Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Blasted with pop-ups, internet shut down, computer rebooted... [Closed


  • This topic is locked This topic is locked

#1
Liz2012

Liz2012

    Member

  • Member
  • PipPip
  • 42 posts
OTL logfile created on: 11/3/2012 1:07:33 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\LB\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.75 Gb Total Physical Memory | 0.99 Gb Available Physical Memory | 56.68% Memory free
3.74 Gb Paging File | 2.85 Gb Available in Paging File | 76.26% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222.01 Gb Total Space | 70.08 Gb Free Space | 31.57% Space Free | Partition Type: NTFS
Drive D: | 10.88 Gb Total Space | 1.83 Gb Free Space | 16.79% Space Free | Partition Type: NTFS

Computer Name: LB-PC | User Name: LB | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/11/03 13:07:11 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\LB\Downloads\OTL.exe
PRC - [2012/09/20 20:26:02 | 000,296,096 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2012/05/26 12:04:52 | 000,913,792 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
PRC - [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/10/06 12:54:52 | 000,365,952 | ---- | M] () -- C:\Program Files\SMINST\BLService.exe
PRC - [2007/12/17 05:00:00 | 000,143,872 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE
PRC - [2007/01/11 05:02:00 | 000,113,664 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE


========== Modules (No Company Name) ==========


========== Services (SafeList) ==========

SRV - [2012/10/24 13:50:38 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/05/26 12:04:52 | 000,913,792 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe -- (AdvancedSystemCareService5)
SRV - [2011/09/21 20:35:57 | 000,117,648 | R--- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe -- (Norton Internet Security)
SRV - [2011/08/11 19:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Disabled | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)
SRV - [2011/07/14 14:30:58 | 000,820,568 | ---- | M] (IObit) [Disabled | Stopped] -- C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/04/22 17:26:20 | 000,030,504 | ---- | M] (SMART Technologies) [Auto | Stopped] -- C:\Program Files\SMART Technologies\SMART Response\ResponseHardwareService.exe -- (Response Hardware)
SRV - [2008/10/06 12:54:52 | 000,365,952 | ---- | M] () [Auto | Running] -- C:\Program Files\SMINST\BLService.exe -- (Recovery Service for Windows)
SRV - [2008/01/20 22:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/20 22:23:24 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2008/01/20 22:23:24 | 000,167,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007/12/17 05:00:00 | 000,143,872 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE -- (EPSON_EB_RPCV4_01)
SRV - [2007/01/11 05:02:00 | 000,113,664 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE -- (EPSON_PM_RPCV4_01)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\NIS\1000000.07D\SYMREDRV.SYS -- (SYMREDRV)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\NIS\1005000.087\SYMNDISV.SYS -- (SYMNDISV)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\NIS\1005000.087\SYMFW.SYS -- (SYMFW)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\NIS\1000000.07D\SYMDNS.SYS -- (SYMDNS)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090714.004\NAVEX15.SYS -- (NAVEX15)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090714.004\NAVENG.SYS -- (NAVENG)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\LB\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2011/12/12 13:43:24 | 000,467,592 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1008030.006\cchpx86.sys -- (ccHP)
DRV - [2011/09/21 20:35:58 | 000,217,464 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1008030.006\symtdi.sys -- (SYMTDI)
DRV - [2011/07/22 12:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 17:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/07/11 14:40:40 | 000,018,768 | ---- | M] () [File_System | Disabled | Stopped] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_x86\FileMonitor.sys -- (FileMonitor)
DRV - [2011/03/23 00:59:18 | 000,019,280 | ---- | M] (IObit.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_x86\UrlFilter.sys -- (UrlFilter)
DRV - [2011/03/23 00:59:16 | 000,030,600 | ---- | M] (IObit.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_x86\RegFilter.sys -- (RegFilter)
DRV - [2010/06/30 04:27:08 | 000,049,904 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BVRPMPR5.SYS -- (BVRPMPR5)
DRV - [2009/09/10 18:33:31 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2009/08/22 03:21:19 | 000,310,320 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\NIS\1008030.006\SymEFA.sys -- (SymEFA)
DRV - [2009/08/22 03:21:19 | 000,308,272 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\NIS\1008030.006\srtsp.sys -- (SRTSP)
DRV - [2009/08/22 03:21:19 | 000,259,632 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1008030.006\BHDrvx86.sys -- (BHDrvx86)
DRV - [2009/08/22 03:21:19 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1008030.006\srtspx.sys -- (SRTSPX)
DRV - [2009/08/22 03:21:06 | 000,025,648 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\SymIMV.sys -- (SymIM)
DRV - [2009/07/23 21:01:00 | 009,791,072 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/05/14 04:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2009/05/14 04:00:00 | 000,101,936 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009/01/29 17:50:17 | 000,292,912 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090709.001\IDSvix86.sys -- (IDSVix86)
DRV - [2008/07/29 04:45:00 | 000,904,192 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athrusb.sys -- (athrusb)
DRV - [2008/06/05 12:58:42 | 000,222,208 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2008/05/09 15:17:32 | 000,043,040 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2008/05/06 16:06:00 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2008/04/27 15:07:44 | 000,909,824 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008/04/24 18:51:46 | 000,014,848 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2008/01/29 09:55:00 | 001,042,464 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2008/01/20 22:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32)
DRV - [2007/10/17 19:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/06/18 20:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = Reg Error: Value error.
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = Reg Error: Value error.
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...resario&pf=cnnb
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.midlandsc...aspx?id=1788277
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {D6D05E6F-D5C1-4e03-8E33-73F92B05E262}:10.2
FF - prefs.js..extensions.enabledItems: {0153E448-190B-4987-BDE1-F256CADA672F}:15.0.6
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@ei.TelevisionFanatic.com/Plugin: C:\Program Files\TelevisionFanaticEI\Installr\1.bin\NP64EISB.dll File not found
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.6.14: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.6.14: C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\[email protected]/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.1: C:\Users\LB\AppData\Roaming\Facebook\npfbplugin_1_0_1.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\ [2011/12/13 00:31:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0153E448-190B-4987-BDE1-F256CADA672F}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/09/20 20:27:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/11/02 19:58:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/11/02 19:58:59 | 000,000,000 | ---D | M]

[2010/08/15 13:04:10 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\LB\AppData\Roaming\Mozilla\Extensions
[2012/11/02 20:09:34 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\LB\AppData\Roaming\Mozilla\Firefox\Profiles\3m6xz5ea.default\extensions
[2010/08/15 13:35:03 | 000,000,000 | ---D | M] (ChaCha Guide App Toolbar) -- C:\Users\LB\AppData\Roaming\Mozilla\Firefox\Profiles\3m6xz5ea.default\extensions\[email protected]
[2012/11/02 20:09:34 | 000,020,591 | ---- | M] () (No name found) -- C:\Users\LB\AppData\Roaming\Mozilla\Firefox\Profiles\3m6xz5ea.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
[2012/11/02 19:08:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/01/26 10:58:51 | 000,000,000 | ---D | M] (SMART Notebook Extension) -- C:\Program Files\Mozilla Firefox\extensions\{D6D05E6F-D5C1-4e03-8E33-73F92B05E262}
[2012/10/24 13:50:58 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/02/24 01:12:33 | 000,466,944 | ---- | M] (Catalina Marketing Corporation) -- C:\Program Files\mozilla firefox\plugins\NPcol400.dll
[2011/02/24 01:12:33 | 000,466,944 | ---- | M] (Catalina Marketing Corporation) -- C:\Program Files\mozilla firefox\plugins\NPcol500.dll
[2011/03/18 15:32:12 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll
[2011/12/14 14:39:23 | 000,611,224 | ---- | M] (Oracle Corporation) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/03/18 15:32:14 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll
[2012/09/20 20:26:46 | 000,129,176 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll
[2012/10/24 13:50:17 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/10/24 13:50:17 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2012/11/03 12:40:33 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.8.3.6\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (CIEDownload Object) - {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - C:\Program Files\SMART Technologies\Notebook Software\NotebookPlugin.dll (SMART Technologies ULC.)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.8.3.6\IPSBHO.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.8.3.6\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [MJuapTCJSfio.exe] C:\ProgramData\MJuapTCJSfio.exe File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Advanced SystemCare 5] C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe (IObit)
O4 - HKCU..\Run: [KMF9ugQfW9SGHX] C:\ProgramData\KMF9ugQfW9SGHX.exe File not found
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\LB\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.1.0)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_01)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_01)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C4AAAD42-D5AF-4619-8188-94DAF266CEC4}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.8.3.6\CoIEPlg.dll (Symantec Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Users\LB\Pictures\LIZ IS 30.jpg
O24 - Desktop BackupWallPaper: C:\Users\LB\Pictures\LIZ IS 30.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk /p \??\C:)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/11/03 12:50:15 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/11/03 12:38:26 | 000,000,000 | ---D | C] -- C:\Users\LB\AppData\Local\temp
[2012/11/03 12:38:25 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/11/03 12:17:18 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/11/03 12:17:18 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/11/03 12:17:18 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/11/03 12:17:08 | 000,000,000 | ---D | C] -- C:\ComboFix
[2012/11/03 12:16:54 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/11/03 12:15:56 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012/11/03 12:02:42 | 000,000,000 | -H-D | C] -- C:\Users\LB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Restore
[2012/11/02 19:08:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012/11/02 19:08:44 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012/10/30 21:13:36 | 000,000,000 | ---D | C] -- C:\Users\LB\Desktop\Oct 30 2012

========== Files - Modified Within 30 Days ==========

[2012/11/03 12:50:22 | 000,047,746 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012/11/03 12:50:10 | 000,047,746 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2012/11/03 12:50:03 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/11/03 12:50:02 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/11/03 12:49:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/11/03 12:40:33 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012/11/03 12:02:45 | 000,000,176 | ---- | M] () -- C:\ProgramData\-KMF9ugQfW9SGHXr
[2012/11/03 12:02:45 | 000,000,160 | ---- | M] () -- C:\ProgramData\-KMF9ugQfW9SGHX
[2012/11/03 12:02:42 | 000,000,629 | -H-- | M] () -- C:\Users\LB\Application Data\Microsoft\Internet Explorer\Quick Launch\File_Restore.lnk
[2012/11/03 12:02:42 | 000,000,605 | ---- | M] () -- C:\Users\LB\Desktop\File_Restore.lnk
[2012/11/02 19:09:03 | 000,000,870 | -H-- | M] () -- C:\Users\LB\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/11/02 19:09:03 | 000,000,846 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/11/02 12:29:08 | 000,036,582 | ---- | M] () -- C:\Users\LB\Desktop\$(KGrHqYOKnME52g6phDJBOfVU3Ckbw~~60_58.JPG
[2012/11/01 08:20:47 | 000,035,393 | ---- | M] () -- C:\Users\LB\Desktop\dansville payments.rtf
[2012/10/30 21:38:16 | 000,019,968 | -H-- | M] () -- C:\Users\LB\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/10/30 21:05:51 | 000,000,680 | -H-- | M] () -- C:\Users\LB\AppData\Local\d3d9caps.dat
[2012/10/29 10:58:41 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/10/29 10:52:12 | 000,000,310 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForLB.job
[2012/10/21 11:40:10 | 000,604,502 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/10/21 11:40:10 | 000,104,170 | ---- | M] () -- C:\Windows\System32\perfc009.dat

========== Files Created - No Company Name ==========

[2012/11/03 12:30:27 | 000,002,069 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
[2012/11/03 12:30:27 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
[2012/11/03 12:30:27 | 000,001,736 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD Play.lnk
[2012/11/03 12:30:27 | 000,001,340 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.5.lnk
[2012/11/03 12:30:27 | 000,001,172 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.5.lnk
[2012/11/03 12:30:27 | 000,001,094 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPublisher.lnk
[2012/11/03 12:30:27 | 000,001,016 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works Task Launcher.lnk
[2012/11/03 12:30:27 | 000,001,016 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5.1.lnk
[2012/11/03 12:30:27 | 000,000,874 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
[2012/11/03 12:30:26 | 000,001,071 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.5.lnk
[2012/11/03 12:30:26 | 000,000,978 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS5.1.lnk
[2012/11/03 12:30:26 | 000,000,924 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Download Assistant.lnk
[2012/11/03 12:30:26 | 000,000,884 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat_com.lnk
[2012/11/03 12:17:18 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/11/03 12:17:18 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/11/03 12:17:18 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/11/03 12:17:18 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/11/03 12:17:18 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/11/03 12:02:44 | 000,000,176 | ---- | C] () -- C:\ProgramData\-KMF9ugQfW9SGHXr
[2012/11/03 12:02:43 | 000,000,160 | ---- | C] () -- C:\ProgramData\-KMF9ugQfW9SGHX
[2012/11/03 12:02:42 | 000,000,629 | -H-- | C] () -- C:\Users\LB\Application Data\Microsoft\Internet Explorer\Quick Launch\File_Restore.lnk
[2012/11/03 12:02:42 | 000,000,605 | ---- | C] () -- C:\Users\LB\Desktop\File_Restore.lnk
[2012/11/02 19:09:03 | 000,000,858 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/11/02 12:29:01 | 000,036,582 | ---- | C] () -- C:\Users\LB\Desktop\$(KGrHqYOKnME52g6phDJBOfVU3Ckbw~~60_58.JPG
[2012/10/29 10:58:41 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2011/12/29 23:25:30 | 000,000,680 | -H-- | C] () -- C:\Users\LB\AppData\Local\d3d9caps.dat
[2011/12/12 14:26:35 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2011/09/04 13:55:37 | 000,000,846 | -H-- | C] () -- C:\Users\LB\.recently-used.xbel
[2009/10/25 21:44:40 | 000,000,766 | ---- | C] () -- C:\Users\LB\AppData\Roaming\wklnhst.dat
[2009/07/10 19:42:18 | 000,019,968 | -H-- | C] () -- C:\Users\LB\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/05/26 00:03:08 | 000,047,746 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009/05/25 19:40:07 | 000,047,746 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009/02/19 16:29:33 | 000,000,246 | ---- | C] () -- C:\ProgramData\hpqp.ini

========== ZeroAccess Check ==========

[2006/11/02 08:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/09/05 19:30:45 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 02:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 02:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012/01/26 11:09:25 | 000,000,000 | ---D | M] -- C:\Users\LB\AppData\Roaming\.smarttech-webinterface
[2010/07/05 18:36:46 | 000,000,000 | ---D | M] -- C:\Users\LB\AppData\Roaming\Amazon
[2011/07/27 22:40:03 | 000,000,000 | ---D | M] -- C:\Users\LB\AppData\Roaming\AVG10
[2011/02/21 17:50:07 | 000,000,000 | ---D | M] -- C:\Users\LB\AppData\Roaming\Catalina Marketing Corp
[2011/04/15 21:57:01 | 000,000,000 | ---D | M] -- C:\Users\LB\AppData\Roaming\Charles
[2011/06/27 00:47:02 | 000,000,000 | ---D | M] -- C:\Users\LB\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012/07/01 12:30:44 | 000,000,000 | ---D | M] -- C:\Users\LB\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/08/17 19:02:00 | 000,000,000 | ---D | M] -- C:\Users\LB\AppData\Roaming\com.picaboo.Picaboo.A382D4714709B456C4E0088DFC1F7243AF9EBF75.1
[2011/09/04 13:55:37 | 000,000,000 | ---D | M] -- C:\Users\LB\AppData\Roaming\gtk-2.0
[2012/09/01 12:18:20 | 000,000,000 | ---D | M] -- C:\Users\LB\AppData\Roaming\IObit
[2011/11/19 15:55:24 | 000,000,000 | ---D | M] -- C:\Users\LB\AppData\Roaming\MyPublisher
[2012/01/26 11:01:18 | 000,000,000 | ---D | M] -- C:\Users\LB\AppData\Roaming\SMART Technologies Inc
[2010/12/27 15:45:11 | 000,000,000 | ---D | M] -- C:\Users\LB\AppData\Roaming\SPORE Creature Creator
[2012/11/02 19:28:10 | 000,000,000 | ---D | M] -- C:\Users\LB\AppData\Roaming\Spotify
[2011/01/18 12:29:45 | 000,000,000 | ---D | M] -- C:\Users\LB\AppData\Roaming\Template
[2010/12/06 21:57:09 | 000,000,000 | ---D | M] -- C:\Users\LB\AppData\Roaming\Windows Live Writer

