK)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\FlexBios.dll -- (lckfldservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cpqrcmc.dll -- (L6POD)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\kraidsvc.dll -- (kerbkey)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\wlancig.dll -- (k750obex)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\incdrm.dll -- (iviVD)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\secdrv.dll -- (InterBaseServer)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\EQDRV5.dll -- (int15.sys)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\aiclient.dll -- (imountsrv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\db2das00.dll -- (ibmsmbus)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\infrastructure.dll -- (ibmpmdrv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\genmcmn.dll -- (iap)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\uiusys.dll -- (iaimtv4)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\se2Bnd5.dll -- (hwpsgt)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tsp.dll -- (hsxhwazl)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nm.dll -- (HPSLPSVC)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SymIM.dll -- (hpqwmiex)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\IntelC51.dll -- (ghostsec)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\usbehci.dll -- (FlexBios)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\RalinkRegistryWriter.dll -- (flashcomadmin)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\fdc.dll -- (FireTDI)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\MxlW2k.dll -- (firelm01)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\beatjammusicstreamingserver.dll -- (FireHook)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\TUWinStylerThemeSvc.dll -- (filechecker)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\retrowdsvc.dll -- (FETNDIS)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rtl8029.dll -- (euq_monitor)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ncupdatesvc.dll -- (Epiusb)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\Sk9920nt.dll -- (epgspooler)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\websensecamreportserver.dll -- (emu10k1)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pgpserv.dll -- (emAudio)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\zfdwm.dll -- (elservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cpsvc.dll -- (ELmon)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\agpcpq.dll -- (EL90X)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\s716unic.dll -- (EKECioCtl)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\btkrnl.dll -- (EIO_XP)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ALABULK.dll -- (easdrv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\disk.dll -- (EACSvrMngr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\lightscribeservice.dll -- (e1express)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tsmapip.dll -- (dtscsi)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ASFWHide.dll -- (dntus26)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nchssvad.dll -- (dmio)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\PSDNServ.dll -- (d-link_st3402)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pae_avs.dll -- (dlbx_device)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ATIBTXBAR.dll -- (dlapoolm)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\odserv.dll -- (df5serv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ql1280.dll -- (deltafw)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ldlcserv.dll -- (DcLps)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nicconfigsvc.dll -- (DCamUSBGrandTek)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\XFX_program.dll -- (db2)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\smapint.dll -- (cwafrmiregistry)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\omsad.dll -- (curtainssyssvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\DgiVecp.dll -- (CrystalSysInfo)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\relational.dll -- (crystaloutputfileserver)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\dmboot.dll -- (cpqfcalm)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SE2Dmdfl.dll -- (contentindex)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\eventclientmultiplexer.dll -- (CnxTrLan)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\Defrag32b.dll -- (cmudau)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\iPassPeriodicUpdateService.dll -- (cdaudio)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pdframe.dll -- (ccdecode)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\retrolauncher.dll -- (CBTNDIS5)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ar5211.dll -- (carboniteservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\venturi2.dll -- (cachemgr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vpcvmm.dll -- (BVRPMPR5)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vhidmini.dll -- (Blfp)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nimcrpcsu.dll -- (bdrsdrv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\symwsc.dll -- (bdfdll)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\adiusbaw.dll -- (bcoreusb)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\winpowerrmi.dll -- (BCMTPM)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\TMHIDSRV.dll -- (bc_tdi_f)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\awlegacy.dll -- (avidstartup)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\inport.dll -- (avgio)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\PGPsdkDriver.dll -- (avgclean)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\VX3000.dll -- (AVCamUSB20)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\isapisearch.dll -- (atmarpc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\USB28xxBGA.dll -- (ativraxx)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\npkcrypt.dll -- (ATIBTXBAR)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\uphclean.dll -- (ATIBTCAP)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\webrootspysweeperservice.dll -- (atfsd)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\swwd.dll -- (asp.net_2.0.50727)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rp32service.dll -- (AsIO)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\UimBus.dll -- (asctrm)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\PGPdisk.dll -- (asc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rnadirectory.dll -- (ARPolicy)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cmpci.dll -- (armoucfltr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\slave.dll -- (ARCSOFTVIRTUALCAPTURE)
SRV - File not found [Auto | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (appmgmt)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rpcnet.dll -- (appdrv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\wg6n.dll -- (apache2)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sbpci.dll -- (amfilter)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SprintRcAppSvc.dll -- (ALYac_PZSrv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\imapiservice.dll -- (AlteraByteBlaster)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\splitter.dll -- (agpcpq)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\naveng.dll -- (advservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\hpqwmi.dll -- (aalogger)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\MA8032U.dll -- (3comtftp)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\zpmysql.dll -- ({a7447300-8075-4b0d-83f1-3d75c8ebc623})
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\fallback.dll -- ({95808DC4-FA4A-4c74-92FE-5B863F82066B})
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sglfb.dll -- ({85ccb53b-23d8-4e73-b1b7-9ddb71827d9b})
SRV - [2012/09/12 23:59:16 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/07/05 12:48:32 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/03/22 19:29:08 | 000,361,976 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2012/03/20 13:11:32 | 000,151,880 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\System32\mfevtps.exe -- (mfevtp)
SRV - [2012/03/20 13:05:00 | 000,161,632 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV - [2012/03/20 13:04:32 | 000,166,288 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV - [2011/02/28 18:44:14 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2011/02/24 04:03:24 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV - [2010/05/20 15:27:24 | 000,139,632 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2010/04/13 21:11:14 | 000,229,688 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee Online Backup\MOBKbackup.exe -- (MOBKbackup)
SRV - [2010/03/18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/10/30 02:54:19 | 000,647,680 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Running] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/07/30 04:03:26 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009/07/23 02:56:24 | 000,474,888 | ---- | M] (Motorola, Inc.) [Auto | Running] -- C:\Program Files\Motorola\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2009/07/23 02:55:46 | 003,473,672 | ---- | M] (Motorola, Inc.) [On_Demand | Running] -- C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe -- (Bluetooth Device Manager)
SRV - [2009/07/23 02:54:30 | 000,709,384 | ---- | M] (Motorola, Inc.) [On_Demand | Running] -- C:\Program Files\Motorola\Bluetooth\audiosrv.exe -- (Bluetooth Media Service)
SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/09 23:54:42 | 000,160,768 | ---- | M] (Micro-Star International Co., Ltd.) [Auto | Running] -- C:\Program Files\System Control Manager\MSIService.exe -- (Micro Star SCM)
SRV - [2007/01/04 20:48:50 | 000,112,152 | ---- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\RtsUCcid.sys -- (USBCCID)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\Rts516xIR.sys -- (RtsUIR)
DRV - File not found [Kernel | On_Demand | Stopped] -- E:\RESCUE\MGHwCtrl.sys -- (MGHwCtrl)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (mfeavfk01)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Martin\AppData\Local\Temp\CFcatchme.sys -- (CFcatchme)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Martin\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2012/02/22 13:29:46 | 000,464,304 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2012/02/22 13:29:46 | 000,340,920 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfefirek.sys -- (mfefirek)
DRV - [2012/02/22 13:29:46 | 000,180,848 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2012/02/22 13:29:46 | 000,169,608 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\mfewfpk.sys -- (mfewfpk)
DRV - [2012/02/22 13:29:46 | 000,121,544 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2012/02/22 13:29:46 | 000,087,656 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2012/02/22 13:29:46 | 000,064,912 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfenlfk.sys -- (mfenlfk)
DRV - [2012/02/22 13:29:46 | 000,059,456 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2012/02/22 13:29:46 | 000,057,600 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\cfwids.sys -- (cfwids)
DRV - [2010/10/20 14:43:08 | 000,007,680 | ---- | M] (MSI) [Kernel | On_Demand | Running] -- C:\Program Files\MSI\Live Update 5\NTIOLib.sys -- (NTIOLib_1_0_4)
DRV - [2010/05/20 15:27:26 | 001,961,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VX3000.sys -- (VX3000)
DRV - [2010/05/10 10:44:42 | 000,025,912 | ---- | M] (Your Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\MSI\Live Update 5\msibios32_100507.sys -- (MSI_MSIBIOS_010507)
DRV - [2010/04/13 21:10:22 | 000,054,776 | ---- | M] (Mozy, Inc.) [File_System | System | Running] -- C:\Windows\System32\drivers\MOBK.sys -- (MOBKFilter)
DRV - [2009/07/30 14:10:40 | 004,994,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009/07/14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009/07/13 23:13:45 | 001,068,032 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
DRV - [2009/07/13 22:01:42 | 000,516,608 | ---- | M] (Motorola, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btmusb.sys -- (BTMUSB)
DRV - [2009/07/10 01:13:30 | 000,040,448 | ---- | M] (Motorola, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btmcom.sys -- (BTMCOM)
DRV - [2009/06/29 22:30:50 | 000,027,008 | ---- | M] (Motorola, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btmhid.sys -- (btmhid)
DRV - [2009/06/24 11:23:12 | 000,159,776 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService)
DRV - [2009/06/04 09:45:48 | 000,166,912 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009/05/05 15:00:28 | 000,014,392 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie)
DRV - [2008/04/25 14:06:40 | 000,017,920 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV - [2007/04/17 21:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\regi.sys -- (regi)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: {f999a48b-1950-4d81-9971-79018f807b4b} - C:\Program Files\FreeOnlineRadioPlayerRecorder\prxtbFre0.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\URLSearchHook: {f999a48b-1950-4d81-9971-79018f807b4b} - C:\Program Files\FreeOnlineRadioPlayerRecorder\prxtbFre0.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{81BB7F73-58B4-44BC-B980-42A95D8974A1}: "URL" = http://uk.search.yah...p={SearchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: "Secure Search"
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledAddons: {D19CA586-DD6C-4a0a-96F8-14644F340D60}:14.4.1
FF - prefs.js..extensions.enabledAddons: {4ED1F68A-5463-4931-9384-8FFF5ED91D92}:3.4.1.195
FF - prefs.js..keyword.URL: "http://uk.search.yah...h?fr=mcafee&p="
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~1\mcafee\msc\npmcsn~1.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Martin\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2012/03/01 19:40:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files\Common Files\McAfee\SystemCore [2012/10/18 14:20:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/09/12 23:59:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2011/04/05 11:55:19 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Martin\AppData\Roaming\Mozilla\Extensions
[2012/08/28 08:24:29 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\tjwljtto.default\extensions
[2012/08/28 08:24:29 | 000,000,000 | ---D | M] (FreeOnlineRadioPlayerRecorder Community Toolbar) -- C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\tjwljtto.default\extensions\{f999a48b-1950-4d81-9971-79018f807b4b}
[2011/11/15 18:43:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/10/18 14:20:43 | 000,000,000 | ---D | M] (McAfee ScriptScan for Firefox) -- C:\PROGRAM FILES\COMMON FILES\MCAFEE\SYSTEMCORE
[2012/03/01 19:40:32 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES\MCAFEE\SITEADVISOR
[2012/09/12 23:59:17 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010/10/13 23:28:54 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files\mozilla firefox\components\Scriptff.dll
[2012/05/01 00:15:34 | 000,001,525 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2012/09/12 23:59:15 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/05/01 00:15:34 | 000,000,935 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2012/05/01 00:15:34 | 000,001,166 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2012/10/18 14:19:39 | 000,002,027 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2012/09/12 23:59:15 | 000,002,253 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
[2012/05/01 00:15:34 | 000,001,121 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2012/10/18 14:07:22 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll File not found
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\Mcafee\SystemCore\ScriptSn.20120510121353.dll (McAfee, Inc.)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (FreeOnlineRadioPlayerRecorder Toolbar) - {f999a48b-1950-4d81-9971-79018f807b4b} - C:\Program Files\FreeOnlineRadioPlayerRecorder\prxtbFre0.dll (Conduit Ltd.)
O2 - BHO: (SMTTB2009 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\HyperCam Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (FreeOnlineRadioPlayerRecorder Toolbar) - {f999a48b-1950-4d81-9971-79018f807b4b} - C:\Program Files\FreeOnlineRadioPlayerRecorder\prxtbFre0.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (FreeOnlineRadioPlayerRecorder Toolbar) - {F999A48B-1950-4D81-9971-79018F807B4B} - C:\Program Files\FreeOnlineRadioPlayerRecorder\prxtbFre0.dll (Conduit Ltd.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [BTMTrayAgent] C:\Program Files\Motorola\Bluetooth\btmshell.dll (Motorola, Inc.)
O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Live Update 5] C:\Program Files\MSI\Live Update 5\BootStartLiveupdate.exe ()
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [MGSysCtrl] C:\Program Files\System Control Manager\MGSysCtrl.exe (Micro-Star International Co., Ltd.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [VX3000] C:\Windows\vVX3000.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Facebook Update] C:\Users\Martin\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {F9043C85-F6F2-101A-A3C9-08002B2F49FB} ms-its:C:\Program Files\The Tournament Director 3\TD.lib::/comdlg32.cab (Microsoft Common Dialog Control, version 6.0 (SP6))
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A6F539D9-1C12-4D93-8E59-8CA02D96789B}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/10/18 14:18:37 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Local\{FA165E04-28FC-46C7-B223-124495B4E5EF}
[2012/10/18 13:37:13 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/10/17 18:47:48 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Martin\Desktop\OTL.exe
[2012/10/17 18:06:49 | 000,000,000 | ---D | C] -- C:\windows\System32\RTCOM
[2012/10/17 18:05:36 | 000,290,304 | ---- | C] (Dolby Laboratories, Inc.) -- C:\windows\System32\RH3DHT32.dll
[2012/10/17 18:05:36 | 000,290,304 | ---- | C] (Dolby Laboratories, Inc.) -- C:\windows\System32\RH3DAA32.dll
[2012/10/17 18:05:33 | 001,784,352 | ---- | C] (Waves Audio Ltd.) -- C:\windows\System32\WavesLib.dll
[2012/10/17 18:05:32 | 000,339,968 | ---- | C] (SRS Labs, Inc.) -- C:\windows\System32\SRSTSXT.dll
[2012/10/17 18:05:32 | 000,185,776 | ---- | C] (SRS Labs, Inc.) -- C:\windows\System32\SRSTSHD.dll
[2012/10/17 18:05:32 | 000,167,936 | ---- | C] (SRS Labs, Inc.) -- C:\windows\System32\SRSHP360.dll
[2012/10/17 18:05:32 | 000,135,168 | ---- | C] (SRS Labs, Inc.) -- C:\windows\System32\SRSWOW.dll
[2012/10/17 18:05:25 | 000,290,304 | ---- | C] (Dolby Laboratories, Inc.) -- C:\windows\System32\RP3DHT32.dll
[2012/10/17 18:05:25 | 000,290,304 | ---- | C] (Dolby Laboratories, Inc.) -- C:\windows\System32\RP3DAA32.dll
[2012/10/17 18:05:24 | 001,933,312 | ---- | C] (Waves Audio Ltd.) -- C:\windows\System32\MaxxAudioEQ.dll
[2012/10/17 18:05:24 | 000,159,744 | ---- | C] (Waves Audio Ltd.) -- C:\windows\System32\MaxxAudioAPO20.dll
[2012/10/17 18:05:24 | 000,126,976 | ---- | C] (Waves Audio Ltd.) -- C:\windows\System32\MaxxAudioAPO.dll
[2012/10/17 18:05:22 | 000,159,232 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\windows\System32\FMAPO.dll
[2012/10/17 13:58:44 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Local\{1D2F320D-D238-4816-B8FA-FA62A2CDA446}
[2012/10/16 17:51:39 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Local\{BC1DF122-08DC-4EAF-A7A5-8C0959D664A8}
[2012/10/10 13:20:05 | 000,000,000 | ---D | C] -- C:\ProgramData\erwpusqgodbisol
[2012/10/07 19:11:52 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Local\{C5642557-6557-4FBB-815C-7EF6B013A4BC}
[2012/10/05 00:18:42 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Local\{48C305F2-27F7-4FFC-AC0A-1A0BDDF0F386}
[2012/10/04 19:34:01 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012/10/03 11:47:12 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Local\{B41229D3-F08A-44F6-9355-E66C9839BBD8}
[2012/09/24 12:26:33 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Local\{DE6991EE-F9EA-4F9B-9A71-F3CFFA47D533}