========== Purity Check ==========



< End of report >
OTL Extras logfile created on: 11/3/2012 1:07:33 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\LB\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.75 Gb Total Physical Memory | 0.99 Gb Available Physical Memory | 56.68% Memory free
3.74 Gb Paging File | 2.85 Gb Available in Paging File | 76.26% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222.01 Gb Total Space | 70.08 Gb Free Space | 31.57% Space Free | Partition Type: NTFS
Drive D: | 10.88 Gb Total Space | 1.83 Gb Free Space | 16.79% Space Free | Partition Type: NTFS

Computer Name: LB-PC | User Name: LB | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{32B309B9-0787-41A3-A258-0CA85C4DA36B}" = rport=138 | protocol=17 | dir=out | app=system |
"{33E98355-A018-4C3F-8EA9-0F022B45A4CF}" = lport=137 | protocol=17 | dir=in | app=system |
"{395FA218-F40F-4406-BBE1-374117DEB928}" = lport=138 | protocol=17 | dir=in | app=system |
"{3C54305E-E6D4-4E2F-8B49-8719C64F1EE5}" = lport=445 | protocol=6 | dir=in | app=system |
"{44B9D50D-D30E-4DD9-AE39-5FDE1E9DF5DB}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{47EA4FB8-CAAE-403D-A63E-957B8445C765}" = rport=137 | protocol=17 | dir=out | app=system |
"{50155603-CF86-4E5F-B9FE-58452CBD26B7}" = rport=445 | protocol=6 | dir=out | app=system |
"{6526D35C-7986-464F-8DC3-6E763CFB03F9}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{696967E1-4463-4152-8ABB-5EC22EDB6F15}" = lport=139 | protocol=6 | dir=in | app=system |
"{7E67DD00-8C25-44A2-BF28-7F55BE8BBB1E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7EF7EF9B-1E62-4953-90C0-07D33623EE5E}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{837E160D-6A60-4ACF-8647-59F0FC2502BC}" = rport=139 | protocol=6 | dir=out | app=system |
"{8615A015-7E87-4EB6-A68E-B4101D4A36A8}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{9D74114A-FDC3-4E44-9B8B-0D9E1CEBB798}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{9FEEFC32-827B-42BB-87C2-24B1B93B66E2}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AE371990-689C-4A55-86B1-DDBD5C459845}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{B36D8346-81DD-4BC7-BF5B-9223AF91F6EB}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{CB997062-2C08-4A8C-A522-446789E3D7B1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D56CE493-9E5E-4369-BD95-F2A2755F1C21}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{ED084C9E-984B-40F2-874F-F130716CDE2A}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{ED5FCA8D-7CD3-4D92-88EB-ACD6D559D33B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{FB42ECF1-2557-4925-A7A6-FF5419560C77}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{116E4D05-1782-4CEC-B486-8C0E36EF5903}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{1D78B0A2-9272-4FE7-857F-731D6A681E6F}" = protocol=6 | dir=in | app=c:\users\lb\appdata\roaming\spotify\spotify.exe |
"{1FF9B5FA-F576-4093-AFC7-0A218C7D27C9}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{213572FF-5845-4DAA-B07A-5B0689F99F37}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2740DC7E-E844-4D43-BC38-17E995CA27AB}" = protocol=1 | dir=out | [email protected],-28544 |
"{297DF8B7-9B35-48CE-B83F-6FCDD0F3F372}" = protocol=17 | dir=in | app=c:\users\lb\appdata\roaming\spotify\spotify.exe |
"{41184DFD-7296-4A20-BDE6-4ECC64D96245}" = protocol=58 | dir=in | [email protected],-28545 |
"{4902CBA3-3773-4B14-B6C8-7E215919B83C}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{5E6FA167-5BDE-4890-A465-CF3DBCDD690F}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{633DB42A-0759-4CC8-9D12-76F72B5ED65A}" = protocol=58 | dir=out | [email protected],-28546 |
"{747B701C-9115-4DD4-B114-6F6769A09102}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{8B8594A5-3D69-4313-8A2E-737677ED4E87}" = protocol=17 | dir=in | app=c:\program files\hp\hp deskjet 1050 j410 series\bin\usbsetup.exe |
"{90362A03-CC56-4E1C-8204-AC8CD6B15C90}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe |
"{B1CF2031-463E-44B8-9268-26DDA2E50FE3}" = protocol=6 | dir=in | app=c:\program files\hp\hp deskjet 1050 j410 series\bin\usbsetup.exe |
"{B398DE54-A167-4438-9B39-DF750F6FD212}" = dir=in | app=c:\program files\hp\quickplay\qp.exe |
"{D755CA68-C6C9-4C75-AF9B-04FF285B8485}" = protocol=1 | dir=in | [email protected],-28543 |
"{DBE857B1-CB95-4400-B944-C2311FFB11D1}" = dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"TCP Query User{276B51DC-DB4C-47C5-85C2-9E85346CA90B}C:\windows\system32\spool\drivers\w32x86\3\e_dupa30.exe" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\e_dupa30.exe |
"TCP Query User{83787992-BDB1-40CC-B7AF-27C43A1CE2DA}C:\users\lb\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\lb\appdata\roaming\spotify\spotify.exe |
"TCP Query User{86A28A47-E3B2-4CC3-AB2C-CA2D2F3CF626}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{9A036F8F-6CAA-43BD-BF1C-923A5E1130F0}C:\program files\smart technologies\smart response\responsesoftwareservice.exe" = protocol=6 | dir=in | app=c:\program files\smart technologies\smart response\responsesoftwareservice.exe |
"UDP Query User{455E1D4E-01ED-43B3-A1CA-7EAF6DFCAA3E}C:\windows\system32\spool\drivers\w32x86\3\e_dupa30.exe" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\e_dupa30.exe |
"UDP Query User{96F22E25-F079-41D1-82E7-659C9EC36F15}C:\program files\smart technologies\smart response\responsesoftwareservice.exe" = protocol=17 | dir=in | app=c:\program files\smart technologies\smart response\responsesoftwareservice.exe |
"UDP Query User{E48DFDB5-D3DC-45F3-B6DE-EE96791DF0AA}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{F33B5B6E-F82A-4571-8F3F-5EB829801143}C:\users\lb\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\lb\appdata\roaming\spotify\spotify.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0054A0F6-00C9-4498-B821-B5C9578F433E}" = HP Help and Support
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B5154C0-8F00-4616-B0AB-6240AE80D9CE}" = SimCity™ Societies
"{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}" = LightScribe System Software 1.14.17.1
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{154A4184-1A3D-4BF9-A5AE-4FA1660445F3}" = HP Total Care Advisor
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{226837D8-0BF8-4CBE-BAB2-8F07E2C2B4DD}" = HP Deskjet 1050 J410 series Basic Device Software
"{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83217001FF}" = Java™ 7 Update 1
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 H2
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{352310C3-E46B-42D3-8F32-54721FDD72D9}" = NetZero Preloader
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Vista
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP DVD Play 3.7
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{57A5AEC1-97FC-474D-92C4-908FCC2253D4}" = HP Customer Experience Enhancements
"{5C90D8CF-F12A-41C6-9007-3B651A1F0D78}" = HP Deskjet 1050 J410 series Help
"{5D90E53A-BD7C-8F32-9B82-7733D0F0BC8E}" = Adobe Download Assistant
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{628C2C7D-8AD1-E614-E8E2-6EEAD8D5F2D0}" = Acrobat.com
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{6423EF83-6E1D-4D22-A36F-689CD19FD4D2}" = Juno Preloader
"{65CB4C08-C47B-4A7E-A6A4-50C06ADA5FC6}" = Adobe AIR
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6A370610-3778-44AF-9AAC-69B2FD1A3356}" = Microsoft Live Search Toolbar
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}" = Norton Internet Security
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{846DDADA-0239-4B67-A6B1-33658863793B}" = HPTCSSetup
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E6AE459-9D8F-7365-E848-877D508F5A48}" = Picaboo X
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{9158FF30-78D7-40EF-B83E-451AC5334640}" = Adobe Photoshop CS5.1
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9ADABDDE-9644-461B-9E73-83FA3EFCAB50}" = HP Wireless Assistant
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A51CDA36-B81D-4934-9C9D-B649A0DBF4CD}" = Notebook Software
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A7A34FC9-DF24-4A36-00AD-D4EFE94CC116}" = SimCity 4 Deluxe
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9
"{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}" = Adobe Shockwave Player
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B6D0B141-B2BE-4DD0-B08F-B9186F3E36B3}" = HP User Guides 0118
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}" = HP Update
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240CA}" = WinZip 16.0
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}" = HP Active Support Library
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFD7DD74-42F9-4B50-AFCD-1E0B0F5ABBA4}" = SMART Response
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DD35C328-F115-BEDA-6EEE-E00C5AACCCBC}" = muvee Reveal
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{ECEE0279-785F-4CB3-9F28-E69813234BF8}" = SPORE™ Creature Creator Trial Edition
"{F2527115-B8BF-4FDB-B5DA-5AADFB7C13E1}" = The Sims Complete Collection
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Advanced SystemCare 5_is1" = Advanced SystemCare 5
"CCleaner" = CCleaner
"Charles_XK72" = Charles
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"CNXT_AUDIO_HDA" = Conexant HD Audio
"CNXT_MODEM_HDAUDIO_HERMOSA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"com.picaboo.Picaboo.A382D4714709B456C4E0088DFC1F7243AF9EBF75.1" = Picaboo X
"Coupon Printer for Windows5.0.0.1" = Coupon Printer for Windows
"EPSON Scanner" = EPSON Scan
"EPSON WorkForce 610 Series" = EPSON WorkForce 610 Series Printer Uninstall
"HijackThis" = HijackThis 2.0.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"IObit Malware Fighter_is1" = IObit Malware Fighter
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.65.1.1000
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 16.0.2 (x86 en-US)" = Mozilla Firefox 16.0.2 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NIS" = Norton Internet Security
"NVIDIA Drivers" = NVIDIA Drivers
"Picasa 3" = Picasa 3
"Protected Folder_is1" = Protected Folder
"RealPlayer 15.0" = RealPlayer
"Spy Cleaner Gold 9.5" = Spy Cleaner Gold 9.5
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WildTangent hp Master Uninstall" = My HP Games
"WinLiveSuite" = Windows Live Essentials

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Adobe Connect Add-in" = Adobe Connect Add-in
"Spotify" = Spotify

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 10/25/2012 9:24:02 AM | Computer Name = LB-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 9.0.8112.16421 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 17b0 Start Time: 01cdb2a87aa61900 Termination Time: 702

Error - 10/25/2012 5:41:05 PM | Computer Name = LB-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 9.0.8112.16421, time stamp
0x4d76255d, faulting module nvd3dum.dll, version 8.15.11.8644, time stamp 0x4a68e136,
exception code 0xc0000005, fault offset 0x00398043, process id 0x2038, application
start time 0x01cdb1788eaa74e0.

Error - 10/25/2012 7:59:30 PM | Computer Name = LB-PC | Source = System Restore | ID = 8193
Description =

Error - 10/25/2012 7:59:30 PM | Computer Name = LB-PC | Source = System Restore | ID = 8210
Description =

Error - 10/26/2012 9:39:09 AM | Computer Name = LB-PC | Source = System Restore | ID = 8193
Description =

Error - 10/26/2012 10:29:11 AM | Computer Name = LB-PC | Source = System Restore | ID = 8193
Description =

Error - 10/26/2012 10:29:11 AM | Computer Name = LB-PC | Source = System Restore | ID = 8210
Description =

Error - 10/27/2012 2:23:27 PM | Computer Name = LB-PC | Source = System Restore | ID = 8193
Description =

Error - 10/27/2012 2:23:27 PM | Computer Name = LB-PC | Source = System Restore | ID = 8210
Description =

Error - 10/28/2012 8:21:31 PM | Computer Name = LB-PC | Source = System Restore | ID = 8193
Description =

[ Media Center Events ]
Error - 6/23/2012 5:54:59 PM | Computer Name = LB-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide

[ System Events ]
Error - 11/3/2012 11:40:45 AM | Computer Name = LB-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 11/3/2012 12:16:24 PM | Computer Name = LB-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 11/3/2012 12:16:24 PM | Computer Name = LB-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 11/3/2012 12:19:06 PM | Computer Name = LB-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 11/3/2012 12:20:46 PM | Computer Name = LB-PC | Source = Service Control Manager | ID = 7030
Description =

Error - 11/3/2012 12:30:43 PM | Computer Name = LB-PC | Source = Service Control Manager | ID = 7030
Description =

Error - 11/3/2012 12:40:39 PM | Computer Name = LB-PC | Source = Service Control Manager | ID = 7030
Description =

Error - 11/3/2012 12:50:32 PM | Computer Name = LB-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 11/3/2012 12:59:07 PM | Computer Name = LB-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 11/3/2012 12:59:18 PM | Computer Name = LB-PC | Source = Service Control Manager | ID = 7034
Description =


< End of report >
  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there, have you recovered all your icons and menus ?

Also could you post the Combofix log

  • Download RogueKiller and save it on your desktop.

    NOTE: If using IE8 or better Smartscreen Filter will need to be disabled
  • Quit all programs
  • Start RogueKiller.exe.
  • Wait until Prescan has finished ...
  • Click on Scan
Posted Image

  • Wait for the end of the scan.
  • The report has been created on the desktop.
  • Click on the Delete button.
Posted Image
  • The report has been created on the desktop.

  • Next click on the ShortcutsFix
    Posted Image
  • The report has been created on the desktop.

Please post: All RKreport.txt text files located on your desktop.

THEN

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    Posted Image
:OTL
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [MJuapTCJSfio.exe] C:\ProgramData\MJuapTCJSfio.exe File not found
O4 - HKCU..\Run: [KMF9ugQfW9SGHX] C:\ProgramData\KMF9ugQfW9SGHX.exe File not found
[2012/11/03 12:02:42 | 000,000,000 | -H-D | C] -- C:\Users\LB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Restore
[2012/11/03 12:02:45 | 000,000,176 | ---- | M] () -- C:\ProgramData\-KMF9ugQfW9SGHXr
[2012/11/03 12:02:45 | 000,000,160 | ---- | M] () -- C:\ProgramData\-KMF9ugQfW9SGHX
[2012/11/03 12:02:42 | 000,000,629 | -H-- | M] () -- C:\Users\LB\Application Data\Microsoft\Internet Explorer\Quick Launch\File_Restore.lnk
[2012/11/03 12:02:42 | 000,000,605 | ---- | M] () -- C:\Users\LB\Desktop\File_Restore.lnk

:Commands
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

  • 0

#3
Liz2012

Liz2012

    Member

  • Topic Starter
  • Member
  • PipPip
  • 42 posts
I had not recovered the shortcuts and programs were not working properly. Firefox for example kept saying it was already running when it was not.

Combofix log:

ComboFix 12-11-04.01 - LB 11/04/2012 11:37:22.2.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.1790.1087 [GMT -5:00]
Running from: C:\Users\LB\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L6X1YGYN\ComboFix.exe
AV: Norton Internet Security *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}


((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


---- Previous Run -------

C:\Program Files\Shop to Win
C:\Program Files\Shop to Win\Test.htm
C:\Program Files\TelevisionFanaticEI
C:\Program Files\TelevisionFanaticEI\Installr\1.bin\64EIPlug.dll
C:\Program Files\TelevisionFanaticEI\Installr\1.bin\64EZSETP.dll
C:\Program Files\TelevisionFanaticEI\Installr\1.bin\NP64EISb.dll
C:\ProgramData\KMF9ugQfW9SGHX
C:\ProgramData\KMF9ugQfW9SGHX.exe
C:\Users\LB\Documents\~WRL0003.tmp
C:\Users\LB\Documents\~WRL3003.tmp
C:\Windows\system32\F58C3F5C03.dll


((((((((((((((((((((((((( Files Created from 2012-10-04 to 2012-11-04 )))))))))))))))))))))))))))))))


2012-11-04 16:53:48 . 2012-11-04 16:58:26 -------- d-----w- C:\Users\LB\AppData\Local\temp
2012-11-04 16:53:48 . 2012-11-04 16:53:48 -------- d-----w- C:\Users\Default\AppData\Local\temp
2012-11-02 11:21:42 . 2012-10-12 05:56:01 6918632 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{60ABA4FB-8FAE-4001-A39D-384119EB178E}\mpengine.dll
.


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2012-09-29 23:54:26 . 2009-06-25 03:11:59 22856 ----a-w- C:\Windows\system32\drivers\mbam.sys
2012-09-06 00:32:46 . 2012-09-06 00:32:46 376320 ----a-w- C:\Windows\system32\winsrv.dll
2012-09-06 00:32:05 . 2012-09-06 00:32:05 1205064 ----a-w- C:\Windows\system32\ntdll.dll
2012-09-06 00:31:19 . 2012-09-06 00:31:19 9728 ----a-w- C:\Windows\system32\lsass.exe
2012-09-06 00:31:19 . 2012-09-06 00:31:19 72704 ----a-w- C:\Windows\system32\secur32.dll
2012-09-06 00:31:19 . 2012-09-06 00:31:19 440192 ----a-w- C:\Windows\system32\drivers\ksecdd.sys
2012-09-06 00:31:19 . 2012-09-06 00:31:19 377344 ----a-w- C:\Windows\system32\winhttp.dll
2012-09-06 00:31:19 . 2012-09-06 00:31:19 278528 ----a-w- C:\Windows\system32\schannel.dll
2012-09-06 00:31:19 . 2012-09-06 00:31:19 1259008 ----a-w- C:\Windows\system32\lsasrv.dll
2012-09-06 00:30:28 . 2012-09-06 00:30:28 66560 ----a-w- C:\Windows\system32\packager.dll
2012-09-06 00:24:19 . 2012-09-06 00:24:19 2048 ----a-w- C:\Windows\system32\tzres.dll
2012-09-06 00:23:02 . 2012-09-06 00:23:02 49152 ----a-w- C:\Windows\system32\csrsrv.dll
2012-09-06 00:20:38 . 2012-09-06 00:20:38 555520 ----a-w- C:\Windows\system32\UIAutomationCore.dll
2012-09-06 00:20:38 . 2012-09-06 00:20:38 238080 ----a-w- C:\Windows\system32\oleacc.dll
2012-09-06 00:20:37 . 2012-09-06 00:20:37 563712 ----a-w- C:\Windows\system32\oleaut32.dll
2012-09-06 00:20:37 . 2012-09-06 00:20:37 4096 ----a-w- C:\Windows\system32\oleaccrc.dll
2012-09-06 00:19:00 . 2012-09-06 00:19:00 217088 ----a-w- C:\Windows\system32\psisrndr.ax
2012-09-06 00:18:59 . 2012-09-06 00:18:59 69632 ----a-w- C:\Windows\system32\Mpeg2Data.ax
2012-09-06 00:18:59 . 2012-09-06 00:18:59 57856 ----a-w- C:\Windows\system32\MSDvbNP.ax
2012-09-06 00:18:59 . 2012-09-06 00:18:59 293376 ----a-w- C:\Windows\system32\psisdecd.dll
2012-09-05 23:56:40 . 2012-09-05 23:56:40 79872 ----a-w- C:\Windows\system32\drivers\mrxsmb20.sys
2012-09-05 23:56:40 . 2012-09-05 23:56:40 214016 ----a-w- C:\Windows\system32\drivers\mrxsmb10.sys
2012-09-05 23:56:40 . 2012-09-05 23:56:40 106496 ----a-w- C:\Windows\system32\drivers\mrxsmb.sys
2012-09-05 23:53:01 . 2012-09-05 23:53:01 75264 ----a-w- C:\Windows\system32\drivers\dfsc.sys
2012-09-05 23:52:18 . 2012-09-05 23:52:18 273408 ----a-w- C:\Windows\system32\drivers\afd.sys
2012-09-05 23:51:32 . 2012-09-05 23:51:32 146432 ----a-w- C:\Windows\system32\drivers\srv2.sys
2012-09-05 23:51:32 . 2012-09-05 23:51:32 102400 ----a-w- C:\Windows\system32\drivers\srvnet.sys
2012-09-05 23:50:48 . 2012-09-05 23:50:48 739328 ----a-w- C:\Windows\system32\inetcomm.dll
2012-09-05 23:50:06 . 2012-09-05 23:50:06 876032 ----a-w- C:\Windows\system32\XpsPrint.dll
2012-09-05 23:48:39 . 2012-09-05 23:48:39 81408 ----a-w- C:\Windows\system32\wevtfwd.dll
2012-09-05 23:48:39 . 2012-09-05 23:48:39 79872 ----a-w- C:\Windows\system32\wecutil.exe
2012-09-05 23:48:39 . 2012-09-05 23:48:39 56320 ----a-w- C:\Windows\system32\wecapi.dll
2012-09-05 23:48:39 . 2012-09-05 23:48:39 40448 ----a-w- C:\Windows\system32\winrs.exe
2012-09-05 23:48:39 . 2012-09-05 23:48:39 241152 ----a-w- C:\Windows\system32\winrscmd.dll
2012-09-05 23:48:39 . 2012-09-05 23:48:39 20480 ----a-w- C:\Windows\system32\winrshost.exe
2012-09-05 23:48:39 . 2012-09-05 23:48:39 2048 ----a-w- C:\Windows\system32\winrsmgr.dll
2012-09-05 23:48:39 . 2012-09-05 23:48:39 146944 ----a-w- C:\Windows\system32\wecsvc.dll
2012-09-05 23:48:39 . 2012-09-05 23:48:39 10240 ----a-w- C:\Windows\system32\winrssrv.dll
2012-09-05 23:48:39 . 2012-09-05 23:48:38 145408 ----a-w- C:\Windows\system32\WsmAuto.dll
2012-09-05 23:48:38 . 2012-09-05 23:48:38 54272 ----a-w- C:\Windows\system32\WsmRes.dll
2012-09-05 23:48:38 . 2012-09-05 23:48:38 252416 ----a-w- C:\Windows\system32\WSManMigrationPlugin.dll
2012-09-05 23:48:38 . 2012-09-05 23:48:38 246272 ----a-w- C:\Windows\system32\WSManHTTPConfig.exe
2012-09-05 23:48:38 . 2012-09-05 23:48:38 214016 ----a-w- C:\Windows\system32\WsmWmiPl.dll
2012-09-05 23:48:38 . 2012-09-05 23:48:38 201184 ----a-w- C:\Windows\system32\winrm.vbs
2012-09-05 23:48:38 . 2012-09-05 23:48:38 12800 ----a-w- C:\Windows\system32\wsmprovhost.exe
2012-09-05 23:48:38 . 2012-09-05 23:48:38 1181696 ----a-w- C:\Windows\system32\WsmSvc.dll
2012-09-05 23:48:38 . 2012-09-05 23:48:38 10240 ----a-w- C:\Windows\system32\wsmplpxy.dll
2012-09-05 23:48:37 . 2012-09-05 23:48:37 41472 ----a-w- C:\Windows\system32\pwrshplugin.dll
2012-09-05 23:44:40 . 2012-09-05 23:44:40 28672 ----a-w- C:\Windows\system32\Apphlpdm.dll
2012-09-05 23:44:38 . 2012-09-05 23:44:38 458752 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
2012-09-05 23:44:38 . 2012-09-05 23:44:38 2159616 ----a-w- C:\Windows\apppatch\AcGenral.dll
2012-09-05 23:44:37 . 2012-09-05 23:44:37 542720 ----a-w- C:\Windows\apppatch\AcLayers.dll
2012-09-05 23:44:37 . 2012-09-05 23:44:37 173056 ----a-w- C:\Windows\apppatch\AcXtrnal.dll
2012-09-05 23:44:36 . 2012-09-05 23:44:35 4240384 ----a-w- C:\Windows\system32\GameUXLegacyGDFs.dll
2012-09-05 23:43:23 . 2012-09-05 23:43:23 86528 ----a-w- C:\Windows\system32\dnsrslvr.dll
2012-09-05 23:43:23 . 2012-09-05 23:43:23 25088 ----a-w- C:\Windows\system32\dnscacheugc.exe
2012-09-05 23:42:48 . 2012-09-05 23:42:48 34304 ----a-w- C:\Windows\system32\atmlib.dll
2012-09-05 23:42:48 . 2012-09-05 23:42:48 292864 ----a-w- C:\Windows\system32\atmfd.dll
2012-09-05 23:42:11 . 2012-09-05 23:42:11 69632 ----a-w- C:\Windows\system32\drivers\bowser.sys
2012-09-05 23:41:24 . 2012-09-05 23:41:24 1162240 ----a-w- C:\Windows\system32\mfc42u.dll
2012-09-05 23:41:24 . 2012-09-05 23:41:24 1136640 ----a-w- C:\Windows\system32\mfc42.dll
2012-09-05 23:40:50 . 2012-09-05 23:40:50 305152 ----a-w- C:\Windows\system32\drivers\srv.sys
2012-09-05 23:40:07 . 2012-09-05 23:40:07 797696 ----a-w- C:\Windows\system32\FntCache.dll
2012-09-05 23:40:07 . 2012-09-05 23:40:07 288768 ----a-w- C:\Windows\system32\XpsGdiConverter.dll
2012-09-05 23:40:07 . 2012-09-05 23:40:07 1068544 ----a-w- C:\Windows\system32\DWrite.dll
2012-09-05 23:36:38 . 2012-09-05 23:36:38 2067968 ----a-w- C:\Windows\system32\mstscax.dll
2012-09-05 23:36:37 . 2012-09-05 23:36:37 677888 ----a-w- C:\Windows\system32\mstsc.exe
2012-09-05 23:35:42 . 2012-09-05 23:35:42 429056 ----a-w- C:\Windows\system32\EncDec.dll
2012-09-05 23:35:42 . 2012-09-05 23:35:42 322560 ----a-w- C:\Windows\system32\sbe.dll
2012-09-05 23:35:42 . 2012-09-05 23:35:42 177664 ----a-w- C:\Windows\system32\mpg2splt.ax
2012-09-05 23:35:42 . 2012-09-05 23:35:42 153088 ----a-w- C:\Windows\system32\sbeio.dll
2012-09-05 23:32:07 . 2012-09-05 23:32:07 3602320 ----a-w- C:\Windows\system32\ntkrnlpa.exe
2012-09-05 23:32:07 . 2012-09-05 23:32:07 3550096 ----a-w- C:\Windows\system32\ntoskrnl.exe
2012-10-24 17:50:58 . 2012-11-02 23:08:18 261600 ----a-w- C:\Program Files\mozilla firefox\components\browsercomps.dll


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 5"="C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe" [2012-05-28 19:56:36 288128]
"Spotify Web Helper"="C:\Users\LB\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-11-01 12:21:08 1199576]
"KMF9ugQfW9SGHX"="C:\ProgramData\KMF9ugQfW9SGHX.exe" [BU]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2008-04-17 18:05:10 1049896]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2009-07-23 19:39:04 13797920]
"hpWirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 21:51:00 488752]
"Windows Mobile-based device management"="C:\Windows\WindowsMobile\wmdSync.exe" [2008-01-21 02:23:24 215552]
"TkBellExe"="C:\Program Files\Real\RealPlayer\update\realsched.exe" [2012-09-21 00:26:02 296096]
"MJuapTCJSfio.exe"="C:\ProgramData\MJuapTCJSfio.exe" [BU]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "C:\Program Files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 00:02:18 113024]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-05-04 17:54:14 551296 ----a-w- C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux6"=wdmaud.drv

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /p \??\C:\0autocheck autochk *

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]
@="FSFilter Activity Monitor"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Desktop Menu.lnk]
path=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Desktop Menu.lnk
backup=C:\Windows\pss\Desktop Menu.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
2008-01-21 02:25:11 125952 ----a-w- C:\Windows\ehome\ehtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2007-05-08 23:24:20 54840 ----a-w- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]
2012-11-01 12:21:08 1199576 ---ha-w- C:\Users\LB\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spy Watcher]
2005-04-07 08:18:12 557056 ----a-w- C:\Program Files\Spy Cleaner Gold\SpyWatcher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2011-05-04 18:59:46 252136 ----a-w- C:\Program Files\Common Files\Java\Java Update\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
2010-02-19 17:37:14 517096 ----a-w- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateLBPShortCut]
2008-06-14 01:11:32 210216 ------w- C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GoShortCut]
2008-06-14 01:11:32 210216 ------w- C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePDIRShortCut]
2008-06-14 01:11:32 210216 ------w- C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePSTShortCut]
2008-10-07 03:42:38 210216 ------w- C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-21 02:23:32 1008184 ----a-w- C:\Program Files\Windows Defender\MSASCui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2008-01-21 02:25:33 202240 ----a-w- C:\Program Files\Windows Media Player\wmpnscfg.exe

R4 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [x]
S2 AdvancedSystemCareService5;Advanced SystemCare Service 5;C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe [x]


--- Other Services/Drivers In Memory ---

*NewlyCreated* - WS2IFSL

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-06-09 18:14:42 451872 ----a-w- C:\Program Files\Common Files\LightScribe\LSRunOnce.exe

Contents of the 'Scheduled Tasks' folder

2012-10-29 C:\Windows\Tasks\HPCeeScheduleForLB.job
- C:\Program Files\hewlett-packard\sdp\ceement\HPCEE.exe [2008-10-25 22:50:32 . 2008-05-19 18:34:50]


------- Supplementary Scan -------

uStart Page = hxxp://www.midlandsconnect.com/directory/hg/premium.aspx?id=1788277
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Presario&pf=cnnb
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - C:\Users\LB\AppData\Roaming\Mozilla\Firefox\Profiles\3m6xz5ea.default\
FF - prefs.js: network.proxy.type - 0

- - - - ORPHANS REMOVED - - - -

Toolbar-Locked - (no file)



RogueKiller log 1:

RogueKiller V8.2.2 [11/03/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo...13-roguekiller/
Website: http://tigzy.geeksto...roguekiller.php
Blog: http://tigzyrk.blogspot.com

Operating System: Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Started in : Normal mode
User : LB [Admin rights]
Mode : Scan -- Date : 11/04/2012 12:07:09