========== Files - Modified Within 30 Days ==========

[2012/10/18 15:49:01 | 000,000,930 | -H-- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-1552212946-2046552680-650322686-1000UA.job
[2012/10/18 15:27:01 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2012/10/18 14:52:17 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/10/18 14:24:43 | 000,022,896 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/10/18 14:24:43 | 000,022,896 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/10/18 14:17:03 | 2616,696,832 | -HS- | M] () -- C:\hiberfil.sys
[2012/10/18 14:07:22 | 000,000,098 | ---- | M] () -- C:\windows\System32\drivers\etc\Hosts
[2012/10/18 00:49:00 | 000,000,908 | -H-- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-1552212946-2046552680-650322686-1000Core.job
[2012/10/17 18:47:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Martin\Desktop\OTL.exe
[2012/10/17 15:23:18 | 000,005,256 | ---- | M] () -- C:\Users\Martin\Desktop\mkm.reg
[2012/10/17 15:18:26 | 139,060,642 | ---- | M] () -- C:\Users\Martin\Documents\mkm2.reg
[2012/10/04 21:45:39 | 000,001,077 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

========== Files Created - No Company Name ==========

[2012/10/17 15:47:00 | 000,005,256 | ---- | C] () -- C:\Users\Martin\Desktop\wscsvc.reg
[2012/10/17 15:23:18 | 000,005,256 | ---- | C] () -- C:\Users\Martin\Desktop\mkm.reg
[2012/10/17 15:18:12 | 139,060,642 | ---- | C] () -- C:\Users\Martin\Documents\mkm2.reg
[2012/05/29 11:37:54 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe
[2012/05/29 11:37:54 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe
[2012/05/29 11:37:54 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe
[2012/05/29 11:37:54 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe
[2012/05/29 11:37:54 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe
[2012/05/24 14:21:54 | 000,000,056 | -H-- | C] () -- C:\windows\System32\ezsidmv.dat
[2011/02/25 00:48:36 | 000,000,096 | -H-- | C] () -- C:\ProgramData\CameraRecorder.ini

========== ZeroAccess Check ==========

[2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
[2012/10/18 14:19:30 | 000,005,120 | -HS- | M] () -- C:\windows\assembly\GAC\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
"ThreadingModel" = Both
"" = C:\$Recycle.Bin\S-1-5-21-1552212946-2046552680-650322686-1000\$09e7d81ee082c3ccf1679bba57bd5a4e\n. -- File not found

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/01/04 10:03:45 | 012,868,096 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\$Recycle.Bin\S-1-5-18\$09e7d81ee082c3ccf1679bba57bd5a4e\n.
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2011/07/26 11:47:48 | 000,000,000 | -H-D | M] -- C:\Users\Martin\AppData\Roaming\Get from YouTube
[2011/07/26 12:00:20 | 000,000,000 | -H-D | M] -- C:\Users\Martin\AppData\Roaming\Music Editor Free
[2012/05/06 15:47:04 | 000,000,000 | -H-D | M] -- C:\Users\Martin\AppData\Roaming\PacificPoker
[2012/04/14 14:52:52 | 000,000,000 | -H-D | M] -- C:\Users\Martin\AppData\Roaming\uTorrent

========== Purity Check ==========



< End of report >


Just going to do combofix now. Is it odd that OTL takes a long time to scan? like nearly an hour. I saw in a previous post you said its quite quick, but it freezes and says not responding for a long time whilst scanning firefox. just wondered.
  • 0

#6
Aspall38

Aspall38

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts
combofix:

ComboFix 12-10-18.03 - Martin 18/10/2012 16:58:05.6.2 - x86
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.44.1033.18.3327.2383 [GMT 1:00]
Running from: C:\Users\Martin\Downloads\ComboFix.exe
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}


((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\$RECYCLE.bin\S-1-5-21-1552212946-2046552680-650322686-1000\$09e7d81ee082c3ccf1679bba57bd5a4e\@
C:\$RECYCLE.bin\S-1-5-21-1552212946-2046552680-650322686-1000\$09e7d81ee082c3ccf1679bba57bd5a4e\n
C:\windows\assembly\GAC\Desktop.ini
C:\windows\system32\msstdfmt.dll

-- Previous Run --

Infected copy of C:\windows\system32\drivers\netbt.sys was found and disinfected
Restored copy from - The cat found it :)
C:\windows\system32\drivers\cdrom.sys was missing
Restored copy from - C:\windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys

--------


((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_de_serv
-------\Service_epsonstatusagent2
-------\Service_whoisd32
-------\Service_HRN
-------\Service_ROQXQWNU
-------\Service_SCMYIMZRLQLPY
-------\Service_VGTWWQGEA
-------\Service_YPQ


((((((((((((((((((((((((( Files Created from 2012-09-18 to 2012-10-18 )))))))))))))))))))))))))))))))


2012-10-18 16:11:47 . 2012-10-18 16:17:21 -------- d-----w- C:\Users\Martin\AppData\Local\temp
2012-10-18 16:11:47 . 2012-10-18 16:11:47 -------- d-----w- C:\Users\Default\AppData\Local\temp
2012-10-18 12:37:13 . 2012-10-18 12:37:13 -------- d-----w- C:\_OTL
2012-10-17 17:06:49 . 2012-10-17 17:06:50 -------- d-----w- C:\windows\system32\RTCOM
2012-10-10 12:20:05 . 2012-10-10 12:20:07 -------- d-----w- C:\ProgramData\erwpusqgodbisol
2012-10-04 18:34:01 . 2012-10-04 18:34:01 -------- d-----w- C:\Program Files\ESET
.