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 8 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : KMF9ugQfW9SGHX (C:\ProgramData\KMF9ugQfW9SGHX.exe) -> FOUND
[RUN][SUSP PATH] HKLM\[...]\Run : MJuapTCJSfio.exe (C:\ProgramData\MJuapTCJSfio.exe) -> FOUND
[RUN][SUSP PATH] HKUS\S-1-5-21-1588854067-1537009439-97262279-1000[...]\Run : KMF9ugQfW9SGHX (C:\ProgramData\KMF9ugQfW9SGHX.exe) -> FOUND
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND
[HJ DESK] HKCU\[...]\NewStartPanel : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤
SSDT[13] : NtAlertResumeThread @ 0x8229751D -> HOOKED (Unknown @ 0x87993068)
SSDT[14] : NtAlertThread @ 0x822101E5 -> HOOKED (Unknown @ 0x87969C00)
SSDT[18] : NtAllocateVirtualMemory @ 0x8224C4AB -> HOOKED (Unknown @ 0x87AA2CE8)
SSDT[21] : NtAlpcConnectPort @ 0x821EE81F -> HOOKED (Unknown @ 0x87910C60)
SSDT[42] : NtAssignProcessToJobObject @ 0x821C1B13 -> HOOKED (Unknown @ 0x8E7F32B8)
SSDT[67] : NtCreateMutant @ 0x822247BC -> HOOKED (Unknown @ 0x8E7EF948)
SSDT[77] : NtCreateSymbolicLinkObject @ 0x821C432A -> HOOKED (Unknown @ 0x8E7EA720)
SSDT[78] : NtCreateThread @ 0x82295B98 -> HOOKED (Unknown @ 0x87A72910)
SSDT[116] : NtDebugActiveProcess @ 0x82268CE2 -> HOOKED (Unknown @ 0x8E7F3AC8)
SSDT[129] : NtDuplicateObject @ 0x821FC4E1 -> HOOKED (Unknown @ 0x87DFECF8)
SSDT[147] : NtFreeVirtualMemory @ 0x82088F5D -> HOOKED (Unknown @ 0x8E7E6D90)
SSDT[156] : NtImpersonateAnonymousToken @ 0x821BEEE2 -> HOOKED (Unknown @ 0x879685C0)
SSDT[158] : NtImpersonateThread @ 0x821D44E4 -> HOOKED (Unknown @ 0x87984AE0)
SSDT[165] : NtLoadDriver @ 0x8216FDEE -> HOOKED (Unknown @ 0x87910BE8)
SSDT[177] : NtMapViewOfSection @ 0x8221482A -> HOOKED (Unknown @ 0x87A72108)
SSDT[184] : NtOpenEvent @ 0x821FDD5F -> HOOKED (Unknown @ 0x8798A110)
SSDT[194] : NtOpenProcess @ 0x82224F58 -> HOOKED (Unknown @ 0x87AA0CF8)
SSDT[195] : NtOpenProcessToken @ 0x822059BE -> HOOKED (Unknown @ 0x87B229E8)
SSDT[197] : NtOpenSection @ 0x822155FD -> HOOKED (Unknown @ 0x87A6D108)
SSDT[201] : NtOpenThread @ 0x822204AA -> HOOKED (Unknown @ 0x87A9F460)
SSDT[210] : NtProtectVirtualMemory @ 0x8221E28D -> HOOKED (Unknown @ 0x87A9C310)
SSDT[282] : NtResumeThread @ 0x8221FAF5 -> HOOKED (Unknown @ 0x8E589810)
SSDT[289] : NtSetContextThread @ 0x82296867 -> HOOKED (Unknown @ 0x879674B8)
SSDT[305] : NtSetInformationProcess @ 0x82218858 -> HOOKED (Unknown @ 0x8E7E68C0)
SSDT[317] : NtSetSystemInformation @ 0x821EAE83 -> HOOKED (Unknown @ 0x8E7F2118)
SSDT[330] : NtSuspendProcess @ 0x82297457 -> HOOKED (Unknown @ 0x87992108)
SSDT[331] : NtSuspendThread @ 0x8219E92D -> HOOKED (Unknown @ 0x87985298)
SSDT[334] : NtTerminateProcess @ 0x821F50D3 -> HOOKED (Unknown @ 0x8E702790)
SSDT[335] : NtTerminateThread @ 0x822204DF -> HOOKED (Unknown @ 0x8796B3F8)
SSDT[348] : NtUnmapViewOfSection @ 0x82214AED -> HOOKED (Unknown @ 0x879671C8)
SSDT[358] : NtWriteVirtualMemory @ 0x822118BD -> HOOKED (Unknown @ 0x87DFE6C8)
SSDT[382] : NtCreateThreadEx @ 0x8221FF94 -> HOOKED (Unknown @ 0x8E7E84A8)
S_SSDT[317] : NtUserAttachThreadInput -> HOOKED (Unknown @ 0x864B4EE8)
S_SSDT[397] : NtUserGetAsyncKeyState -> HOOKED (Unknown @ 0x864CC910)
S_SSDT[428] : NtUserGetKeyboardState -> HOOKED (Unknown @ 0x87558BD0)
S_SSDT[430] : NtUserGetKeyState -> HOOKED (Unknown @ 0x8786A4A0)
S_SSDT[442] : NtUserGetRawInputData -> HOOKED (Unknown @ 0x8EE33120)
S_SSDT[479] : NtUserMessageCall -> HOOKED (Unknown @ 0x8F1380A8)
S_SSDT[497] : NtUserPostMessage -> HOOKED (Unknown @ 0x87558B00)
S_SSDT[498] : NtUserPostThreadMessage -> HOOKED (Unknown @ 0x8F138178)
S_SSDT[573] : NtUserSetWindowsHookEx -> HOOKED (Unknown @ 0x862DEA90)
S_SSDT[576] : NtUserSetWinEventHook -> HOOKED (Unknown @ 0x865060C0)

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST9250320AS ATA Device +++++
--- User ---
[MBR] 46e46edc884177b2c1f8f3c59c91f5d5
[BSP] f6e3acd04269e6293e45dcf8f564a7a8 : Toshiba tatooed MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 227333 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 465580032 | Size: 11138 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[1]_S_11042012_02d1207.txt >>
RKreport[1]_S_11042012_02d1207.txt


RogueKiller log 2:

RogueKiller V8.2.2 [11/03/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo...13-roguekiller/
Website: http://tigzy.geeksto...roguekiller.php
Blog: http://tigzyrk.blogspot.com

Operating System: Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Started in : Normal mode
User : LB [Admin rights]
Mode : Remove -- Date : 11/04/2012 12:07:32

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 7 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : KMF9ugQfW9SGHX (C:\ProgramData\KMF9ugQfW9SGHX.exe) -> DELETED
[RUN][SUSP PATH] HKLM\[...]\Run : MJuapTCJSfio.exe (C:\ProgramData\MJuapTCJSfio.exe) -> DELETED
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED
[HJ] HKLM\[...]\System : EnableLUA (0) -> REPLACED (1)
[HJ DESK] HKCU\[...]\NewStartPanel : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤
SSDT[13] : NtAlertResumeThread @ 0x8229751D -> HOOKED (Unknown @ 0x87993068)
SSDT[14] : NtAlertThread @ 0x822101E5 -> HOOKED (Unknown @ 0x87969C00)
SSDT[18] : NtAllocateVirtualMemory @ 0x8224C4AB -> HOOKED (Unknown @ 0x87AA2CE8)
SSDT[21] : NtAlpcConnectPort @ 0x821EE81F -> HOOKED (Unknown @ 0x87910C60)
SSDT[42] : NtAssignProcessToJobObject @ 0x821C1B13 -> HOOKED (Unknown @ 0x8E7F32B8)
SSDT[67] : NtCreateMutant @ 0x822247BC -> HOOKED (Unknown @ 0x8E7EF948)
SSDT[77] : NtCreateSymbolicLinkObject @ 0x821C432A -> HOOKED (Unknown @ 0x8E7EA720)
SSDT[78] : NtCreateThread @ 0x82295B98 -> HOOKED (Unknown @ 0x87A72910)
SSDT[116] : NtDebugActiveProcess @ 0x82268CE2 -> HOOKED (Unknown @ 0x8E7F3AC8)
SSDT[129] : NtDuplicateObject @ 0x821FC4E1 -> HOOKED (Unknown @ 0x87DFECF8)
SSDT[147] : NtFreeVirtualMemory @ 0x82088F5D -> HOOKED (Unknown @ 0x8E7E6D90)
SSDT[156] : NtImpersonateAnonymousToken @ 0x821BEEE2 -> HOOKED (Unknown @ 0x879685C0)
SSDT[158] : NtImpersonateThread @ 0x821D44E4 -> HOOKED (Unknown @ 0x87984AE0)
SSDT[165] : NtLoadDriver @ 0x8216FDEE -> HOOKED (Unknown @ 0x87910BE8)
SSDT[177] : NtMapViewOfSection @ 0x8221482A -> HOOKED (Unknown @ 0x87A72108)
SSDT[184] : NtOpenEvent @ 0x821FDD5F -> HOOKED (Unknown @ 0x8798A110)
SSDT[194] : NtOpenProcess @ 0x82224F58 -> HOOKED (Unknown @ 0x87AA0CF8)
SSDT[195] : NtOpenProcessToken @ 0x822059BE -> HOOKED (Unknown @ 0x87B229E8)
SSDT[197] : NtOpenSection @ 0x822155FD -> HOOKED (Unknown @ 0x87A6D108)
SSDT[201] : NtOpenThread @ 0x822204AA -> HOOKED (Unknown @ 0x87A9F460)
SSDT[210] : NtProtectVirtualMemory @ 0x8221E28D -> HOOKED (Unknown @ 0x87A9C310)
SSDT[282] : NtResumeThread @ 0x8221FAF5 -> HOOKED (Unknown @ 0x8E589810)
SSDT[289] : NtSetContextThread @ 0x82296867 -> HOOKED (Unknown @ 0x879674B8)
SSDT[305] : NtSetInformationProcess @ 0x82218858 -> HOOKED (Unknown @ 0x8E7E68C0)
SSDT[317] : NtSetSystemInformation @ 0x821EAE83 -> HOOKED (Unknown @ 0x8E7F2118)
SSDT[330] : NtSuspendProcess @ 0x82297457 -> HOOKED (Unknown @ 0x87992108)
SSDT[331] : NtSuspendThread @ 0x8219E92D -> HOOKED (Unknown @ 0x87985298)
SSDT[334] : NtTerminateProcess @ 0x821F50D3 -> HOOKED (Unknown @ 0x8E702790)
SSDT[335] : NtTerminateThread @ 0x822204DF -> HOOKED (Unknown @ 0x8796B3F8)
SSDT[348] : NtUnmapViewOfSection @ 0x82214AED -> HOOKED (Unknown @ 0x879671C8)
SSDT[358] : NtWriteVirtualMemory @ 0x822118BD -> HOOKED (Unknown @ 0x87DFE6C8)
SSDT[382] : NtCreateThreadEx @ 0x8221FF94 -> HOOKED (Unknown @ 0x8E7E84A8)
S_SSDT[317] : NtUserAttachThreadInput -> HOOKED (Unknown @ 0x864B4EE8)
S_SSDT[397] : NtUserGetAsyncKeyState -> HOOKED (Unknown @ 0x864CC910)
S_SSDT[428] : NtUserGetKeyboardState -> HOOKED (Unknown @ 0x87558BD0)
S_SSDT[430] : NtUserGetKeyState -> HOOKED (Unknown @ 0x8786A4A0)
S_SSDT[442] : NtUserGetRawInputData -> HOOKED (Unknown @ 0x8EE33120)
S_SSDT[479] : NtUserMessageCall -> HOOKED (Unknown @ 0x8F1380A8)
S_SSDT[497] : NtUserPostMessage -> HOOKED (Unknown @ 0x87558B00)
S_SSDT[498] : NtUserPostThreadMessage -> HOOKED (Unknown @ 0x8F138178)
S_SSDT[573] : NtUserSetWindowsHookEx -> HOOKED (Unknown @ 0x862DEA90)
S_SSDT[576] : NtUserSetWinEventHook -> HOOKED (Unknown @ 0x865060C0)

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST9250320AS ATA Device +++++
--- User ---
[MBR] 46e46edc884177b2c1f8f3c59c91f5d5
[BSP] f6e3acd04269e6293e45dcf8f564a7a8 : Toshiba tatooed MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 227333 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 465580032 | Size: 11138 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[2]_D_11042012_02d1207.txt >>
RKreport[1]_S_11042012_02d1207.txt ; RKreport[2]_D_11042012_02d1207.txt


RogueKiller log 3:


RogueKiller V8.2.2 [11/03/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo...13-roguekiller/
Website: http://tigzy.geeksto...roguekiller.php
Blog: http://tigzyrk.blogspot.com

Operating System: Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Started in : Normal mode
User : LB [Admin rights]
Mode : Shortcuts HJfix -- Date : 11/04/2012 12:10:56

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ File attributes restored: ¤¤¤
Desktop: Success 3697 / Fail 0
Quick launch: Success 4 / Fail 0
Programs: Success 8 / Fail 0
Start menu: Success 39 / Fail 0
User folder: Success 11709 / Fail 0
My documents: Success 177 / Fail 177
My favorites: Success 55 / Fail 0
My pictures: Success 1951 / Fail 0
My music: Success 7 / Fail 0
My videos: Success 1 / Fail 0
Local drives: Success 294 / Fail 0
Backup: [NOT FOUND]

Drives:
[C:] \Device\HarddiskVolume1 -- 0x3 --> Restored
[D:] \Device\HarddiskVolume2 -- 0x3 --> Restored
[E:] \Device\CdRom0 -- 0x5 --> Skipped

Finished : << RKreport[3]_SC_11042012_02d1210.txt >>
RKreport[1]_S_11042012_02d1207.txt ; RKreport[2]_D_11042012_02d1207.txt ; RKreport[3]_SC_11042012_02d1210.txt



OTL Log:


OTL logfile created on: 11/4/2012 1:13:30 PM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\LB\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.75 Gb Total Physical Memory | 0.78 Gb Available Physical Memory | 44.69% Memory free
3.74 Gb Paging File | 2.62 Gb Available in Paging File | 70.14% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222.01 Gb Total Space | 68.44 Gb Free Space | 30.83% Space Free | Partition Type: NTFS
Drive D: | 10.88 Gb Total Space | 1.83 Gb Free Space | 16.79% Space Free | Partition Type: NTFS

Computer Name: LB-PC | User Name: LB | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/11/04 13:13:13 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\LB\Desktop\OTL.exe
PRC - [2012/11/01 07:21:08 | 001,199,576 | ---- | M] (Spotify Ltd) -- C:\Users\LB\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2012/09/20 19:26:02 | 000,296,096 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2012/05/28 14:56:36 | 000,288,128 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe
PRC - [2012/05/26 11:04:52 | 000,913,792 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
PRC - [2011/11/29 23:59:25 | 000,247,968 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil11e_ActiveX.exe
PRC - [2009/04/22 16:26:20 | 000,030,504 | ---- | M] (SMART Technologies) -- C:\Program Files\SMART Technologies\SMART Response\ResponseHardwareService.exe
PRC - [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/10/06 11:54:52 | 000,365,952 | ---- | M] () -- C:\Program Files\SMINST\BLService.exe
PRC - [2007/12/17 04:00:00 | 000,143,872 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE
PRC - [2007/01/11 04:02:00 | 000,113,664 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE


========== Modules (No Company Name) ==========

MOD - [2012/05/24 09:45:42 | 000,138,112 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 5\ASCv5ExtMenu.dll