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2012-09-07 16:04:46 . 2011-04-06 18:00:34 22856 ----a-w- C:\windows\system32\drivers\mbam.sys



computer is running the same...
some desktop items have reappeared, but theres still no sound at the moment.
theres a small window that comes up sayign catalyst control centre has stopped working...but thats been there since about may...it doesnt seem to affect much...atleast it doesnt make the laptop unusable.

Otherwise i can't tell much difference, even though its obvious its fixed some stuff from the scan, and some icons have reappeared.
  • 0

#7
Aspall38

Aspall38

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts
sorry, combofix came up with another log. it was static for so long i assumed it was finished! here it is:

ComboFix 12-10-18.03 - Martin 18/10/2012 16:58:05.6.2 - x86
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.44.1033.18.3327.2383 [GMT 1:00]
Running from: c:\users\Martin\Downloads\ComboFix.exe
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\$recycle.bin\S-1-5-21-1552212946-2046552680-650322686-1000\$09e7d81ee082c3ccf1679bba57bd5a4e\@
c:\$recycle.bin\S-1-5-21-1552212946-2046552680-650322686-1000\$09e7d81ee082c3ccf1679bba57bd5a4e\n
c:\windows\assembly\GAC\Desktop.ini
c:\windows\system32\msstdfmt.dll
.
-- Previous Run --
.
Infected copy of c:\windows\system32\drivers\netbt.sys was found and disinfected
Restored copy from - The cat found it :)
c:\windows\system32\drivers\cdrom.sys was missing
Restored copy from - c:\windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys
.
--------
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_de_serv
-------\Service_epsonstatusagent2
-------\Service_whoisd32
-------\Service_HRN
-------\Service_ROQXQWNU
-------\Service_SCMYIMZRLQLPY
-------\Service_VGTWWQGEA
-------\Service_YPQ
.
.
((((((((((((((((((((((((( Files Created from 2012-09-18 to 2012-10-18 )))))))))))))))))))))))))))))))
.
.
2012-10-18 16:11 . 2012-10-18 16:17 -------- d-----w- c:\users\Martin\AppData\Local\temp
2012-10-18 16:11 . 2012-10-18 16:11 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-10-18 12:37 . 2012-10-18 12:37 -------- d-----w- C:\_OTL
2012-10-17 17:06 . 2012-10-17 17:06 -------- d-----w- c:\windows\system32\RTCOM
2012-10-10 12:20 . 2012-10-10 12:20 -------- d-----w- c:\programdata\erwpusqgodbisol
2012-10-04 18:34 . 2012-10-04 18:34 -------- d-----w- c:\program files\ESET
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-07 16:04 . 2011-04-06 18:00 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-12 22:59 . 2011-03-28 14:36 266720 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2010-10-13 22:28 . 2011-03-29 18:29 24376 ----a-w- c:\program files\mozilla firefox\components\Scriptff.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{f999a48b-1950-4d81-9971-79018f807b4b}"= "c:\program files\FreeOnlineRadioPlayerRecorder\prxtbFre0.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{f999a48b-1950-4d81-9971-79018f807b4b}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{f999a48b-1950-4d81-9971-79018f807b4b}]
2011-01-17 14:54 175912 ----a-w- c:\program files\FreeOnlineRadioPlayerRecorder\prxtbFre0.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{f999a48b-1950-4d81-9971-79018f807b4b}"= "c:\program files\FreeOnlineRadioPlayerRecorder\prxtbFre0.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{f999a48b-1950-4d81-9971-79018f807b4b}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{F999A48B-1950-4D81-9971-79018F807B4B}"= "c:\program files\FreeOnlineRadioPlayerRecorder\prxtbFre0.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{f999a48b-1950-4d81-9971-79018f807b4b}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK]
@="{3c3f3c1a-9153-7c05-f938-622e7003894d}"
[HKEY_CLASSES_ROOT\CLSID\{3c3f3c1a-9153-7c05-f938-622e7003894d}]
2010-04-13 20:11 2872120 ----a-w- c:\program files\McAfee Online Backup\MOBKshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK2]
@="{e6ea1d7d-144e-b977-98c4-84c53c1a69d0}"
[HKEY_CLASSES_ROOT\CLSID\{e6ea1d7d-144e-b977-98c4-84c53c1a69d0}]
2010-04-13 20:11 2872120 ----a-w- c:\program files\McAfee Online Backup\MOBKshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK3]
@="{b4caf489-1eec-c617-49ad-8d7088598c06}"
[HKEY_CLASSES_ROOT\CLSID\{b4caf489-1eec-c617-49ad-8d7088598c06}]
2010-04-13 20:11 2872120 ----a-w- c:\program files\McAfee Online Backup\MOBKshell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-01-26 15026056]
"Facebook Update"="c:\users\Martin\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-11 138096]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-30 98304]
"BTMTrayAgent"="c:\program files\Motorola\Bluetooth\btmshell.dll" [2009-07-23 17753352]
"MGSysCtrl"="c:\program files\System Control Manager\MGSysCtrl.exe" [2009-07-24 2068480]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2012-03-21 1318816]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"VX3000"="c:\windows\vVX3000.exe" [2010-05-20 762736]
"LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2010-05-20 119152]
"Live Update 5"="c:\program files\MSI\Live Update 5\BootStartLiveupdate.exe" [2012-01-30 315392]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-06-24 7596576]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
Unknown 3517
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
R3 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [x]
R3 BTMCOM;Bluetooth Serial Port;c:\windows\System32\Drivers\btmcom.sys [x]
R3 btmhid;btmhid;c:\windows\system32\DRIVERS\btmhid.sys [x]
R3 BTMUSB;Motorola Bluetooth Radio Service;c:\windows\system32\Drivers\btmusb.sys [x]
R3 CFcatchme;CFcatchme;c:\users\Martin\AppData\Local\Temp\CFcatchme.sys [x]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [x]
R3 MGHwCtrl;MGHwCtrl;e:\rescue\MGHwCtrl.sys [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [x]
S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [x]
S1 MOBKFilter;MOBKFilter;c:\windows\system32\DRIVERS\MOBK.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files\Motorola\Bluetooth\obexsrv.exe [x]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe [x]
S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe [x]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [x]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [x]
S2 Micro Star SCM;Micro Star SCM;c:\program files\System Control Manager\MSIService.exe [x]
S2 MOBKbackup;McAfee Online Backup;c:\program files\McAfee Online Backup\MOBKbackup.exe [x]
S2 regi;regi;c:\windows\system32\drivers\regi.sys [x]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [x]
S3 Bluetooth Device Manager;Bluetooth Device Manager;c:\program files\Motorola\Bluetooth\devmgrsrv.exe [x]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files\Motorola\Bluetooth\audiosrv.exe [x]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [x]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [x]
S3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507;c:\program files\MSI\Live Update 5\msibios32_100507.sys [x]
S3 netr28;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28.sys [x]
S3 NTIOLib_1_0_4;NTIOLib_1_0_4;c:\program files\MSI\Live Update 5\NTIOLib.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - mfeavfk01
.
Contents of the 'Scheduled Tasks' folder
.
2012-10-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-12 11:48]
.
2012-10-17 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1552212946-2046552680-650322686-1000Core.job
- c:\users\Martin\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-09-28 23:44]
.
2012-10-18 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1552212946-2046552680-650322686-1000UA.job
- c:\users\Martin\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-09-28 23:44]
.
.
------- Supplementary Scan -------
.
uStart Page =
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\tjwljtto.default\
FF - prefs.js: browser.search.selectedEngine - Secure Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://uk.search.yahoo.com/search?fr=mcafee&p=
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-HyperCam Toolbar - c:\program files\HyperCam Toolbar\UninstallToolbar.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1552212946-2046552680-650322686-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-1552212946-2046552680-650322686-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(1492)
c:\program files\McAfee Online Backup\MOBKshell.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\atieclxx.exe
c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\windows\system32\rundll32.exe
c:\program files\Microsoft LifeCam\MSCamS32.exe
c:\program files\Microsoft\BingBar\SeaPort.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\McAfee\SystemCore\mcshield.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\Common Files\McAfee\SystemCore\mfefire.exe
c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\windows\System32\rundll32.exe
c:\program files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
c:\program files\MSI\Live Update 5\LU5.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\Mozilla Firefox\firefox.exe
c:\program files\Mozilla Firefox\plugin-container.exe
c:\program files\Mozilla Firefox\plugin-container.exe
c:\windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe
c:\windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe
c:\progra~1\mcafee\SITEAD~1\saui.exe
.
**************************************************************************
.
Completion time: 2012-10-18 18:05:26 - machine was rebooted
ComboFix-quarantined-files.txt 2012-10-18 17:05
.
Pre-Run: 178,632,032,256 bytes free
Post-Run: 178,543,837,184 bytes free
.
- - End Of File - - 33CCE59DF0C3DB65DEC465BE844E47FA
  • 0

#8
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
One more to kill .. On completion can you let me know of any remaining problems

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the quotebox below into it:

Folder::
c:\programdata\erwpusqgodbisol



Save this as CFScript.txt, in the same location as ComboFix.exe


Posted Image

Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it will produce a log for you at C:\ComboFix.txt which I will require in your next reply.

THEN

Run a fresh FSS scan and post that please
  • 0

#9
Aspall38

Aspall38

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts
combofix:

ComboFix 12-10-18.03 - Martin 18/10/2012 19:18:16.7.2 - x86
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.44.1033.18.3327.2174 [GMT 1:00]
Running from: c:\users\Martin\Downloads\ComboFix.exe
Command switches used :: c:\users\Martin\Desktop\CFScript.txt
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2012-09-18 to 2012-10-18 )))))))))))))))))))))))))))))))
.
.
2012-10-18 18:31 . 2012-10-18 18:31 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-10-18 16:11 . 2012-10-18 18:31 -------- d-----w- c:\users\Martin\AppData\Local\temp
2012-10-18 12:37 . 2012-10-18 12:37 -------- d-----w- C:\_OTL
2012-10-17 17:06 . 2012-10-17 17:06 -------- d-----w- c:\windows\system32\RTCOM
2012-10-10 12:20 . 2012-10-10 12:20 -------- d-----w- c:\programdata\erwpusqgodbisol
2012-10-04 18:34 . 2012-10-04 18:34 -------- d-----w- c:\program files\ESET
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-07 16:04 . 2011-04-06 18:00 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-12 22:59 . 2011-03-28 14:36 266720 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2010-10-13 22:28 . 2011-03-29 18:29 24376 ----a-w- c:\program files\mozilla firefox\components\Scriptff.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{f999a48b-1950-4d81-9971-79018f807b4b}"= "c:\program files\FreeOnlineRadioPlayerRecorder\prxtbFre0.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{f999a48b-1950-4d81-9971-79018f807b4b}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{f999a48b-1950-4d81-9971-79018f807b4b}]
2011-01-17 14:54 175912 ----a-w- c:\program files\FreeOnlineRadioPlayerRecorder\prxtbFre0.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{f999a48b-1950-4d81-9971-79018f807b4b}"= "c:\program files\FreeOnlineRadioPlayerRecorder\prxtbFre0.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{f999a48b-1950-4d81-9971-79018f807b4b}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{F999A48B-1950-4D81-9971-79018F807B4B}"= "c:\program files\FreeOnlineRadioPlayerRecorder\prxtbFre0.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{f999a48b-1950-4d81-9971-79018f807b4b}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK]
@="{3c3f3c1a-9153-7c05-f938-622e7003894d}"
[HKEY_CLASSES_ROOT\CLSID\{3c3f3c1a-9153-7c05-f938-622e7003894d}]
2010-04-13 20:11 2872120 ----a-w- c:\program files\McAfee Online Backup\MOBKshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK2]
@="{e6ea1d7d-144e-b977-98c4-84c53c1a69d0}"
[HKEY_CLASSES_ROOT\CLSID\{e6ea1d7d-144e-b977-98c4-84c53c1a69d0}]
2010-04-13 20:11 2872120 ----a-w- c:\program files\McAfee Online Backup\MOBKshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK3]
@="{b4caf489-1eec-c617-49ad-8d7088598c06}"
[HKEY_CLASSES_ROOT\CLSID\{b4caf489-1eec-c617-49ad-8d7088598c06}]
2010-04-13 20:11 2872120 ----a-w- c:\program files\McAfee Online Backup\MOBKshell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-01-26 15026056]
"Facebook Update"="c:\users\Martin\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-11 138096]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-30 98304]
"BTMTrayAgent"="c:\program files\Motorola\Bluetooth\btmshell.dll" [2009-07-23 17753352]
"MGSysCtrl"="c:\program files\System Control Manager\MGSysCtrl.exe" [2009-07-24 2068480]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2012-03-21 1318816]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"VX3000"="c:\windows\vVX3000.exe" [2010-05-20 762736]
"LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2010-05-20 119152]
"Live Update 5"="c:\program files\MSI\Live Update 5\BootStartLiveupdate.exe" [2012-01-30 315392]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-06-24 7596576]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
Unknown 3517
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe [x]
R2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe [x]
R2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
R3 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [x]
R3 BTMCOM;Bluetooth Serial Port;c:\windows\System32\Drivers\btmcom.sys [x]
R3 btmhid;btmhid;c:\windows\system32\DRIVERS\btmhid.sys [x]
R3 BTMUSB;Motorola Bluetooth Radio Service;c:\windows\system32\Drivers\btmusb.sys [x]
R3 CFcatchme;CFcatchme;c:\users\Martin\AppData\Local\Temp\CFcatchme.sys [x]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [x]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [x]
R3 MGHwCtrl;MGHwCtrl;e:\rescue\MGHwCtrl.sys [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [x]
S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [x]
S1 MOBKFilter;MOBKFilter;c:\windows\system32\DRIVERS\MOBK.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files\Motorola\Bluetooth\obexsrv.exe [x]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [x]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [x]
S2 Micro Star SCM;Micro Star SCM;c:\program files\System Control Manager\MSIService.exe [x]
S2 MOBKbackup;McAfee Online Backup;c:\program files\McAfee Online Backup\MOBKbackup.exe [x]
S2 regi;regi;c:\windows\system32\drivers\regi.sys [x]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [x]
S3 Bluetooth Device Manager;Bluetooth Device Manager;c:\program files\Motorola\Bluetooth\devmgrsrv.exe [x]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files\Motorola\Bluetooth\audiosrv.exe [x]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [x]
S3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507;c:\program files\MSI\Live Update 5\msibios32_100507.sys [x]
S3 netr28;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28.sys [x]
S3 NTIOLib_1_0_4;NTIOLib_1_0_4;c:\program files\MSI\Live Update 5\NTIOLib.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - mfeavfk01
.
Contents of the 'Scheduled Tasks' folder
.
2012-10-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-12 11:48]
.
2012-10-17 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1552212946-2046552680-650322686-1000Core.job
- c:\users\Martin\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-09-28 23:44]
.
2012-10-18 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1552212946-2046552680-650322686-1000UA.job
- c:\users\Martin\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-09-28 23:44]
.
.
------- Supplementary Scan -------
.
uStart Page =
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\tjwljtto.default\
FF - prefs.js: browser.search.selectedEngine - Secure Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://uk.search.yahoo.com/search?fr=mcafee&p=
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1552212946-2046552680-650322686-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-1552212946-2046552680-650322686-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(2260)
c:\program files\McAfee Online Backup\MOBKshell.dll
.
Completion time: 2012-10-18 19:33:34
ComboFix-quarantined-files.txt 2012-10-18 18:33
ComboFix2.txt 2012-10-18 17:05
.
Pre-Run: 178,576,830,464 bytes free
Post-Run: 178,523,824,128 bytes free
.
- - End Of File - - EF943284904373887F917E817864FEC5




FSS:


Farbar Service Scanner Version: 27-05-2012
Ran by Martin (administrator) on 18-10-2012 at 19:37:42
Running from "C:\Users\Martin\Desktop"
Microsoft Windows 7 Home Premium (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.


Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\windows\system32\nsisvc.dll => MD5 is legit
C:\windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\windows\system32\dhcpcore.dll => MD5 is legit
C:\windows\system32\Drivers\afd.sys => MD5 is legit
C:\windows\system32\Drivers\tdx.sys => MD5 is legit
C:\windows\system32\Drivers\tcpip.sys
[2012-05-12 10:51] - [2012-03-30 11:29] - 1287024 ____A (Microsoft Corporation) 55E9965552741F3850CB22CBBA9671ED

C:\windows\system32\dnsrslvr.dll
[2011-04-14 19:24] - [2011-03-03 06:29] - 0132608 ____A (Microsoft Corporation) B15BE77A2BACF9C3177D27518AFE26A9

C:\windows\system32\mpssvc.dll
[2009-07-14 00:53] - [2009-07-14 02:15] - 0565760 ____A (Microsoft Corporation) 5CD996CECF45CBC3E8D109C86B82D69E

C:\windows\system32\bfe.dll
[2009-07-14 00:54] - [2009-07-14 02:14] - 0493568 ____A (Microsoft Corporation) 85AC71C045CEB054ED48A7841AAE0C11

C:\windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\windows\system32\SDRSVC.dll
[2009-07-14 00:23] - [2009-07-14 02:16] - 0125952 ____A (Microsoft Corporation) 5FD90ABDBFAEE85986802622CBB03446

C:\windows\system32\vssvc.exe
[2009-07-14 00:24] - [2009-07-14 02:14] - 1025536 ____A (Microsoft Corporation) 7EA2BCD94D9CFAF4C556F5CC94532A6C

C:\windows\system32\wscsvc.dll
[2011-02-23 18:43] - [2010-12-21 06:38] - 0073728 ____A (Microsoft Corporation) A661A76333057B383A06E65F0073222F

C:\windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\windows\system32\wuaueng.dll
[2009-07-14 01:15] - [2009-07-14 02:16] - 1912832 ____A (Microsoft Corporation) A33408CC036F9C08142B11BE5E93F0A1

C:\windows\system32\qmgr.dll
[2009-07-14 00:30] - [2009-07-14 02:16] - 0589312 ____A (Microsoft Corporation) 53F476476F55A27F580661BDE09C4EC4

C:\windows\system32\es.dll => MD5 is legit
C:\windows\system32\cryptsvc.dll => MD5 is legit
C:\windows\system32\svchost.exe => MD5 is legit
C:\windows\system32\rpcss.dll => MD5 is legit


**** End of log ****
  • 0

#10
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
A few services are still not running

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    Posted Image
:Files
c:\programdata\erwpusqgodbisol

:Commands
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

THEN

Download Windows Repair (all in one) from this site

Install the programme then run

Posted Image

Go to step 3 and allow it to run SFC
Posted Image


On the start repairs tab click start
Posted Image

Select the following items and tick restart system when finished
Posted Image
  • 0

Advertisements


#11
Aspall38

Aspall38

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts
otl:

OTL logfile created on: 10/18/2012 9:23:21 PM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Martin\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.25 Gb Total Physical Memory | 2.31 Gb Available Physical Memory | 70.97% Memory free
6.50 Gb Paging File | 5.35 Gb Available in Paging File | 82.32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 273.39 Gb Total Space | 175.34 Gb Free Space | 64.13% Space Free | Partition Type: NTFS
Drive D: | 182.27 Gb Total Space | 179.73 Gb Free Space | 98.61% Space Free | Partition Type: NTFS

Computer Name: MARTIN-MSI | User Name: Martin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/10/17 18:47:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Martin\Desktop\OTL.exe
PRC - [2012/09/18 11:05:12 | 001,927,736 | ---- | M] (Micro-Star International) -- C:\Program Files\MSI\Live Update 5\LU5.exe
PRC - [2012/03/21 21:16:10 | 001,318,816 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2012/03/20 13:11:32 | 000,151,880 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\mfevtps.exe
PRC - [2012/03/20 13:05:00 | 000,161,632 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\Mcafee\SystemCore\mfefire.exe
PRC - [2012/03/20 13:04:32 | 000,166,288 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\Mcafee\SystemCore\mcshield.exe
PRC - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
PRC - [2010/11/20 13:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/10/29 14:49:28 | 000,505,064 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2010/10/27 19:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010/08/25 12:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
PRC - [2010/05/20 15:27:26 | 000,762,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\vVX3000.exe
PRC - [2010/05/20 15:27:24 | 000,139,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2010/04/13 21:11:14 | 000,229,688 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Online Backup\MOBKbackup.exe
PRC - [2010/03/18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2009/10/30 02:54:19 | 000,647,680 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
PRC - [2009/07/30 04:03:56 | 000,348,160 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2009/07/30 04:03:26 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2009/07/24 17:52:08 | 002,068,480 | ---- | M] (Micro-Star International Co., Ltd.) -- C:\Program Files\System Control Manager\MGSysCtrl.exe
PRC - [2009/07/23 02:56:24 | 000,474,888 | ---- | M] (Motorola, Inc.) -- C:\Program Files\Motorola\Bluetooth\obexsrv.exe
PRC - [2009/07/23 02:55:46 | 003,473,672 | ---- | M] (Motorola, Inc.) -- C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
PRC - [2009/07/23 02:54:30 | 000,709,384 | ---- | M] (Motorola, Inc.) -- C:\Program Files\Motorola\Bluetooth\audiosrv.exe
PRC - [2009/07/09 23:54:42 | 000,160,768 | ---- | M] (Micro-Star International Co., Ltd.) -- C:\Program Files\System Control Manager\MSIService.exe
PRC - [2007/01/04 20:48:50 | 000,112,152 | ---- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe


========== Modules (No Company Name) ==========

MOD - [2012/10/18 21:05:55 | 012,432,896 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\3afcd5168c7a6cb02eab99d7fd71e102\System.Windows.Forms.ni.dll
MOD - [2012/10/18 21:05:05 | 000,771,584 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\5cae93d923c8378370758489e5535820\System.Runtime.Remoting.ni.dll
MOD - [2012/10/18 21:04:41 | 011,819,520 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\da5da08245467818759aa44c4eb948e1\System.Web.ni.dll
MOD - [2012/10/18 21:04:19 | 001,587,200 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\dbfe8642a8ed7b2b103ad28e0c96418a\System.Drawing.ni.dll
MOD - [2012/10/18 21:03:57 | 005,453,312 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\461d3b6b3f43e6fbe6c897d5936e17e4\System.Xml.ni.dll
MOD - [2012/10/18 21:03:32 | 000,971,264 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bc09ad2d49d8535371845cd7532f9271\System.Configuration.ni.dll
MOD - [2012/10/18 21:03:29 | 007,963,136 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\9e0a3b9b9f457233a335d7fba8f95419\System.ni.dll
MOD - [2012/10/18 21:02:52 | 011,490,304 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\62a0b3e4b40ec0e8c5cfaa0c8848e64a\mscorlib.ni.dll
MOD - [2009/10/30 02:49:05 | 001,736,704 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3497.38503__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2009/10/30 02:49:05 | 000,950,272 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Dashboard\2.0.3497.38605__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Dashboard.dll
MOD - [2009/10/30 02:49:05 | 000,782,336 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3497.38531__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2009/10/30 02:49:05 | 000,491,520 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3497.38578__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2009/10/30 02:49:05 | 000,409,600 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3497.38552__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2009/10/30 02:49:05 | 000,339,968 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3497.38484__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2009/10/30 02:49:05 | 000,331,776 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3497.38544__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2009/10/30 02:49:05 | 000,204,800 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3497.38505__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2009/10/30 02:49:05 | 000,196,608 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3497.38505__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2009/10/30 02:49:05 | 000,118,784 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.3497.38577__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll
MOD - [2009/10/30 02:49:05 | 000,094,208 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3497.38544__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2009/10/30 02:49:05 | 000,094,208 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3497.38536__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2009/10/30 02:49:05 | 000,081,920 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3497.38530__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2009/10/30 02:49:05 | 000,077,824 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3497.38558__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2009/10/30 02:49:05 | 000,073,728 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3497.38493__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2009/10/30 02:49:05 | 000,065,536 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3497.38539__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2009/10/30 02:49:05 | 000,061,440 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3497.38543__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2009/10/30 02:49:05 | 000,045,056 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3497.38579__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2009/10/30 02:49:05 | 000,045,056 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3497.38577__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll
MOD - [2009/10/30 02:49:05 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3497.38499__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2009/10/30 02:49:05 | 000,036,864 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3497.38536__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2009/10/30 02:49:05 | 000,036,864 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3497.38529__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2009/10/30 02:49:05 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3497.38493__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2009/10/30 02:49:04 | 000,573,440 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3497.38506__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2009/10/30 02:49:04 | 000,393,216 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3497.38530__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2009/10/30 02:49:04 | 000,360,448 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3497.38525__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2009/10/30 02:49:04 | 000,315,392 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3497.38538__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll
MOD - [2009/10/30 02:49:04 | 000,307,200 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3497.38510__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll
MOD - [2009/10/30 02:49:04 | 000,270,336 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2009/10/30 02:49:04 | 000,098,304 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3428.28305__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2009/10/30 02:49:04 | 000,094,208 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3428.28298__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2009/10/30 02:49:04 | 000,061,440 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3497.38529__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2009/10/30 02:49:04 | 000,053,248 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3428.28315__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2009/10/30 02:49:04 | 000,045,056 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2009/10/30 02:49:04 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3428.28324__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2009/10/30 02:49:04 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3497.38509__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2009/10/30 02:49:04 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3497.38530__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2009/10/30 02:49:04 | 000,032,768 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3428.28296__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2009/10/30 02:49:04 | 000,032,768 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3497.38537__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2009/10/30 02:49:04 | 000,028,672 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3428.28297__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2009/10/30 02:49:04 | 000,028,672 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3428.28354__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2009/10/30 02:49:04 | 000,028,672 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3428.28323__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll
MOD - [2009/10/30 02:49:04 | 000,024,576 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3428.28304__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2009/10/30 02:49:04 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3428.28308__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2009/10/30 02:49:04 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3428.28302__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2009/10/30 02:49:04 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3428.28304__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2009/10/30 02:49:04 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3428.28302__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2009/10/30 02:49:04 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3428.28310__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2009/10/30 02:49:04 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2009/10/30 02:49:04 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3428.28324__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2009/10/30 02:49:04 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2009/10/30 02:49:04 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3428.28303__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2009/10/30 02:49:04 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3428.28313__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2009/10/30 02:49:04 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3428.28312__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2009/10/30 02:49:04 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3428.28311__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
MOD - [2009/10/30 02:49:04 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3428.28329__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll
MOD - [2009/10/30 02:49:04 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3428.28327__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2009/10/30 02:49:04 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3428.28311__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2009/10/30 02:49:04 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3428.28327__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2009/10/30 02:49:04 | 000,007,168 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2009/10/30 02:49:03 | 001,212,416 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3497.38489__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2009/10/30 02:49:03 | 000,651,264 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3497.38603__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll
MOD - [2009/10/30 02:49:03 | 000,552,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3497.38567__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2009/10/30 02:49:03 | 000,405,504 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3497.38498__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2009/10/30 02:49:03 | 000,106,496 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3497.38572__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2009/10/30 02:49:03 | 000,065,536 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3497.38571__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2009/10/30 02:49:03 | 000,065,536 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3428.28316__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2009/10/30 02:49:03 | 000,057,344 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3497.38483__90ba9c70f846762e\CLI.Component.SkinFactory.dll
MOD - [2009/10/30 02:49:03 | 000,057,344 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3497.38481__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2009/10/30 02:49:03 | 000,053,248 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3428.28314__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2009/10/30 02:49:03 | 000,053,248 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3428.28314__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2009/10/30 02:49:03 | 000,049,152 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3428.28314__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2009/10/30 02:49:03 | 000,045,056 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3428.28311__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2009/10/30 02:49:03 | 000,045,056 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3497.38584__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2009/10/30 02:49:03 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3428.28301__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2009/10/30 02:49:03 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3428.28308__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2009/10/30 02:49:03 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3428.28315__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2009/10/30 02:49:03 | 000,036,864 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3428.28303__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2009/10/30 02:49:03 | 000,032,768 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3428.28309__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2009/10/30 02:49:03 | 000,032,768 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2009/10/30 02:49:03 | 000,028,672 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3428.28313__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2009/10/30 02:49:03 | 000,028,672 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3428.28312__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2009/10/30 02:49:03 | 000,028,672 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3428.28311__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2009/10/30 02:49:03 | 000,024,576 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3428.28311__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2009/10/30 02:49:03 | 000,024,576 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3428.28314__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2009/10/30 02:49:03 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3428.28303__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll
MOD - [2009/10/30 02:49:03 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3428.28310__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2009/10/30 02:49:03 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3428.28309__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2009/10/30 02:49:03 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3428.28316__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2009/10/30 02:49:03 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3428.28312__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2009/10/30 02:49:03 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\APM.Foundation\2.0.3428.28310__90ba9c70f846762e\APM.Foundation.dll
MOD - [2009/10/30 02:49:03 | 000,019,456 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3497.38572__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2009/10/30 02:49:03 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3428.28304__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2009/10/30 02:49:03 | 000,007,168 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3497.38479__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2009/10/30 02:49:02 | 000,061,440 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\APM.Server\2.0.3497.38481__90ba9c70f846762e\APM.Server.dll
MOD - [2009/10/30 02:49:02 | 000,045,056 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Server\2.0.3497.38480__90ba9c70f846762e\AEM.Server.dll