========== Services (SafeList) ==========

SRV - [2012/10/24 12:50:38 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/05/26 11:04:52 | 000,913,792 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe -- (AdvancedSystemCareService5)
SRV - [2011/09/21 19:35:57 | 000,117,648 | R--- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe -- (Norton Internet Security)
SRV - [2011/08/11 18:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Disabled | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)
SRV - [2011/07/14 13:30:58 | 000,820,568 | ---- | M] (IObit) [Disabled | Stopped] -- C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
SRV - [2010/02/19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/04/22 16:26:20 | 000,030,504 | ---- | M] (SMART Technologies) [Auto | Running] -- C:\Program Files\SMART Technologies\SMART Response\ResponseHardwareService.exe -- (Response Hardware)
SRV - [2008/10/06 11:54:52 | 000,365,952 | ---- | M] () [Auto | Running] -- C:\Program Files\SMINST\BLService.exe -- (Recovery Service for Windows)
SRV - [2008/01/20 21:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/20 21:23:24 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2008/01/20 21:23:24 | 000,167,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007/12/17 04:00:00 | 000,143,872 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE -- (EPSON_EB_RPCV4_01)
SRV - [2007/01/11 04:02:00 | 000,113,664 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE -- (EPSON_PM_RPCV4_01)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\NIS\1000000.07D\SYMREDRV.SYS -- (SYMREDRV)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\NIS\1005000.087\SYMNDISV.SYS -- (SYMNDISV)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\NIS\1005000.087\SYMFW.SYS -- (SYMFW)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\NIS\1000000.07D\SYMDNS.SYS -- (SYMDNS)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090714.004\NAVEX15.SYS -- (NAVEX15)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090714.004\NAVENG.SYS -- (NAVENG)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\LB\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2011/12/12 12:43:24 | 000,467,592 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1008030.006\cchpx86.sys -- (ccHP)
DRV - [2011/09/21 19:35:58 | 000,217,464 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1008030.006\symtdi.sys -- (SYMTDI)
DRV - [2011/07/22 11:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 16:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/07/11 13:40:40 | 000,018,768 | ---- | M] () [File_System | Disabled | Stopped] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_x86\FileMonitor.sys -- (FileMonitor)
DRV - [2011/03/22 23:59:18 | 000,019,280 | ---- | M] (IObit.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_x86\UrlFilter.sys -- (UrlFilter)
DRV - [2011/03/22 23:59:16 | 000,030,600 | ---- | M] (IObit.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_x86\RegFilter.sys -- (RegFilter)
DRV - [2010/06/30 03:27:08 | 000,049,904 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BVRPMPR5.SYS -- (BVRPMPR5)
DRV - [2009/09/10 17:33:31 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2009/08/22 02:21:19 | 000,310,320 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\NIS\1008030.006\SymEFA.sys -- (SymEFA)
DRV - [2009/08/22 02:21:19 | 000,308,272 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\NIS\1008030.006\srtsp.sys -- (SRTSP)
DRV - [2009/08/22 02:21:19 | 000,259,632 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1008030.006\BHDrvx86.sys -- (BHDrvx86)
DRV - [2009/08/22 02:21:19 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1008030.006\srtspx.sys -- (SRTSPX)
DRV - [2009/08/22 02:21:06 | 000,025,648 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\SymIMV.sys -- (SymIM)
DRV - [2009/07/23 20:01:00 | 009,791,072 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/05/14 03:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2009/05/14 03:00:00 | 000,101,936 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009/01/29 16:50:17 | 000,292,912 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090709.001\IDSvix86.sys -- (IDSVix86)
DRV - [2008/07/29 03:45:00 | 000,904,192 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athrusb.sys -- (athrusb)
DRV - [2008/06/05 11:58:42 | 000,222,208 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2008/05/09 14:17:32 | 000,043,040 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2008/05/06 15:06:00 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2008/04/27 14:07:44 | 000,909,824 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008/04/24 17:51:46 | 000,014,848 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2008/01/29 08:55:00 | 001,042,464 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2008/01/20 21:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32)
DRV - [2007/10/17 18:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/06/18 19:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = Reg Error: Value error.
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = Reg Error: Value error.
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...resario&pf=cnnb
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.midlandsc...aspx?id=1788277
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {D6D05E6F-D5C1-4e03-8E33-73F92B05E262}:10.2
FF - prefs.js..extensions.enabledItems: {0153E448-190B-4987-BDE1-F256CADA672F}:15.0.6
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@ei.TelevisionFanatic.com/Plugin: C:\Program Files\TelevisionFanaticEI\Installr\1.bin\NP64EISB.dll File not found
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.6.14: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.6.14: C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\[email protected]/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.1: C:\Users\LB\AppData\Roaming\Facebook\npfbplugin_1_0_1.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\ [2011/12/12 23:31:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0153E448-190B-4987-BDE1-F256CADA672F}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/09/20 19:27:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/11/02 18:58:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/11/02 18:58:59 | 000,000,000 | ---D | M]

[2010/08/15 12:04:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\LB\AppData\Roaming\Mozilla\Extensions
[2012/11/02 19:09:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\LB\AppData\Roaming\Mozilla\Firefox\Profiles\3m6xz5ea.default\extensions
[2010/08/15 12:35:03 | 000,000,000 | ---D | M] (ChaCha Guide App Toolbar) -- C:\Users\LB\AppData\Roaming\Mozilla\Firefox\Profiles\3m6xz5ea.default\extensions\[email protected]
[2012/11/02 19:09:34 | 000,020,591 | ---- | M] () (No name found) -- C:\Users\LB\AppData\Roaming\Mozilla\Firefox\Profiles\3m6xz5ea.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
[2012/11/02 18:08:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/01/26 09:58:51 | 000,000,000 | ---D | M] (SMART Notebook Extension) -- C:\Program Files\Mozilla Firefox\extensions\{D6D05E6F-D5C1-4e03-8E33-73F92B05E262}
[2012/10/24 12:50:58 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/02/24 00:12:33 | 000,466,944 | ---- | M] (Catalina Marketing Corporation) -- C:\Program Files\mozilla firefox\plugins\NPcol400.dll
[2011/02/24 00:12:33 | 000,466,944 | ---- | M] (Catalina Marketing Corporation) -- C:\Program Files\mozilla firefox\plugins\NPcol500.dll
[2011/03/18 14:32:12 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll
[2011/12/14 13:39:23 | 000,611,224 | ---- | M] (Oracle Corporation) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/03/18 14:32:14 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll
[2012/09/20 19:26:46 | 000,129,176 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll
[2012/10/24 12:50:17 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/10/24 12:50:17 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2012/11/04 12:43:33 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.8.3.6\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (CIEDownload Object) - {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - C:\Program Files\SMART Technologies\Notebook Software\NotebookPlugin.dll (SMART Technologies ULC.)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.8.3.6\IPSBHO.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.8.3.6\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Advanced SystemCare 5] C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe (IObit)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\LB\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.1.0)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_01)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_01)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C4AAAD42-D5AF-4619-8188-94DAF266CEC4}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.8.3.6\CoIEPlg.dll (Symantec Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Users\LB\Pictures\LIZ IS 30.jpg
O24 - Desktop BackupWallPaper: C:\Users\LB\Pictures\LIZ IS 30.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk /p \??\C:)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/11/04 13:13:21 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\LB\Desktop\OTL.exe
[2012/11/04 12:43:30 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/11/04 12:06:41 | 000,000,000 | ---D | C] -- C:\Users\LB\Desktop\RK_Quarantine
[2012/11/04 12:00:46 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/11/04 11:53:48 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/11/04 11:53:48 | 000,000,000 | ---D | C] -- C:\Users\LB\AppData\Local\temp
[2012/11/04 11:33:15 | 000,000,000 | ---D | C] -- C:\ComboFix
[2012/11/03 11:17:18 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/11/03 11:17:18 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/11/03 11:17:18 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/11/03 11:16:54 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/11/03 11:15:56 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012/11/02 18:08:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012/11/02 18:08:44 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012/10/30 20:13:36 | 000,000,000 | ---D | C] -- C:\Users\LB\Desktop\Oct 30 2012

========== Files - Modified Within 30 Days ==========

[2012/11/04 13:13:13 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\LB\Desktop\OTL.exe
[2012/11/04 13:05:33 | 000,604,502 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/11/04 13:05:33 | 000,104,170 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/11/04 13:00:47 | 000,047,746 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012/11/04 13:00:30 | 000,047,746 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2012/11/04 12:58:18 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/11/04 12:58:18 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/11/04 12:58:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/11/04 12:43:33 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2012/11/04 12:06:25 | 000,430,592 | ---- | M] () -- C:\Users\LB\Desktop\RogueKiller.exe
[2012/11/02 18:09:03 | 000,000,870 | ---- | M] () -- C:\Users\LB\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/11/02 18:09:03 | 000,000,846 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/11/02 11:29:08 | 000,036,582 | ---- | M] () -- C:\Users\LB\Desktop\$(KGrHqYOKnME52g6phDJBOfVU3Ckbw~~60_58.JPG
[2012/11/01 07:20:47 | 000,035,393 | ---- | M] () -- C:\Users\LB\Desktop\dansville payments.rtf
[2012/10/30 20:38:16 | 000,019,968 | -H-- | M] () -- C:\Users\LB\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/10/30 20:05:51 | 000,000,680 | ---- | M] () -- C:\Users\LB\AppData\Local\d3d9caps.dat
[2012/10/29 09:58:41 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/10/29 09:52:12 | 000,000,310 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForLB.job

========== Files Created - No Company Name ==========

[2012/11/04 12:06:34 | 000,430,592 | ---- | C] () -- C:\Users\LB\Desktop\RogueKiller.exe
[2012/11/03 11:30:27 | 000,002,069 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
[2012/11/03 11:30:27 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
[2012/11/03 11:30:27 | 000,001,736 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD Play.lnk
[2012/11/03 11:30:27 | 000,001,340 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.5.lnk
[2012/11/03 11:30:27 | 000,001,172 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.5.lnk
[2012/11/03 11:30:27 | 000,001,094 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPublisher.lnk
[2012/11/03 11:30:27 | 000,001,016 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works Task Launcher.lnk
[2012/11/03 11:30:27 | 000,001,016 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5.1.lnk
[2012/11/03 11:30:27 | 000,000,874 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
[2012/11/03 11:30:26 | 000,001,071 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.5.lnk
[2012/11/03 11:30:26 | 000,000,978 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS5.1.lnk
[2012/11/03 11:30:26 | 000,000,924 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Download Assistant.lnk
[2012/11/03 11:30:26 | 000,000,884 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat_com.lnk
[2012/11/03 11:17:18 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/11/03 11:17:18 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/11/03 11:17:18 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/11/03 11:17:18 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/11/03 11:17:18 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/11/02 18:09:03 | 000,000,858 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/11/02 11:29:01 | 000,036,582 | ---- | C] () -- C:\Users\LB\Desktop\$(KGrHqYOKnME52g6phDJBOfVU3Ckbw~~60_58.JPG
[2012/10/29 09:58:41 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2011/12/29 22:25:30 | 000,000,680 | ---- | C] () -- C:\Users\LB\AppData\Local\d3d9caps.dat
[2011/12/12 13:26:35 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2011/09/04 12:55:37 | 000,000,846 | ---- | C] () -- C:\Users\LB\.recently-used.xbel
[2009/10/25 20:44:40 | 000,000,766 | ---- | C] () -- C:\Users\LB\AppData\Roaming\wklnhst.dat
[2009/07/10 18:42:18 | 000,019,968 | -H-- | C] () -- C:\Users\LB\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/05/25 23:03:08 | 000,047,746 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009/05/25 18:40:07 | 000,047,746 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009/02/19 15:29:33 | 000,000,246 | ---- | C] () -- C:\ProgramData\hpqp.ini

========== ZeroAccess Check ==========

[2006/11/02 07:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/09/05 18:30:45 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 01:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 01:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012/01/26 10:09:25 | 000,000,000 | ---D | M] -- C:\Users\LB\AppData\Roaming\.smarttech-webinterface
[2010/07/05 17:36:46 | 000,000,000 | ---D | M] -- C:\Users\LB\AppData\Roaming\Amazon
[2011/07/27 21:40:03 | 000,000,000 | ---D | M] -- C:\Users\LB\AppData\Roaming\AVG10
[2011/02/21 16:50:07 | 000,000,000 | ---D | M] -- C:\Users\LB\AppData\Roaming\Catalina Marketing Corp
[2011/04/15 20:57:01 | 000,000,000 | ---D | M] -- C:\Users\LB\AppData\Roaming\Charles
[2011/06/26 23:47:02 | 000,000,000 | ---D | M] -- C:\Users\LB\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012/07/01 11:30:44 | 000,000,000 | ---D | M] -- C:\Users\LB\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/08/17 18:02:00 | 000,000,000 | ---D | M] -- C:\Users\LB\AppData\Roaming\com.picaboo.Picaboo.A382D4714709B456C4E0088DFC1F7243AF9EBF75.1
[2011/09/04 12:55:37 | 000,000,000 | ---D | M] -- C:\Users\LB\AppData\Roaming\gtk-2.0
[2012/09/01 11:18:20 | 000,000,000 | ---D | M] -- C:\Users\LB\AppData\Roaming\IObit
[2011/11/19 14:55:24 | 000,000,000 | ---D | M] -- C:\Users\LB\AppData\Roaming\MyPublisher
[2012/01/26 10:01:18 | 000,000,000 | ---D | M] -- C:\Users\LB\AppData\Roaming\SMART Technologies Inc
[2010/12/27 14:45:11 | 000,000,000 | ---D | M] -- C:\Users\LB\AppData\Roaming\SPORE Creature Creator
[2012/11/02 18:28:10 | 000,000,000 | ---D | M] -- C:\Users\LB\AppData\Roaming\Spotify
[2011/01/18 11:29:45 | 000,000,000 | ---D | M] -- C:\Users\LB\AppData\Roaming\Template
[2010/12/06 20:57:09 | 000,000,000 | ---D | M] -- C:\Users\LB\AppData\Roaming\Windows Live Writer

========== Purity Check ==========



< End of report >
  • 0

#4
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
One further area I would like to check.. Once this has run could you let me know what problems remain

Download the latest version of TDSSKiller from here and save it to your Desktop.


  • Doubleclick on TDSSKiller.exe to run the application
    Posted Image
  • Then click on Change parameters.

    Posted Image
  • Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
  • Click the Start Scan button.

  • If a suspicious object is detected, the default action will be Skip, click on Continue.

    Posted Image
  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
  • Get the report by selecting Reports

    Posted Image
  • Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

Please copy and paste its contents on your next reply.
  • 0

#5
Liz2012

Liz2012

    Member

  • Topic Starter
  • Member
  • PipPip
  • 42 posts
I ran it, and it found a number of items to "skip", but never prompted any "malicious" items or "cure" options.

I did get the report, but it would not let me copy it.
  • 0

#6
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
The report will be at C:\TDSSKille date time

What problems are outstanding at the moment ?
  • 0

#7
Liz2012

Liz2012

    Member

  • Topic Starter
  • Member
  • PipPip
  • 42 posts
Not sure there are any more outstanding issues, but I would greatly appreciate an educated eye looking at the information to be sure.

_________________

06:33:59.0614 6840 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
06:34:00.0029 6840 ============================================================
06:34:00.0029 6840 Current date / time: 2012/11/05 06:34:00.0029
06:34:00.0029 6840 SystemInfo:
06:34:00.0030 6840
06:34:00.0030 6840 OS Version: 6.0.6002 ServicePack: 2.0
06:34:00.0030 6840 Product type: Workstation
06:34:00.0030 6840 ComputerName: LB-PC
06:34:00.0031 6840 UserName: LB
06:34:00.0031 6840 Windows directory: C:\Windows
06:34:00.0031 6840 System windows directory: C:\Windows
06:34:00.0031 6840 Processor architecture: Intel x86
06:34:00.0031 6840 Number of processors: 2
06:34:00.0031 6840 Page size: 0x1000
06:34:00.0031 6840 Boot type: Normal boot
06:34:00.0031 6840 ============================================================
06:34:04.0089 6840 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
06:34:04.0513 6840 ============================================================
06:34:04.0513 6840 \Device\Harddisk0\DR0:
06:34:04.0520 6840 MBR partitions:
06:34:04.0520 6840 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1BC02FC1
06:34:04.0521 6840 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1BC03000, BlocksNum 0x15C1000
06:34:04.0521 6840 ============================================================
06:34:04.0592 6840 C: <-> \Device\Harddisk0\DR0\Partition1
06:34:04.0868 6840 D: <-> \Device\Harddisk0\DR0\Partition2
06:34:04.0868 6840 ============================================================
06:34:04.0869 6840 Initialize success
06:34:04.0869 6840 ============================================================
06:34:44.0901 7808 ============================================================
06:34:44.0901 7808 Scan started
06:34:44.0901 7808 Mode: Manual; SigCheck; TDLFS;
06:34:44.0901 7808 ============================================================
06:34:52.0196 7808 ================ Scan system memory ========================
06:34:52.0196 7808 System memory - ok
06:34:52.0198 7808 ================ Scan services =============================
06:34:52.0428 7808 [ C0393EB99A6C72C6BEF9BFC4A72B33A6 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
06:34:52.0820 7808 !SASCORE - ok
06:34:53.0098 7808 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
06:34:53.0136 7808 ACPI - ok
06:34:53.0174 7808 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
06:34:53.0221 7808 adp94xx - ok
06:34:53.0282 7808 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
06:34:53.0316 7808 adpahci - ok
06:34:53.0379 7808 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
06:34:53.0402 7808 adpu160m - ok
06:34:53.0429 7808 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
06:34:53.0457 7808 adpu320 - ok
06:34:53.0552 7808 [ 96D6CDD0B32846E8CFBE592F4F32E608 ] AdvancedSystemCareService5 C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
06:34:53.0651 7808 AdvancedSystemCareService5 - ok
06:34:53.0681 7808 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
06:34:54.0219 7808 AeLookupSvc - ok
06:34:54.0324 7808 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
06:34:54.0420 7808 AFD - ok
06:34:54.0474 7808 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
06:34:54.0497 7808 agp440 - ok
06:34:54.0539 7808 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
06:34:54.0616 7808 aic78xx - ok
06:34:54.0648 7808 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
06:34:54.0915 7808 ALG - ok
06:34:54.0985 7808 [ 3D76FDA1A10ACC3DC84728F55C29B6D4 ] aliide C:\Windows\system32\drivers\aliide.sys
06:34:55.0034 7808 aliide - ok
06:34:55.0077 7808 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
06:34:55.0097 7808 amdagp - ok
06:34:55.0109 7808 [ 5B92E7839F5A1FBC1B39DE67758AD6F8 ] amdide C:\Windows\system32\drivers\amdide.sys
06:34:55.0128 7808 amdide - ok
06:34:55.0157 7808 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
06:34:55.0283 7808 AmdK7 - ok
06:34:55.0324 7808 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
06:34:55.0406 7808 AmdK8 - ok
06:34:55.0435 7808 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
06:34:55.0526 7808 Appinfo - ok
06:34:55.0681 7808 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
06:34:55.0704 7808 arc - ok
06:34:55.0732 7808 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
06:34:55.0755 7808 arcsas - ok
06:34:55.0779 7808 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
06:34:55.0855 7808 AsyncMac - ok
06:34:55.0885 7808 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
06:34:55.0904 7808 atapi - ok
06:34:55.0966 7808 [ 600EFE56F37ADBD65A0FB076B50D1B8D ] athr C:\Windows\system32\DRIVERS\athr.sys
06:34:56.0222 7808 athr - ok
06:34:56.0336 7808 [ 44FA26470D4C8123CCF71F4200B782D3 ] athrusb C:\Windows\system32\DRIVERS\athrusb.sys
06:34:56.0493 7808 athrusb - ok
06:34:56.0543 7808 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
06:34:56.0647 7808 AudioEndpointBuilder - ok
06:34:56.0676 7808 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
06:34:56.0723 7808 Audiosrv - ok
06:34:56.0754 7808 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
06:34:56.0829 7808 Beep - ok
06:34:56.0859 7808 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
06:34:56.0927 7808 BFE - ok
06:34:57.0029 7808 [ 76154FA6A742C613B44BB636B1A7C057 ] BHDrvx86 C:\Windows\System32\Drivers\NIS\1008030.006\BHDrvx86.sys
06:34:57.0130 7808 BHDrvx86 - ok
06:34:57.0222 7808 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\system32\qmgr.dll
06:34:57.0335 7808 BITS - ok
06:34:57.0428 7808 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
06:34:57.0523 7808 blbdrive - ok
06:34:57.0550 7808 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
06:34:57.0635 7808 bowser - ok
06:34:57.0675 7808 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
06:34:57.0723 7808 BrFiltLo - ok
06:34:57.0750 7808 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
06:34:57.0810 7808 BrFiltUp - ok
06:34:57.0849 7808 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
06:34:57.0907 7808 Browser - ok
06:34:57.0929 7808 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
06:34:58.0181 7808 Brserid - ok
06:34:58.0236 7808 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
06:34:58.0353 7808 BrSerWdm - ok
06:34:58.0459 7808 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
06:34:58.0572 7808 BrUsbMdm - ok
06:34:58.0598 7808 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
06:34:58.0709 7808 BrUsbSer - ok
06:34:58.0760 7808 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
06:34:58.0917 7808 BTHMODEM - ok
06:34:58.0953 7808 [ 248DFA5762DDE38DFDDBBD44149E9D7A ] BVRPMPR5 C:\Windows\system32\drivers\BVRPMPR5.SYS
06:34:58.0966 7808 BVRPMPR5 ( UnsignedFile.Multi.Generic ) - warning
06:34:58.0966 7808 BVRPMPR5 - detected UnsignedFile.Multi.Generic (1)
06:34:59.0074 7808 catchme - ok
06:34:59.0128 7808 [ 3182B846490DC4D71FABD4A8CB6B73EA ] ccHP C:\Windows\System32\Drivers\NIS\1008030.006\ccHPx86.sys
06:34:59.0186 7808 ccHP - ok
06:34:59.0206 7808 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
06:34:59.0273 7808 cdfs - ok
06:34:59.0390 7808 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
06:34:59.0444 7808 cdrom - ok
06:34:59.0480 7808 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
06:34:59.0528 7808 CertPropSvc - ok
06:34:59.0581 7808 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys
06:34:59.0635 7808 circlass - ok
06:34:59.0747 7808 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
06:34:59.0780 7808 CLFS - ok
06:34:59.0880 7808 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
06:34:59.0902 7808 clr_optimization_v2.0.50727_32 - ok
06:34:59.0995 7808 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
06:35:00.0059 7808 clr_optimization_v4.0.30319_32 - ok
06:35:00.0186 7808 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
06:35:00.0254 7808 CmBatt - ok
06:35:00.0275 7808 [ D36372A6EA6805EFBE8884D10772313F ] cmdide C:\Windows\system32\drivers\cmdide.sys
06:35:00.0294 7808 cmdide - ok
06:35:00.0326 7808 [ 1ADF6F4852E7D7E2E8AC481BDB970586 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT32.sys
06:35:00.0415 7808 CnxtHdAudService - ok
06:35:00.0500 7808 [ 7795F8CEBC284A426B53F541E538695F ] Com4QLBEx C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
06:35:00.0529 7808 Com4QLBEx - ok
06:35:00.0551 7808 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
06:35:00.0570 7808 Compbatt - ok
06:35:00.0582 7808 COMSysApp - ok
06:35:00.0606 7808 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
06:35:00.0626 7808 crcdisk - ok
06:35:00.0657 7808 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
06:35:00.0725 7808 Crusoe - ok
06:35:00.0765 7808 [ FB27772BEAF8E1D28CCD825C09DA939B ] CryptSvc C:\Windows\system32\cryptsvc.dll
06:35:00.0825 7808 CryptSvc - ok
06:35:00.0960 7808 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
06:35:01.0040 7808 DcomLaunch - ok
06:35:01.0085 7808 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
06:35:01.0130 7808 DfsC - ok
06:35:01.0269 7808 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
06:35:01.0709 7808 DFSR - ok
06:35:01.0836 7808 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
06:35:01.0972 7808 Dhcp - ok
06:35:02.0003 7808 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
06:35:02.0026 7808 disk - ok
06:35:02.0066 7808 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
06:35:02.0118 7808 Dnscache - ok
06:35:02.0148 7808 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
06:35:02.0284 7808 dot3svc - ok
06:35:02.0548 7808 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
06:35:02.0727 7808 DPS - ok
06:35:02.0755 7808 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
06:35:02.0797 7808 drmkaud - ok
06:35:02.0849 7808 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
06:35:02.0910 7808 DXGKrnl - ok
06:35:02.0959 7808 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
06:35:03.0051 7808 E1G60 - ok
06:35:03.0084 7808 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
06:35:03.0181 7808 EapHost - ok
06:35:03.0283 7808 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
06:35:03.0311 7808 Ecache - ok
06:35:03.0368 7808 [ 70AEAC5D481B2904B40F2173E280B1B5 ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
06:35:03.0450 7808 eeCtrl - ok
06:35:03.0610 7808 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
06:35:03.0770 7808 ehRecvr - ok
06:35:03.0837 7808 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
06:35:03.0965 7808 ehSched - ok
06:35:04.0006 7808 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
06:35:04.0037 7808 ehstart - ok
06:35:04.0081 7808 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
06:35:04.0133 7808 elxstor - ok
06:35:04.0183 7808 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
06:35:04.0411 7808 EMDMgmt - ok
06:35:04.0533 7808 [ EC6A73CD8413F68655E5E0B99C415A21 ] EPSON_EB_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE
06:35:04.0561 7808 EPSON_EB_RPCV4_01 ( UnsignedFile.Multi.Generic ) - warning
06:35:04.0561 7808 EPSON_EB_RPCV4_01 - detected UnsignedFile.Multi.Generic (1)
06:35:04.0581 7808 [ 8FE6AB59CAB8F2C038FEA9522A5EEBA7 ] EPSON_PM_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
06:35:04.0607 7808 EPSON_PM_RPCV4_01 ( UnsignedFile.Multi.Generic ) - warning
06:35:04.0608 7808 EPSON_PM_RPCV4_01 - detected UnsignedFile.Multi.Generic (1)
06:35:04.0637 7808 [ 00BD6FC4A873D3341DCF9AEF2D3C841E ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
06:35:04.0658 7808 EraserUtilRebootDrv - ok
06:35:04.0753 7808 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
06:35:04.0815 7808 ErrDev - ok
06:35:04.0866 7808 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
06:35:04.0920 7808 EventSystem - ok
06:35:04.0985 7808 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
06:35:05.0114 7808 exfat - ok
06:35:05.0174 7808 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
06:35:05.0230 7808 fastfat - ok
06:35:05.0265 7808 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
06:35:05.0322 7808 fdc - ok
06:35:05.0351 7808 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
06:35:05.0408 7808 fdPHost - ok
06:35:05.0422 7808 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
06:35:05.0547 7808 FDResPub - ok
06:35:05.0567 7808 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
06:35:05.0598 7808 FileInfo - ok
06:35:05.0677 7808 [ 8A231081166D912D5EF4E525F5A1CB7B ] FileMonitor C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_x86\FileMonitor.sys
06:35:05.0696 7808 FileMonitor - ok
06:35:05.0788 7808 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
06:35:05.0850 7808 Filetrace - ok
06:35:05.0866 7808 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
06:35:05.0932 7808 flpydisk - ok
06:35:05.0965 7808 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
06:35:05.0994 7808 FltMgr - ok
06:35:06.0044 7808 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
06:35:06.0142 7808 FontCache - ok
06:35:06.0276 7808 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
06:35:06.0295 7808 FontCache3.0.0.0 - ok
06:35:06.0348 7808 [ 65EA8B77B5851854F0C55C43FA51A198 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
06:35:06.0397 7808 Fs_Rec - ok
06:35:06.0426 7808 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
06:35:06.0447 7808 gagp30kx - ok
06:35:06.0503 7808 [ 617DC2877015270914CA3C03873560D5 ] GameConsoleService C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
06:35:06.0527 7808 GameConsoleService - ok
06:35:06.0571 7808 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
06:35:06.0674 7808 gpsvc - ok
06:35:06.0823 7808 [ CC839E8D766CC31A7710C9F38CF3E375 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
06:35:06.0849 7808 gusvc - ok
06:35:06.0964 7808 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
06:35:07.0109 7808 HdAudAddService - ok
06:35:07.0154 7808 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
06:35:07.0239 7808 HDAudBus - ok
06:35:07.0331 7808 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
06:35:07.0437 7808 HidBth - ok
06:35:07.0455 7808 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
06:35:07.0561 7808 HidIr - ok
06:35:07.0680 7808 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\System32\hidserv.dll
06:35:07.0747 7808 hidserv - ok
06:35:07.0778 7808 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
06:35:07.0826 7808 HidUsb - ok
06:35:07.0892 7808 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
06:35:07.0956 7808 hkmsvc - ok
06:35:07.0995 7808 [ A19B0BB5A7EB6DF2DD4A0711D36955EE ] HP Health Check Service c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
06:35:08.0009 7808 HP Health Check Service ( UnsignedFile.Multi.Generic ) - warning
06:35:08.0009 7808 HP Health Check Service - detected UnsignedFile.Multi.Generic (1)
06:35:08.0036 7808 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
06:35:08.0056 7808 HpCISSs - ok
06:35:08.0090 7808 [ 35956140E686D53BF676CF0C778880FC ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
06:35:08.0146 7808 HpqKbFiltr - ok
06:35:08.0202 7808 [ 1665C7121A026DF10C903DB9BC5E9D43 ] hpqwmiex C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
06:35:08.0224 7808 hpqwmiex - ok
06:35:08.0276 7808 [ CC267848CB3508E72762BE65734E764D ] HSF_DPV C:\Windows\system32\DRIVERS\HSX_DPV.sys
06:35:08.0413 7808 HSF_DPV - ok
06:35:08.0473 7808 [ A2882945CC4B6E3E4E9E825590438888 ] HSXHWAZL C:\Windows\system32\DRIVERS\HSXHWAZL.sys
06:35:08.0515 7808 HSXHWAZL - ok
06:35:08.0627 7808 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
06:35:08.0823 7808 HTTP - ok
06:35:08.0909 7808 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
06:35:08.0929 7808 i2omp - ok
06:35:08.0957 7808 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
06:35:09.0009 7808 i8042prt - ok
06:35:09.0113 7808 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
06:35:09.0144 7808 iaStorV - ok
06:35:09.0216 7808 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
06:35:09.0234 7808 IDriverT ( UnsignedFile.Multi.Generic ) - warning
06:35:09.0234 7808 IDriverT - detected UnsignedFile.Multi.Generic (1)
06:35:09.0333 7808 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
06:35:09.0421 7808 idsvc - ok
06:35:09.0623 7808 [ 1B7363491BBBC1DCA7C7E48B30A5658B ] IDSVix86 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20090709.001\IDSvix86.sys
06:35:09.0653 7808 IDSVix86 - ok
06:35:09.0677 7808 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
06:35:09.0697 7808 iirsp - ok
06:35:09.0741 7808 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
06:35:09.0824 7808 IKEEXT - ok
06:35:09.0877 7808 [ F36A072F5D7DDF5CFADDB8FD384D6C65 ] IMFservice C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
06:35:09.0957 7808 IMFservice - ok
06:35:09.0988 7808 [ DD512A049BD7B4BCE8A83554C5EFF2C1 ] intelide C:\Windows\system32\drivers\intelide.sys
06:35:10.0009 7808 intelide - ok
06:35:10.0037 7808 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
06:35:10.0095 7808 intelppm - ok
06:35:10.0128 7808 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
06:35:10.0200 7808 IPBusEnum - ok
06:35:10.0226 7808 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
06:35:10.0293 7808 IpFilterDriver - ok
06:35:10.0328 7808 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
06:35:10.0422 7808 iphlpsvc - ok
06:35:10.0433 7808 IpInIp - ok
06:35:10.0470 7808 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
06:35:10.0540 7808 IPMIDRV - ok
06:35:10.0605 7808 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
06:35:10.0660 7808 IPNAT - ok
06:35:10.0751 7808 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
06:35:10.0815 7808 IRENUM - ok
06:35:10.0838 7808 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
06:35:10.0860 7808 isapnp - ok
06:35:10.0900 7808 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
06:35:10.0930 7808 iScsiPrt - ok
06:35:10.0949 7808 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
06:35:10.0969 7808 iteatapi - ok
06:35:10.0989 7808 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
06:35:11.0008 7808 iteraid - ok
06:35:11.0033 7808 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
06:35:11.0053 7808 kbdclass - ok
06:35:11.0145 7808 [ 18247836959BA67E3511B62846B9C2E0 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
06:35:11.0205 7808 kbdhid - ok
06:35:11.0236 7808 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
06:35:11.0333 7808 KeyIso - ok
06:35:11.0406 7808 [ 2B2F1638466E8CB091400C9019CC730E ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
06:35:11.0451 7808 KSecDD - ok
06:35:11.0549 7808 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
06:35:11.0668 7808 KtmRm - ok
06:35:11.0772 7808 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\System32\srvsvc.dll
06:35:11.0841 7808 LanmanServer - ok
06:35:11.0947 7808 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
06:35:12.0011 7808 LanmanWorkstation - ok
06:35:12.0137 7808 [ ABF90FC5A127F481219B873C1B8DFC1C ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
06:35:12.0167 7808 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
06:35:12.0167 7808 LightScribeService - detected UnsignedFile.Multi.Generic (1)
06:35:12.0201 7808 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
06:35:12.0269 7808 lltdio - ok
06:35:12.0327 7808 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
06:35:12.0410 7808 lltdsvc - ok
06:35:12.0437 7808 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
06:35:12.0551 7808 lmhosts - ok
06:35:12.0795 7808 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
06:35:12.0844 7808 LSI_FC - ok
06:35:12.0912 7808 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
06:35:12.0935 7808 LSI_SAS - ok
06:35:12.0949 7808 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
06:35:12.0971 7808 LSI_SCSI - ok
06:35:12.0989 7808 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
06:35:13.0052 7808 luafv - ok
06:35:13.0097 7808 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
06:35:13.0157 7808 Mcx2Svc - ok
06:35:13.0186 7808 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
06:35:13.0243 7808 mdmxsdk - ok
06:35:13.0284 7808 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
06:35:13.0303 7808 megasas - ok
06:35:13.0340 7808 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
06:35:13.0382 7808 MegaSR - ok
06:35:13.0475 7808 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
06:35:13.0536 7808 MMCSS - ok
06:35:13.0558 7808 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
06:35:13.0665 7808 Modem - ok
06:35:13.0699 7808 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
06:35:13.0758 7808 monitor - ok
06:35:13.0775 7808 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
06:35:13.0795 7808 mouclass - ok
06:35:13.0814 7808 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\drivers\mouhid.sys
06:35:13.0868 7808 mouhid - ok
06:35:13.0957 7808 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
06:35:13.0979 7808 MountMgr - ok
06:35:14.0042 7808 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
06:35:14.0065 7808 MozillaMaintenance - ok
06:35:14.0083 7808 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
06:35:14.0106 7808 mpio - ok
06:35:14.0122 7808 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
06:35:14.0178 7808 mpsdrv - ok
06:35:14.0225 7808 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
06:35:14.0315 7808 MpsSvc - ok
06:35:14.0397 7808 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
06:35:14.0416 7808 Mraid35x - ok
06:35:14.0474 7808 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
06:35:14.0531 7808 MRxDAV - ok
06:35:14.0659 7808 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
06:35:14.0743 7808 mrxsmb - ok
06:35:14.0806 7808 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
06:35:14.0848 7808 mrxsmb10 - ok
06:35:14.0872 7808 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
06:35:14.0900 7808 mrxsmb20 - ok
06:35:14.0931 7808 [ AA305CFF241DA187BD5077DE4A2A043D ] msahci C:\Windows\system32\drivers\msahci.sys
06:35:14.0950 7808 msahci - ok
06:35:14.0965 7808 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
06:35:14.0988 7808 msdsm - ok
06:35:15.0102 7808 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
06:35:15.0161 7808 MSDTC - ok
06:35:15.0270 7808 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
06:35:15.0339 7808 Msfs - ok
06:35:15.0351 7808 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
06:35:15.0370 7808 msisadrv - ok
06:35:15.0418 7808 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
06:35:15.0497 7808 MSiSCSI - ok
06:35:15.0593 7808 msiserver - ok
06:35:15.0634 7808 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
06:35:15.0689 7808 MSKSSRV - ok
06:35:15.0717 7808 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
06:35:15.0780 7808 MSPCLOCK - ok
06:35:15.0797 7808 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
06:35:15.0858 7808 MSPQM - ok
06:35:15.0896 7808 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
06:35:15.0927 7808 MsRPC - ok
06:35:15.0946 7808 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
06:35:15.0966 7808 mssmbios - ok
06:35:15.0984 7808 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
06:35:16.0039 7808 MSTEE - ok
06:35:16.0060 7808 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
06:35:16.0083 7808 Mup - ok
06:35:16.0129 7808 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
06:35:16.0197 7808 napagent - ok
06:35:16.0312 7808 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
06:35:16.0356 7808 NativeWifiP - ok
06:35:16.0405 7808 NAVENG - ok
06:35:16.0414 7808 NAVEX15 - ok
06:35:16.0462 7808 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
06:35:16.0518 7808 NDIS - ok
06:35:16.0588 7808 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
06:35:16.0655 7808 NdisTapi - ok
06:35:16.0681 7808 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
06:35:16.0734 7808 Ndisuio - ok
06:35:16.0765 7808 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
06:35:16.0816 7808 NdisWan - ok
06:35:16.0910 7808 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
06:35:16.0952 7808 NDProxy - ok
06:35:16.0973 7808 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
06:35:17.0036 7808 NetBIOS - ok
06:35:17.0082 7808 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
06:35:17.0128 7808 netbt - ok
06:35:17.0199 7808 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
06:35:17.0224 7808 Netlogon - ok
06:35:17.0254 7808 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
06:35:17.0328 7808 Netman - ok
06:35:17.0353 7808 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
06:35:17.0432 7808 netprofm - ok
06:35:17.0464 7808 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
06:35:17.0485 7808 NetTcpPortSharing - ok
06:35:17.0720 7808 [ 35D5458D9A1B26B2005ABFFBF4C1C5E7 ] NETw3v32 C:\Windows\system32\DRIVERS\NETw3v32.sys
06:35:17.0955 7808 NETw3v32 - ok
06:35:18.0017 7808 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
06:35:18.0037 7808 nfrd960 - ok
06:35:18.0114 7808 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
06:35:18.0183 7808 NlaSvc - ok
06:35:18.0256 7808 [ 64C89DB40949FD0E7C8FF303676A91F1 ] Norton Internet Security C:\Program Files\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe
06:35:18.0276 7808 Norton Internet Security - ok
06:35:18.0316 7808 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
06:35:18.0376 7808 Npfs - ok
06:35:18.0464 7808 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
06:35:18.0520 7808 nsi - ok
06:35:18.0553 7808 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
06:35:18.0665 7808 nsiproxy - ok
06:35:18.0722 7808 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
06:35:18.0814 7808 Ntfs - ok
06:35:18.0853 7808 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
06:35:18.0962 7808 ntrigdigi - ok
06:35:18.0986 7808 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
06:35:19.0052 7808 Null - ok
06:35:19.0114 7808 [ AE78A7285DF03A277415FC62F8CE8F24 ] NVENETFD C:\Windows\system32\DRIVERS\nvmfdx32.sys
06:35:19.0191 7808 NVENETFD - ok
06:35:19.0308 7808 [ B0DD52428BF564F5FC5EE331060BE2A6 ] NVHDA C:\Windows\system32\drivers\nvhda32v.sys
06:35:19.0325 7808 NVHDA - ok
06:35:19.0652 7808 [ 9DAC05D828E56801FD6CE5FDFCED64AF ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
06:35:20.0268 7808 nvlddmkm - ok
06:35:20.0314 7808 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
06:35:20.0338 7808 nvraid - ok
06:35:20.0372 7808 [ 0FB6BF3AB170FC5BD403D25E134EAFDE ] nvsmu C:\Windows\system32\DRIVERS\nvsmu.sys
06:35:20.0433 7808 nvsmu - ok
06:35:20.0478 7808 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
06:35:20.0499 7808 nvstor - ok
06:35:20.0538 7808 [ 51E7F2C26B6ECE61C5241F1F731EAB2B ] nvsvc C:\Windows\system32\nvvsvc.exe
06:35:20.0567 7808 nvsvc - ok
06:35:20.0679 7808 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
06:35:20.0704 7808 nv_agp - ok
06:35:20.0714 7808 NwlnkFlt - ok
06:35:20.0728 7808 NwlnkFwd - ok
06:35:20.0882 7808 [ 1F0E05DFF4F5A833168E49BE1256F002 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
06:35:20.0924 7808 odserv - ok
06:35:20.0970 7808 [ 790E27C3DB53410B40FF9EF2FD10A1D9 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
06:35:21.0060 7808 ohci1394 - ok
06:35:21.0098 7808 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
06:35:21.0120 7808 ose - ok
06:35:21.0226 7808 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
06:35:21.0326 7808 p2pimsvc - ok
06:35:21.0415 7808 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
06:35:21.0463 7808 p2psvc - ok
06:35:21.0553 7808 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
06:35:21.0678 7808 Parport - ok
06:35:21.0715 7808 [ 57389FA59A36D96B3EB09D0CB91E9CDC ] partmgr C:\Windows\system32\drivers\partmgr.sys
06:35:21.0740 7808 partmgr - ok
06:35:21.0759 7808 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
06:35:21.0868 7808 Parvdm - ok
06:35:21.0952 7808 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
06:35:22.0037 7808 PcaSvc - ok
06:35:22.0134 7808 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
06:35:22.0162 7808 pci - ok
06:35:22.0182 7808 [ 1636D43F10416AEB483BC6001097B26C ] pciide C:\Windows\system32\drivers\pciide.sys
06:35:22.0203 7808 pciide - ok
06:35:22.0263 7808 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
06:35:22.0291 7808 pcmcia - ok
06:35:22.0370 7808 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
06:35:22.0530 7808 PEAUTH - ok
06:35:22.0713 7808 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
06:35:22.0890 7808 pla - ok
06:35:23.0101 7808 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
06:35:23.0279 7808 PlugPlay - ok
06:35:23.0336 7808 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
06:35:23.0383 7808 PNRPAutoReg - ok
06:35:23.0470 7808 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
06:35:23.0519 7808 PNRPsvc - ok
06:35:23.0658 7808 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
06:35:23.0732 7808 PolicyAgent - ok
06:35:23.0834 7808 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
06:35:23.0905 7808 PptpMiniport - ok
06:35:23.0983 7808 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\DRIVERS\processr.sys
06:35:24.0133 7808 Processor - ok
06:35:24.0172 7808 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
06:35:24.0221 7808 ProfSvc - ok
06:35:24.0240 7808 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
06:35:24.0303 7808 ProtectedStorage - ok
06:35:24.0388 7808 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
06:35:24.0430 7808 PSched - ok
06:35:24.0560 7808 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
06:35:24.0713 7808 ql2300 - ok
06:35:24.0806 7808 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
06:35:24.0832 7808 ql40xx - ok
06:35:24.0950 7808 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
06:35:25.0006 7808 QWAVE - ok
06:35:25.0024 7808 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
06:35:25.0052 7808 QWAVEdrv - ok
06:35:25.0122 7808 [ 70DBDAB246C18B78E2200D6401D038BE ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
06:35:25.0181 7808 RapiMgr - ok
06:35:25.0275 7808 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
06:35:25.0329 7808 RasAcd - ok
06:35:25.0356 7808 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
06:35:25.0428 7808 RasAuto - ok
06:35:25.0474 7808 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
06:35:25.0554 7808 Rasl2tp - ok
06:35:25.0594 7808 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
06:35:25.0662 7808 RasMan - ok
06:35:25.0765 7808 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
06:35:25.0808 7808 RasPppoe - ok
06:35:25.0841 7808 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
06:35:25.0869 7808 RasSstp - ok
06:35:25.0911 7808 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
06:35:25.0960 7808 rdbss - ok
06:35:25.0994 7808 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
06:35:26.0048 7808 RDPCDD - ok
06:35:26.0129 7808 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
06:35:26.0192 7808 rdpdr - ok
06:35:26.0202 7808 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
06:35:26.0292 7808 RDPENCDD - ok
06:35:26.0359 7808 [ 30BFBDFB7F95559EDE971F9DDB9A00BA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
06:35:26.0450 7808 RDPWD - ok
06:35:26.0585 7808 [ 0D362785BEF9BDF5A6E1F4628D06716D ] Recovery Service for Windows C:\Program Files\SMINST\BLService.exe
06:35:26.0673 7808 Recovery Service for Windows - ok
06:35:26.0719 7808 [ 6799A96873BF74F5C640B02CA04AA50C ] RegFilter C:\Program Files\IObit\IObit Malware Fighter\drivers\wlh_x86\regfilter.sys
06:35:26.0737 7808 RegFilter - ok
06:35:26.0837 7808 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
06:35:26.0897 7808 RemoteAccess - ok
06:35:26.0939 7808 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
06:35:27.0001 7808 RemoteRegistry - ok
06:35:27.0119 7808 [ A1E255CC092CB760753969F4BC3F51E3 ] Response Hardware C:\Program Files\SMART Technologies\SMART Response\ResponseHardwareService.exe
06:35:27.0137 7808 Response Hardware - ok
06:35:27.0193 7808 [ 805AE1F90C64758D19AAA001CF8CBA12 ] RichVideo C:\Program Files\CyberLink\Shared files\RichVideo.exe
06:35:27.0232 7808 RichVideo ( UnsignedFile.Multi.Generic ) - warning
06:35:27.0232 7808 RichVideo - detected UnsignedFile.Multi.Generic (1)
06:35:27.0258 7808 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
06:35:27.0334 7808 RpcLocator - ok
06:35:27.0401 7808 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\System32\rpcss.dll
06:35:27.0459 7808 RpcSs - ok
06:35:27.0551 7808 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
06:35:27.0609 7808 rspndr - ok
06:35:27.0647 7808 [ 8DAB5975B5C7923D61506A48E251DBAD ] RTSTOR C:\Windows\system32\drivers\RTSTOR.SYS
06:35:27.0710 7808 RTSTOR - ok
06:35:27.0750 7808 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
06:35:27.0775 7808 SamSs - ok
06:35:27.0898 7808 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
06:35:27.0915 7808 SASDIFSV - ok
06:35:27.0929 7808 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
06:35:27.0948 7808 SASKUTIL - ok
06:35:27.0980 7808 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
06:35:28.0003 7808 sbp2port - ok
06:35:28.0036 7808 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
06:35:28.0096 7808 SCardSvr - ok
06:35:28.0141 7808 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
06:35:28.0280 7808 Schedule - ok
06:35:28.0375 7808 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
06:35:28.0417 7808 SCPolicySvc - ok
06:35:28.0473 7808 [ 126EA89BCC413EE45E3004FB0764888F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
06:35:28.0561 7808 sdbus - ok
06:35:28.0673 7808 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
06:35:28.0750 7808 SDRSVC - ok
06:35:28.0773 7808 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
06:35:28.0881 7808 secdrv - ok
06:35:29.0357 7808 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
06:35:29.0422 7808 seclogon - ok
06:35:29.0443 7808 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\system32\sens.dll
06:35:29.0518 7808 SENS - ok
06:35:29.0630 7808 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
06:35:29.0725 7808 Serenum - ok
06:35:29.0757 7808 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
06:35:29.0895 7808 Serial - ok
06:35:29.0961 7808 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
06:35:30.0017 7808 sermouse - ok
06:35:30.0071 7808 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
06:35:30.0174 7808 SessionEnv - ok
06:35:30.0198 7808 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
06:35:30.0253 7808 sffdisk - ok
06:35:30.0274 7808 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
06:35:30.0331 7808 sffp_mmc - ok
06:35:30.0354 7808 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
06:35:30.0409 7808 sffp_sd - ok
06:35:30.0426 7808 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
06:35:30.0537 7808 sfloppy - ok
06:35:30.0771 7808 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
06:35:30.0850 7808 SharedAccess - ok
06:35:30.0961 7808 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
06:35:31.0021 7808 ShellHWDetection - ok
06:35:31.0148 7808 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
06:35:31.0170 7808 sisagp - ok
06:35:31.0249 7808 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
06:35:31.0270 7808 SiSRaid2 - ok
06:35:31.0288 7808 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
06:35:31.0312 7808 SiSRaid4 - ok
06:35:31.0435 7808 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
06:35:32.0069 7808 slsvc - ok
06:35:32.0148 7808 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
06:35:32.0278 7808 SLUINotify - ok
06:35:32.0474 7808 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
06:35:32.0531 7808 Smb - ok
06:35:32.0572 7808 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
06:35:32.0601 7808 SNMPTRAP - ok
06:35:32.0617 7808 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
06:35:32.0638 7808 spldr - ok
06:35:32.0672 7808 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
06:35:32.0728 7808 Spooler - ok
06:35:32.0793 7808 [ E81F6CAEAB9AD5732E94C07C97866AA2 ] SRTSP C:\Windows\System32\Drivers\NIS\1008030.006\SRTSP.SYS
06:35:32.0825 7808 SRTSP - ok
06:35:32.0862 7808 [ E28DE499D942B08058BFFAC69D4122B6 ] SRTSPX C:\Windows\system32\drivers\NIS\1008030.006\SRTSPX.SYS
06:35:32.0879 7808 SRTSPX - ok
06:35:32.0918 7808 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
06:35:32.0982 7808 srv - ok
06:35:33.0010 7808 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
06:35:33.0068 7808 srv2 - ok
06:35:33.0110 7808 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
06:35:33.0311 7808 srvnet - ok
06:35:33.0555 7808 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
06:35:33.0695 7808 SSDPSRV - ok
06:35:33.0761 7808 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
06:35:33.0871 7808 SstpSvc - ok
06:35:34.0025 7808 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
06:35:34.0140 7808 stisvc - ok
06:35:34.0243 7808 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
06:35:34.0262 7808 swenum - ok
06:35:34.0411 7808 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
06:35:34.0536 7808 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
06:35:34.0537 7808 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
06:35:34.0576 7808 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
06:35:34.0655 7808 swprv - ok
06:35:34.0679 7808 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
06:35:34.0700 7808 Symc8xx - ok
06:35:34.0709 7808 SYMDNS - ok
06:35:34.0753 7808 [ D0885F6E24259A6C65E68D6AD749910A ] SymEFA C:\Windows\system32\drivers\NIS\1008030.006\SYMEFA.SYS
06:35:34.0786 7808 SymEFA - ok
06:35:34.0819 7808 [ A54FF04BD6E75DC4D8CB6F3E352635E0 ] SymEvent C:\Windows\system32\Drivers\SYMEVENT.SYS
06:35:34.0839 7808 SymEvent - ok
06:35:34.0849 7808 SYMFW - ok
06:35:34.0878 7808 [ 34F1C9D5DCC19DF1E824D6B73767B8AF ] SymIM C:\Windows\system32\DRIVERS\SymIMv.sys
06:35:34.0895 7808 SymIM - ok
06:35:34.0945 7808 SYMNDISV - ok
06:35:34.0960 7808 SYMREDRV - ok
06:35:35.0018 7808 [ 26BC80EC79D7BA478249C266CBDF17B4 ] SYMTDI C:\Windows\System32\Drivers\NIS\1008030.006\SYMTDI.SYS
06:35:35.0045 7808 SYMTDI - ok
06:35:35.0072 7808 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
06:35:35.0134 7808 Sym_hi - ok
06:35:35.0150 7808 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
06:35:35.0170 7808 Sym_u3 - ok
06:35:35.0209 7808 [ 00B19F27858F56181EDB58B71A7C67A0 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
06:35:35.0236 7808 SynTP - ok
06:35:35.0298 7808 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
06:35:35.0381 7808 SysMain - ok
06:35:35.0448 7808 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
06:35:35.0499 7808 TabletInputService - ok
06:35:35.0598 7808 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
06:35:35.0650 7808 TapiSrv - ok
06:35:35.0669 7808 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
06:35:35.0738 7808 TBS - ok
06:35:35.0803 7808 [ A474879AFA4A596B3A531F3E69730DBF ] Tcpip C:\Windows\system32\drivers\tcpip.sys
06:35:35.0879 7808 Tcpip - ok
06:35:35.0936 7808 [ A474879AFA4A596B3A531F3E69730DBF ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
06:35:35.0994 7808 Tcpip6 - ok
06:35:36.0027 7808 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
06:35:36.0068 7808 tcpipreg - ok
06:35:36.0102 7808 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
06:35:36.0156 7808 TDPIPE - ok
06:35:36.0249 7808 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
06:35:36.0309 7808 TDTCP - ok
06:35:36.0341 7808 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
06:35:36.0385 7808 tdx - ok
06:35:36.0414 7808 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
06:35:36.0437 7808 TermDD - ok
06:35:36.0484 7808 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
06:35:36.0554 7808 TermService - ok
06:35:36.0647 7808 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
06:35:36.0678 7808 Themes - ok
06:35:36.0696 7808 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
06:35:36.0752 7808 THREADORDER - ok
06:35:36.0773 7808 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
06:35:36.0849 7808 TrkWks - ok
06:35:36.0890 7808 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
06:35:36.0946 7808 TrustedInstaller - ok
06:35:36.0993 7808 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
06:35:37.0062 7808 tssecsrv - ok
06:35:37.0088 7808 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
06:35:37.0152 7808 tunmp - ok
06:35:37.0201 7808 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
06:35:37.0234 7808 tunnel - ok
06:35:37.0302 7808 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
06:35:37.0324 7808 uagp35 - ok
06:35:37.0379 7808 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
06:35:37.0429 7808 udfs - ok
06:35:37.0472 7808 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
06:35:37.0540 7808 UI0Detect - ok
06:35:37.0570 7808 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
06:35:37.0591 7808 uliagpkx - ok
06:35:37.0623 7808 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
06:35:37.0656 7808 uliahci - ok
06:35:37.0679 7808 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
06:35:37.0703 7808 UlSata - ok
06:35:37.0716 7808 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
06:35:37.0740 7808 ulsata2 - ok
06:35:37.0757 7808 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
06:35:37.0811 7808 umbus - ok
06:35:37.0835 7808 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
06:35:37.0914 7808 upnphost - ok
06:35:37.0938 7808 [ 115D1FC230548904DEA317867C924C4A ] UrlFilter C:\Program Files\IObit\IObit Malware Fighter\drivers\wlh_x86\UrlFilter.sys
06:35:37.0954 7808 UrlFilter - ok
06:35:37.0997 7808 [ 32DB9517628FF0D070682AAB61E688F0 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
06:35:38.0040 7808 usbaudio - ok
06:35:38.0077 7808 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
06:35:38.0135 7808 usbccgp - ok
06:35:38.0185 7808 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
06:35:38.0315 7808 usbcir - ok
06:35:38.0421 7808 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
06:35:38.0464 7808 usbehci - ok
06:35:38.0490 7808 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
06:35:38.0541 7808 usbhub - ok
06:35:38.0564 7808 [ CE697FEE0D479290D89BEC80DFE793B7 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
06:35:38.0620 7808 usbohci - ok
06:35:38.0737 7808 [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint C:\Windows\system32\drivers\usbprint.sys
06:35:38.0896 7808 usbprint - ok
06:35:38.0915 7808 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
06:35:38.0958 7808 USBSTOR - ok
06:35:38.0975 7808 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
06:35:39.0031 7808 usbuhci - ok
06:35:39.0110 7808 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
06:35:39.0203 7808 usbvideo - ok
06:35:39.0239 7808 [ 35C9095FA7076466AFBFC5B9EC4B779E ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
06:35:39.0280 7808 usb_rndisx - ok
06:35:39.0314 7808 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
06:35:39.0359 7808 UxSms - ok
06:35:39.0481 7808 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
06:35:39.0552 7808 vds - ok
06:35:39.0672 7808 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
06:35:39.0742 7808 vga - ok
06:35:39.0759 7808 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
06:35:39.0825 7808 VgaSave - ok
06:35:39.0865 7808 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
06:35:39.0888 7808 viaagp - ok
06:35:39.0917 7808 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
06:35:39.0982 7808 ViaC7 - ok
06:35:40.0004 7808 [ EA1AA6E3ABB3C194FEBA12A46DE8CF2C ] viaide C:\Windows\system32\drivers\viaide.sys
06:35:40.0024 7808 viaide - ok
06:35:40.0137 7808 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
06:35:40.0158 7808 volmgr - ok
06:35:40.0194 7808 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
06:35:40.0229 7808 volmgrx - ok
06:35:40.0273 7808 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys
06:35:40.0308 7808 volsnap - ok
06:35:40.0327 7808 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
06:35:40.0352 7808 vsmraid - ok
06:35:40.0409 7808 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
06:35:40.0561 7808 VSS - ok
06:35:40.0593 7808 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
06:35:40.0664 7808 W32Time - ok
06:35:40.0893 7808 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
06:35:40.0990 7808 WacomPen - ok
06:35:41.0009 7808 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
06:35:41.0051 7808 Wanarp - ok
06:35:41.0060 7808 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
06:35:41.0100 7808 Wanarpv6 - ok
06:35:41.0131 7808 [ 779F9C90D3FE9C70B6FFD8EF035F3E83 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
06:35:41.0218 7808 WcesComm - ok
06:35:41.0289 7808 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
06:35:41.0370 7808 wcncsvc - ok
06:35:41.0418 7808 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
06:35:41.0466 7808 WcsPlugInService - ok
06:35:41.0501 7808 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
06:35:41.0524 7808 Wd - ok
06:35:41.0578 7808 [ D6EFAF429FD30C5DF613D220E344CCE7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam.sys
06:35:41.0692 7808 WDC_SAM - ok
06:35:41.0748 7808 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
06:35:41.0802 7808 Wdf01000 - ok
06:35:41.0899 7808 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
06:35:41.0958 7808 WdiServiceHost - ok
06:35:41.0966 7808 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
06:35:42.0024 7808 WdiSystemHost - ok
06:35:42.0138 7808 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
06:35:42.0185 7808 WebClient - ok
06:35:42.0215 7808 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
06:35:42.0273 7808 Wecsvc - ok
06:35:42.0389 7808 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
06:35:42.0448 7808 wercplsupport - ok
06:35:42.0475 7808 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
06:35:42.0570 7808 WerSvc - ok
06:35:42.0610 7808 [ 0ACD399F5DB3DF1B58903CF4949AB5A8 ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys
06:35:42.0720 7808 winachsf - ok
06:35:42.0824 7808 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
06:35:42.0856 7808 WinDefend - ok
06:35:42.0870 7808 WinHttpAutoProxySvc - ok
06:35:42.0998 7808 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
06:35:43.0045 7808 Winmgmt - ok
06:35:43.0112 7808 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
06:35:43.0307 7808 WinRM - ok
06:35:43.0657 7808 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
06:35:44.0000 7808 Wlansvc - ok
06:35:44.0432 7808 [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
06:35:44.0598 7808 wlidsvc - ok
06:35:44.0628 7808 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
06:35:44.0700 7808 WmiAcpi - ok
06:35:44.0747 7808 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
06:35:44.0846 7808 wmiApSrv - ok
06:35:44.0915 7808 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
06:35:45.0032 7808 WMPNetworkSvc - ok
06:35:45.0062 7808 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
06:35:45.0133 7808 WPCSvc - ok
06:35:45.0241 7808 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
06:35:45.0340 7808 WPDBusEnum - ok
06:35:45.0389 7808 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
06:35:45.0433 7808 WpdUsb - ok
06:35:45.0529 7808 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
06:35:45.0599 7808 WPFFontCache_v0400 - ok
06:35:45.0699 7808 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
06:35:45.0761 7808 ws2ifsl - ok
06:35:45.0791 7808 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\system32\wscsvc.dll
06:35:45.0833 7808 wscsvc - ok
06:35:45.0843 7808 WSearch - ok
06:35:45.0939 7808 [ 6298277B73C77FA99106B271A7525163 ] wuauserv C:\Windows\system32\wuaueng.dll
06:35:46.0136 7808 wuauserv - ok
06:35:46.0193 7808 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
06:35:46.0258 7808 WUDFRd - ok
06:35:46.0325 7808 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
06:35:46.0388 7808 wudfsvc - ok
06:35:46.0422 7808 [ DAB33CFA9DD24251AAA389FF36B64D4B ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys
06:35:46.0458 7808 XAudio - ok
06:35:46.0491 7808 [ CD5F291A1161F15896D1A4D63DAFF5DF ] XAudioService C:\Windows\system32\DRIVERS\xaudio.exe
06:35:46.0544 7808 XAudioService - ok
06:35:46.0650 7808 [ 7D1F3B131D503EF43EE594B5A2B9B427 ] yukonwlh C:\Windows\system32\DRIVERS\yk60x86.sys
06:35:46.0755 7808 yukonwlh - ok
06:35:46.0787 7808 ================ Scan global ===============================
06:35:46.0843 7808 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
06:35:46.0891 7808 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
06:35:46.0936 7808 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
06:35:46.0985 7808 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
06:35:46.0999 7808 [Global] - ok
06:35:47.0000 7808 ================ Scan MBR ==================================
06:35:47.0011 7808 [ 588AE8F0C685C02BA11F30D9CD7E61A0 ] \Device\Harddisk0\DR0
06:35:47.0421 7808 \Device\Harddisk0\DR0 - ok
06:35:47.0422 7808 ================ Scan VBR ==================================
06:35:47.0429 7808 [ 34B2549E0F0DE0F0E628362E6FFB157C ] \Device\Harddisk0\DR0\Partition1
06:35:47.0433 7808 \Device\Harddisk0\DR0\Partition1 - ok
06:35:47.0442 7808 [ 956E4B6C738615C5520A4AEAA9F9A63A ] \Device\Harddisk0\DR0\Partition2
06:35:47.0445 7808 \Device\Harddisk0\DR0\Partition2 - ok
06:35:47.0448 7808 ============================================================
06:35:47.0448 7808 Scan finished
06:35:47.0448 7808 ============================================================
06:35:47.0479 7784 Detected object count: 8
06:35:47.0479 7784 Actual detected object count: 8
06:36:04.0681 7784 BVRPMPR5 ( UnsignedFile.Multi.Generic ) - skipped by user
06:36:04.0681 7784 BVRPMPR5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:36:04.0682 7784 EPSON_EB_RPCV4_01 ( UnsignedFile.Multi.Generic ) - skipped by user
06:36:04.0682 7784 EPSON_EB_RPCV4_01 ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:36:04.0690 7784 EPSON_PM_RPCV4_01 ( UnsignedFile.Multi.Generic ) - skipped by user
06:36:04.0690 7784 EPSON_PM_RPCV4_01 ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:36:04.0691 7784 HP Health Check Service ( UnsignedFile.Multi.Generic ) - skipped by user
06:36:04.0691 7784 HP Health Check Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:36:04.0706 7784 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
06:36:04.0706 7784 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:36:04.0716 7784 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
06:36:04.0716 7784 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:36:04.0723 7784 RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user
06:36:04.0723 7784 RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:36:04.0729 7784 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
06:36:04.0729 7784 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:45:00.0505 7616 ============================================================
11:45:00.0505 7616 Scan started
11:45:00.0505 7616 Mode: Manual; SigCheck; TDLFS;
11:45:00.0505 7616 ============================================================
11:45:05.0310 7616 ================ Scan system memory ========================
11:45:05.0310 7616 System memory - ok
11:45:05.0311 7616 ================ Scan services =============================
11:45:05.0398 7616 [ C0393EB99A6C72C6BEF9BFC4A72B33A6 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
11:45:05.0435 7616 !SASCORE - ok
11:45:05.0602 7616 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
11:45:05.0637 7616 ACPI - ok
11:45:05.0677 7616 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
11:45:05.0719 7616 adp94xx - ok
11:45:05.0738 7616 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
11:45:05.0768 7616 adpahci - ok
11:45:05.0794 7616 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
11:45:05.0816 7616 adpu160m - ok
11:45:05.0843 7616 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
11:45:05.0867 7616 adpu320 - ok
11:45:05.0933 7616 [ 96D6CDD0B32846E8CFBE592F4F32E608 ] AdvancedSystemCareService5 C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
11:45:06.0006 7616 AdvancedSystemCareService5 - ok
11:45:06.0051 7616 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
11:45:06.0104 7616 AeLookupSvc - ok
11:45:06.0151 7616 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
11:45:06.0202 7616 AFD - ok
11:45:06.0256 7616 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
11:45:06.0275 7616 agp440 - ok
11:45:06.0310 7616 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
11:45:06.0333 7616 aic78xx