========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vmkbd2.dll -- (zpsc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\odclientservice.dll -- (zebrmdm)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\eaps2kbd.dll -- (z525obex)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tvald.dll -- (yukonwxp)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mhn.dll -- (yats32)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ldap.dll -- (Xyz777b)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\trackcam4.dll -- (XUIF)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\qmofiltr.dll -- (XFX_program)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mdmxsdk.dll -- (Wuser32)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\adsexpb.dll -- (WUSB54Gv4SVC)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pctavsvc.dll -- (wps)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\AEADIFilters.dll -- (WmHidLo)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\simbad.dll -- (WmaCDriverV32)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\w800bus.dll -- (wlancfg)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\awservice.dll -- (wkscfgsrv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nvcap.dll -- (winproxy)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\epfwtdi.dll -- (WINIO)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nwlnkflt.dll -- (webupdate)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cebdaldr.dll -- (websenseuserservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\hotspotshieldservice.dll -- (websensepolicyserver)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pctoolsfirewallplus.dll -- (websensecamserver)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cvsnt.dll -- (websensecamreportserver)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ups.dll -- (webrootenterpriseclientservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\null.dll -- (Wbutton)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\HWSCtrl.dll -- (was)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ibmsmbus.dll -- (W8335XP)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\firesvc.dll -- (w800obex)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\CTSBLFX.DLL.dll -- (w550bus)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\hamachi.dll -- (W2acehid)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\dsbrokerservice.dll -- (VrAcFil)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\DSI_SiUSBXp_3_1.dll -- (vpcnfltr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\Hardlock.dll -- (vncdrv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rdnaoflsvc.dll -- (Via4in1)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\issuser.dll -- (vhidmini)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\regmon701.dll -- (vcsw)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\adobeactivefilemonitor5.0.dll -- (VC6SecS)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\CVPNDRVA.dll -- (VAIOMediaPlatform-VideoServer-HTTP)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\zumbus.dll -- (V0080Dev)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mstdfrgs.dll -- (UxTuneUp)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\snpstd.dll -- (usprserv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\PTDCBus.dll -- (uscbs108)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\bdss.dll -- (usbsermptxp)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\atiavaiw.dll -- (USB28xxOEM)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\curtainssyssvc.dll -- (uploadmgr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cqmghost.dll -- (ufdsvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\viairda.dll -- (UDFReadr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\VAIOMediaPlatform-VideoServer-HTTP.dll -- (U3sHlpDr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\wintabservice.dll -- (U2SP)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\3comtftp.dll -- (tvicport)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\wlankeeper.dll -- (TUWinStylerThemeSvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\v124.dll -- (tunnelguardservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\wmdmpmsn.dll -- (TSHWMDTCP)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\atixsaudio.dll -- (trlokom_rmhsvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mfesmfk.dll -- (transbaseservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\netddedsdm.dll -- (transactional)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vmparport.dll -- (TPM)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\hsfhwazl.dll -- (tphkdrv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\gs30s.dll -- (tng-doba)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\o2flash.dll -- (TNaviSrv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\Xyz777b.dll -- (tmtdi)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vserial.dll -- (tmesrv3)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mnsframework.dll -- (tmactmon)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\E1000.dll -- (tlntsvr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\wltwo51b.dll -- (thotkey)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\uclauncherservice.dll -- (tfsndrct)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\lxcr_device.dll -- (tdsmapi)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nsm1serd.dll -- (tdrpman174)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\hwpsgt.dll -- (T6963C)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tifmsony.dll -- (symndis)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\NWUSBModem.dll -- (sweepsrv.sys)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\usrbridg.dll -- (ss_mdm)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\stylexpservice.dll -- (SRTSPL)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cicssfs.scmmc223.dll -- (SQTECH9080)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ithsgt.dll -- (spupdsvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\wg111nd5.dll -- (Spsmqvsm)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\backuplauncher.dll -- (speedfan)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\k750mdfl.dll -- (spbbcsvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\LRMINIPORT.dll -- (SNMP)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tfsnudf.dll -- (SndTDriverV32)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\lsdiorw.dll -- (SlNtHal)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\penrendezvous.dll -- (slave)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\HFACSVC.dll -- (slabser)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\Si3132.dll -- (sit_mdm)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tosrfsnd.dll -- (sgeclient)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\c34nb4c5.dll -- (sfvfs02)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\msk80service.dll -- (sfhlp01)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\savrtpel.dll -- (servicelayer)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\dxdebug.dll -- (SerTVOutCtlr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SQLWriter.dll -- (SED133x)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\NMSAccessU.dll -- (se44obex)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sony_ssm.sys.dll -- (se44nd5)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\BrPar.dll -- (SE2Cmgmt)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pwkntmon.dll -- (SE2Bmdm)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ONSIO.dll -- (SE26mgmt)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ASInsHelp.dll -- (sdcplh)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\clr_optimization_v2.0.50727_32.dll -- (ScanUSBEMPIA)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\WmVirHid.dll -- (savrtpel)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\zpsc.dll -- (sagefserver)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ATSWPDRV.dll -- (s716obex)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\arc.dll -- (s616unic)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\DritekPortIO.dll -- (s616mdm)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\NSSvcMgr.dll -- (s3ssavage)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ACDaemon.dll -- (s117obex)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\appmgmt.dll -- (s116bus)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\MA_CMIDI.dll -- (RTSTOR)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tifm.dll -- (RTL8169)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rrrspy.dll -- (rsvp)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SE2Cmdfl.dll -- (RR2Vbi)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\svchost.dll -- (rp32service)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ofcservice.dll -- (roxupnpserver)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ctljystk.dll -- (roxmediadb9)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\s117bus.dll -- (roxmediadb)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SWNC8U20.dll -- (ROCKEYNT)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\winss.dll -- (rmedia)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\oracle_load_balancer_60_client-forms6i.dll -- (rismxdp)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tones.dll -- (rimusb)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\PCDRSRVC.dll -- (rapapp)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\motoswitchservice.dll -- (raidmagt)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\e1express.dll -- (racsvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\3c1807pd.dll -- (ql12160)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ROB_V.dll -- (proxyhostdriver)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\VSP1284D.dll -- (prohlp02)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sr_watchdog.dll -- (prodrv06)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tpkd.dll -- (prevxagent)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\inetaccs.dll -- (pinetmgr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\dpfusmgr.dll -- (pdlndtdl)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nmraapache.dll -- (pdlndint)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\GoToAssist.dll -- (pdlncbas)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cdr4_2k.dll -- (pctavsvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\symantecantibotagent.dll -- (pcidrv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\om518p.dll -- (PciBus)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\noipducservice.dll -- (pcctlcom)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\netdevio.dll -- (p1131vid)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\{e2b953a6-195a-44f9-9ba3-3d5f4e32bb55}.dll -- (oracleorahometnslistener)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\DCamUSBMke2.dll -- (oracleorahomedatagatherer)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\v2imount.dll -- (oracleorahome811cmadmin)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\CdaD10BA.dll -- (oracle_load_balancer_60_server-forms6ip14)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ssmdrv.dll -- (oracle%oracle_home_service%clientcache80)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\winpppoverethernet.dll -- (OneCareMP)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\spsslm.dll -- (olregcap)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tfsnifs.dll -- (nwlnkspx)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\AsuhfivrO.dll -- (nwlnkflt)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\CTMFLT.dll -- (NWHOST)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\z525mdm.dll -- (nvnforce)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\Subsonic.dll -- (nvatabus)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pcx1nd5.dll -- (ntsecure)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nipsvc.dll -- (NTACCESS)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\wmccds.dll -- (nsysaudm)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\AR5416.dll -- (nsausvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\{a7447300-8075-4b0d-83f1-3d75c8ebc623}.dll -- (nmservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rfcomm.dll -- (nmap)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mcredirector.dll -- (nipsvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\atinevxx.dll -- (nimxdfk)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\bgs_sdservice.dll -- (nimcrpcsu)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\btserial.dll -- (nic1394)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\se58mgmt.dll -- (networkx)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mcvsrte.dll -- (NetMsmqActivator)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rtl8023.dll -- (ndasscsi)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\atitool.dll -- (naimagent32)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\oracleorahome92tnslistener.dll -- (mwstick)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\NEOFLTR_600_13319.dll -- (mwspollserver)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mxnic.dll -- (mrpostman)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\srv.dll -- (MRESP50)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mrobeservice.dll -- (mpservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\https-nassry.dll -- (modemcsa)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\NVXBAR.dll -- (mnsframework)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\wlsetupsvc.dll -- (Memctl)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pdlndoem.dll -- (megamonitorsrv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\wacomkey.dll -- (mcredirector)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ssm_mdfl.dll -- (mcafeeantispyware)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\CAMFLT.dll -- (MailService)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nimcdfxk.dll -- (ma763004)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\licenseservice.dll -- (lxrsge10s)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\M3AD.dll -- (lxcf_device)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\Video3D.dll -- (lxbt_device)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\TryAndDecideService.dll -- (lvupdtio)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\symevent.dll -- (lvtuner)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\dsproct.dll -- (lvpopflt)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rimusb.dll -- (LUsbKbd)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\MegaSR.dll -- (logmein)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ABVPN2K.dll -- (LMouKE)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pvservice.dll -- (LKbdFlt2)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\iPassPeriodicUpdateApp.dll -- (LHidUsbK)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\FlexBios.dll -- (lckfldservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cpqrcmc.dll -- (L6POD)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\kraidsvc.dll -- (kerbkey)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\wlancig.dll -- (k750obex)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\incdrm.dll -- (iviVD)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\secdrv.dll -- (InterBaseServer)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\EQDRV5.dll -- (int15.sys)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\aiclient.dll -- (imountsrv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\db2das00.dll -- (ibmsmbus)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\infrastructure.dll -- (ibmpmdrv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\genmcmn.dll -- (iap)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\uiusys.dll -- (iaimtv4)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\se2Bnd5.dll -- (hwpsgt)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tsp.dll -- (hsxhwazl)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nm.dll -- (HPSLPSVC)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SymIM.dll -- (hpqwmiex)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\IntelC51.dll -- (ghostsec)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\usbehci.dll -- (FlexBios)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\RalinkRegistryWriter.dll -- (flashcomadmin)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\fdc.dll -- (FireTDI)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\MxlW2k.dll -- (firelm01)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\beatjammusicstreamingserver.dll -- (FireHook)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\TUWinStylerThemeSvc.dll -- (filechecker)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\retrowdsvc.dll -- (FETNDIS)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rtl8029.dll -- (euq_monitor)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ncupdatesvc.dll -- (Epiusb)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\Sk9920nt.dll -- (epgspooler)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\websensecamreportserver.dll -- (emu10k1)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pgpserv.dll -- (emAudio)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\zfdwm.dll -- (elservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cpsvc.dll -- (ELmon)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\agpcpq.dll -- (EL90X)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\s716unic.dll -- (EKECioCtl)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\btkrnl.dll -- (EIO_XP)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ALABULK.dll -- (easdrv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\disk.dll -- (EACSvrMngr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\lightscribeservice.dll -- (e1express)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tsmapip.dll -- (dtscsi)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ASFWHide.dll -- (dntus26)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nchssvad.dll -- (dmio)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\PSDNServ.dll -- (d-link_st3402)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pae_avs.dll -- (dlbx_device)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ATIBTXBAR.dll -- (dlapoolm)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\odserv.dll -- (df5serv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ql1280.dll -- (deltafw)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ldlcserv.dll -- (DcLps)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nicconfigsvc.dll -- (DCamUSBGrandTek)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\XFX_program.dll -- (db2)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\smapint.dll -- (cwafrmiregistry)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\omsad.dll -- (curtainssyssvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\DgiVecp.dll -- (CrystalSysInfo)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\relational.dll -- (crystaloutputfileserver)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\dmboot.dll -- (cpqfcalm)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SE2Dmdfl.dll -- (contentindex)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\eventclientmultiplexer.dll -- (CnxTrLan)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\Defrag32b.dll -- (cmudau)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\iPassPeriodicUpdateService.dll -- (cdaudio)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pdframe.dll -- (ccdecode)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\retrolauncher.dll -- (CBTNDIS5)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ar5211.dll -- (carboniteservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\venturi2.dll -- (cachemgr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vpcvmm.dll -- (BVRPMPR5)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vhidmini.dll -- (Blfp)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nimcrpcsu.dll -- (bdrsdrv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\symwsc.dll -- (bdfdll)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\adiusbaw.dll -- (bcoreusb)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\winpowerrmi.dll -- (BCMTPM)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\TMHIDSRV.dll -- (bc_tdi_f)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\awlegacy.dll -- (avidstartup)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\inport.dll -- (avgio)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\PGPsdkDriver.dll -- (avgclean)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\VX3000.dll -- (AVCamUSB20)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\isapisearch.dll -- (atmarpc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\USB28xxBGA.dll -- (ativraxx)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\npkcrypt.dll -- (ATIBTXBAR)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\uphclean.dll -- (ATIBTCAP)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\webrootspysweeperservice.dll -- (atfsd)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\swwd.dll -- (asp.net_2.0.50727)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rp32service.dll -- (AsIO)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\UimBus.dll -- (asctrm)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\PGPdisk.dll -- (asc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rnadirectory.dll -- (ARPolicy)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cmpci.dll -- (armoucfltr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\slave.dll -- (ARCSOFTVIRTUALCAPTURE)
SRV - File not found [Auto | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (appmgmt)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rpcnet.dll -- (appdrv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\wg6n.dll -- (apache2)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sbpci.dll -- (amfilter)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SprintRcAppSvc.dll -- (ALYac_PZSrv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\imapiservice.dll -- (AlteraByteBlaster)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\splitter.dll -- (agpcpq)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\naveng.dll -- (advservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\hpqwmi.dll -- (aalogger)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\MA8032U.dll -- (3comtftp)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\zpmysql.dll -- ({a7447300-8075-4b0d-83f1-3d75c8ebc623})
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\fallback.dll -- ({95808DC4-FA4A-4c74-92FE-5B863F82066B})
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sglfb.dll -- ({85ccb53b-23d8-4e73-b1b7-9ddb71827d9b})
SRV - [2012/09/12 23:59:16 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/07/05 12:48:32 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/03/22 19:29:08 | 000,361,976 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2012/03/20 13:11:32 | 000,151,880 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\System32\mfevtps.exe -- (mfevtp)
SRV - [2012/03/20 13:05:00 | 000,161,632 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV - [2012/03/20 13:04:32 | 000,166,288 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV - [2011/02/28 18:44:14 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2011/02/24 04:03:24 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV - [2010/05/20 15:27:24 | 000,139,632 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2010/04/13 21:11:14 | 000,229,688 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee Online Backup\MOBKbackup.exe -- (MOBKbackup)
SRV - [2010/03/18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/10/30 02:54:19 | 000,647,680 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Running] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/07/30 04:03:26 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009/07/23 02:56:24 | 000,474,888 | ---- | M] (Motorola, Inc.) [Auto | Running] -- C:\Program Files\Motorola\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2009/07/23 02:55:46 | 003,473,672 | ---- | M] (Motorola, Inc.) [On_Demand | Running] -- C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe -- (Bluetooth Device Manager)
SRV - [2009/07/23 02:54:30 | 000,709,384 | ---- | M] (Motorola, Inc.) [On_Demand | Running] -- C:\Program Files\Motorola\Bluetooth\audiosrv.exe -- (Bluetooth Media Service)
SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/07/09 23:54:42 | 000,160,768 | ---- | M] (Micro-Star International Co., Ltd.) [Auto | Running] -- C:\Program Files\System Control Manager\MSIService.exe -- (Micro Star SCM)
SRV - [2007/01/04 20:48:50 | 000,112,152 | ---- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\RtsUCcid.sys -- (USBCCID)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\Rts516xIR.sys -- (RtsUIR)
DRV - File not found [Kernel | On_Demand | Stopped] -- E:\RESCUE\MGHwCtrl.sys -- (MGHwCtrl)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (mfeavfk01)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Martin\AppData\Local\Temp\CFcatchme.sys -- (CFcatchme)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Martin\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2012/02/22 13:29:46 | 000,464,304 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2012/02/22 13:29:46 | 000,340,920 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfefirek.sys -- (mfefirek)
DRV - [2012/02/22 13:29:46 | 000,180,848 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2012/02/22 13:29:46 | 000,169,608 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\mfewfpk.sys -- (mfewfpk)
DRV - [2012/02/22 13:29:46 | 000,121,544 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2012/02/22 13:29:46 | 000,087,656 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2012/02/22 13:29:46 | 000,064,912 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfenlfk.sys -- (mfenlfk)
DRV - [2012/02/22 13:29:46 | 000,059,456 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2012/02/22 13:29:46 | 000,057,600 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\cfwids.sys -- (cfwids)
DRV - [2010/11/20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/10/20 14:43:08 | 000,007,680 | ---- | M] (MSI) [Kernel | On_Demand | Running] -- C:\Program Files\MSI\Live Update 5\NTIOLib.sys -- (NTIOLib_1_0_4)
DRV - [2010/05/20 15:27:26 | 001,961,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VX3000.sys -- (VX3000)
DRV - [2010/05/10 10:44:42 | 000,025,912 | ---- | M] (Your Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\MSI\Live Update 5\msibios32_100507.sys -- (MSI_MSIBIOS_010507)
DRV - [2010/04/13 21:10:22 | 000,054,776 | ---- | M] (Mozy, Inc.) [File_System | System | Running] -- C:\Windows\System32\drivers\MOBK.sys -- (MOBKFilter)
DRV - [2009/07/30 14:10:40 | 004,994,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009/07/13 23:13:45 | 001,068,032 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
DRV - [2009/07/13 22:01:42 | 000,516,608 | ---- | M] (Motorola, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btmusb.sys -- (BTMUSB)
DRV - [2009/07/10 01:13:30 | 000,040,448 | ---- | M] (Motorola, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btmcom.sys -- (BTMCOM)
DRV - [2009/06/29 22:30:50 | 000,027,008 | ---- | M] (Motorola, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btmhid.sys -- (btmhid)
DRV - [2009/06/24 11:23:12 | 000,159,776 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService)
DRV - [2009/06/04 09:45:48 | 000,166,912 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009/05/05 15:00:28 | 000,014,392 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie)
DRV - [2008/04/25 14:06:40 | 000,017,920 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV - [2007/04/17 21:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\regi.sys -- (regi)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: {f999a48b-1950-4d81-9971-79018f807b4b} - C:\Program Files\FreeOnlineRadioPlayerRecorder\prxtbFre0.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\URLSearchHook: {f999a48b-1950-4d81-9971-79018f807b4b} - C:\Program Files\FreeOnlineRadioPlayerRecorder\prxtbFre0.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{81BB7F73-58B4-44BC-B980-42A95D8974A1}: "URL" = http://uk.search.yah...p={SearchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: "Secure Search"
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledAddons: {D19CA586-DD6C-4a0a-96F8-14644F340D60}:14.4.1
FF - prefs.js..extensions.enabledAddons: {4ED1F68A-5463-4931-9384-8FFF5ED91D92}:3.4.1.195
FF - prefs.js..keyword.URL: "http://uk.search.yah...h?fr=mcafee&p="
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~1\mcafee\msc\npmcsn~1.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Martin\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2012/03/01 19:40:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files\Common Files\McAfee\SystemCore [2012/10/18 21:21:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/09/12 23:59:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2011/04/05 11:55:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Martin\AppData\Roaming\Mozilla\Extensions
[2012/08/28 08:24:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\tjwljtto.default\extensions
[2012/08/28 08:24:29 | 000,000,000 | ---D | M] (FreeOnlineRadioPlayerRecorder Community Toolbar) -- C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\tjwljtto.default\extensions\{f999a48b-1950-4d81-9971-79018f807b4b}
[2011/11/15 18:43:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/10/18 21:21:15 | 000,000,000 | ---D | M] (McAfee ScriptScan for Firefox) -- C:\PROGRAM FILES\COMMON FILES\MCAFEE\SYSTEMCORE
[2012/03/01 19:40:32 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES\MCAFEE\SITEADVISOR
[2012/09/12 23:59:17 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010/10/13 23:28:54 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files\mozilla firefox\components\Scriptff.dll
[2012/05/01 00:15:34 | 000,001,525 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2012/09/12 23:59:15 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/05/01 00:15:34 | 000,000,935 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2012/05/01 00:15:34 | 000,001,166 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2012/10/18 14:19:39 | 000,002,027 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2012/09/12 23:59:15 | 000,002,253 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
[2012/05/01 00:15:34 | 000,001,121 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2012/10/18 21:13:42 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll File not found
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\Mcafee\SystemCore\ScriptSn.20121018210234.dll (McAfee, Inc.)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (FreeOnlineRadioPlayerRecorder Toolbar) - {f999a48b-1950-4d81-9971-79018f807b4b} - C:\Program Files\FreeOnlineRadioPlayerRecorder\prxtbFre0.dll (Conduit Ltd.)
O2 - BHO: (SMTTB2009 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\HyperCam Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (FreeOnlineRadioPlayerRecorder Toolbar) - {f999a48b-1950-4d81-9971-79018f807b4b} - C:\Program Files\FreeOnlineRadioPlayerRecorder\prxtbFre0.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (FreeOnlineRadioPlayerRecorder Toolbar) - {F999A48B-1950-4D81-9971-79018F807B4B} - C:\Program Files\FreeOnlineRadioPlayerRecorder\prxtbFre0.dll (Conduit Ltd.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [BTMTrayAgent] C:\Program Files\Motorola\Bluetooth\btmshell.dll (Motorola, Inc.)
O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Live Update 5] C:\Program Files\MSI\Live Update 5\BootStartLiveupdate.exe ()
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [MGSysCtrl] C:\Program Files\System Control Manager\MGSysCtrl.exe (Micro-Star International Co., Ltd.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [VX3000] C:\Windows\vVX3000.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Facebook Update] C:\Users\Martin\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {F9043C85-F6F2-101A-A3C9-08002B2F49FB} ms-its:C:\Program Files\The Tournament Director 3\TD.lib::/comdlg32.cab (Microsoft Common Dialog Control, version 6.0 (SP6))
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A6F539D9-1C12-4D93-8E59-8CA02D96789B}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/10/18 20:25:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
[2012/10/18 20:05:55 | 000,000,000 | ---D | C] -- C:\windows\System32\SPReview
[2012/10/18 20:04:07 | 000,000,000 | ---D | C] -- C:\windows\System32\EventProviders
[2012/10/18 19:33:01 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/10/18 17:11:47 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Local\temp
[2012/10/18 14:18:37 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Local\{FA165E04-28FC-46C7-B223-124495B4E5EF}
[2012/10/18 13:37:13 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/10/17 18:47:48 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Martin\Desktop\OTL.exe
[2012/10/17 18:06:49 | 000,000,000 | ---D | C] -- C:\windows\System32\RTCOM
[2012/10/17 18:05:36 | 000,290,304 | ---- | C] (Dolby Laboratories, Inc.) -- C:\windows\System32\RH3DHT32.dll
[2012/10/17 18:05:36 | 000,290,304 | ---- | C] (Dolby Laboratories, Inc.) -- C:\windows\System32\RH3DAA32.dll
[2012/10/17 18:05:33 | 001,784,352 | ---- | C] (Waves Audio Ltd.) -- C:\windows\System32\WavesLib.dll
[2012/10/17 18:05:32 | 000,339,968 | ---- | C] (SRS Labs, Inc.) -- C:\windows\System32\SRSTSXT.dll
[2012/10/17 18:05:32 | 000,185,776 | ---- | C] (SRS Labs, Inc.) -- C:\windows\System32\SRSTSHD.dll
[2012/10/17 18:05:32 | 000,167,936 | ---- | C] (SRS Labs, Inc.) -- C:\windows\System32\SRSHP360.dll
[2012/10/17 18:05:32 | 000,135,168 | ---- | C] (SRS Labs, Inc.) -- C:\windows\System32\SRSWOW.dll
[2012/10/17 18:05:25 | 000,290,304 | ---- | C] (Dolby Laboratories, Inc.) -- C:\windows\System32\RP3DHT32.dll
[2012/10/17 18:05:25 | 000,290,304 | ---- | C] (Dolby Laboratories, Inc.) -- C:\windows\System32\RP3DAA32.dll
[2012/10/17 18:05:24 | 001,933,312 | ---- | C] (Waves Audio Ltd.) -- C:\windows\System32\MaxxAudioEQ.dll
[2012/10/17 18:05:24 | 000,159,744 | ---- | C] (Waves Audio Ltd.) -- C:\windows\System32\MaxxAudioAPO20.dll
[2012/10/17 18:05:24 | 000,126,976 | ---- | C] (Waves Audio Ltd.) -- C:\windows\System32\MaxxAudioAPO.dll
[2012/10/17 18:05:22 | 000,159,232 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\windows\System32\FMAPO.dll
[2012/10/17 13:58:44 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Local\{1D2F320D-D238-4816-B8FA-FA62A2CDA446}
[2012/10/16 17:51:39 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Local\{BC1DF122-08DC-4EAF-A7A5-8C0959D664A8}
[2012/10/07 19:11:52 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Local\{C5642557-6557-4FBB-815C-7EF6B013A4BC}
[2012/10/05 00:18:42 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Local\{48C305F2-27F7-4FFC-AC0A-1A0BDDF0F386}
[2012/10/04 19:34:01 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012/10/03 11:47:12 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Local\{B41229D3-F08A-44F6-9355-E66C9839BBD8}
[2012/09/24 12:26:33 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Local\{DE6991EE-F9EA-4F9B-9A71-F3CFFA47D533}

========== Files - Modified Within 30 Days ==========

[2012/10/18 21:49:01 | 000,000,930 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-1552212946-2046552680-650322686-1000UA.job
[2012/10/18 21:27:01 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2012/10/18 21:24:15 | 000,022,896 | ---- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/10/18 21:24:15 | 000,022,896 | ---- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/10/18 21:20:58 | 000,628,460 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2012/10/18 21:20:58 | 000,110,612 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2012/10/18 21:16:30 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/10/18 21:16:21 | 2616,696,832 | -HS- | M] () -- C:\hiberfil.sys
[2012/10/18 21:13:42 | 000,000,098 | ---- | M] () -- C:\windows\System32\drivers\etc\Hosts
[2012/10/18 20:59:14 | 000,341,864 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2012/10/18 16:35:27 | 000,001,109 | ---- | M] () -- C:\Users\Martin\Desktop\ComboFix - Shortcut.lnk
[2012/10/18 00:49:00 | 000,000,908 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-1552212946-2046552680-650322686-1000Core.job
[2012/10/17 18:47:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Martin\Desktop\OTL.exe
[2012/10/17 15:23:18 | 000,005,256 | ---- | M] () -- C:\Users\Martin\Desktop\mkm.reg
[2012/10/17 15:18:26 | 139,060,642 | ---- | M] () -- C:\Users\Martin\Documents\mkm2.reg
[2012/10/04 21:45:39 | 000,001,077 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

========== Files Created - No Company Name ==========

[2012/10/18 16:35:27 | 000,001,109 | ---- | C] () -- C:\Users\Martin\Desktop\ComboFix - Shortcut.lnk
[2012/10/17 15:47:00 | 000,005,256 | ---- | C] () -- C:\Users\Martin\Desktop\wscsvc.reg
[2012/10/17 15:23:18 | 000,005,256 | ---- | C] () -- C:\Users\Martin\Desktop\mkm.reg
[2012/10/17 15:18:12 | 139,060,642 | ---- | C] () -- C:\Users\Martin\Documents\mkm2.reg
[2012/05/29 11:37:54 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe
[2012/05/29 11:37:54 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe
[2012/05/29 11:37:54 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe
[2012/05/29 11:37:54 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe
[2012/05/29 11:37:54 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe
[2012/05/24 14:21:54 | 000,000,056 | ---- | C] () -- C:\windows\System32\ezsidmv.dat
[2011/02/25 00:48:36 | 000,000,096 | ---- | C] () -- C:\ProgramData\CameraRecorder.ini

========== ZeroAccess Check ==========

[2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/01/04 09:59:38 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2011/07/26 11:47:48 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Get from YouTube
[2011/07/26 12:00:20 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Music Editor Free
[2012/05/06 15:47:04 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\PacificPoker
[2012/04/14 14:52:52 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\uTorrent

========== Purity Check ==========



< End of report >


ran tweaking....took a fair while to finish. pc still running ok. Start up is a little slower, and seems to have switched off mcafee. the sound icon appeared in the taskbar and when highlighted said the service was not running...then dissappeared like it has before. normally dissappears in seconds though. but ultimately no sound.

otherwise nothing else different to report....although the catalyst prompt hasn't appeared on start up this time.
  • 0

#12
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Could you go start > run
Type in devmgmt.msc
The device manager will open
Locate the sound devices and click the + mark
[attachment=61111:Capture.JPG]
Does it have a yellow mark alongside it
If so then right click the device and select the Driver tab
Then press update Driver
[attachment=61112:Capture1.JPG]

Has that cured it ?
  • 0

#13
Aspall38

Aspall38

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts
I have ATI HMDI as well as Realtek High Definition as options. i tried updating both, as well as rolling back incase that had affected anything and also tried disabling and renabling. Unfortunately no change though.

I've noticed on the properties that there are notes for both saying the devices are functioning correctly.

As i said before, when the pc starts up, the sound icon appears on the taskbar, with a little red and white cross sign over it, but then dissappears. Could it be something to do with the start up?

i also have a little orange speaker sign that is still there, which when hovvering sayings realtek audio manager...so i am assuming its the ATI part that isn't functioning for whatever reason?

Aspall
  • 0

#14
Aspall38

Aspall38

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts
when i double click on realtek manager, i have a message saying that i am seeing a blank page because no audio devices are connected. Not sure whether this makes any difference.

You probably were already aware, but i just in case, my speakers are internal, not external.

Thank you for all your help by the way!

Aspall
  • 0

#15
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Within control, panel should be a realtek audio manager can you check that all settings are correct
[attachment=61114:Capture.JPG]

Also in case it is the HDMI setting

Disable the "AMD External Events Utility" in services.msc
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP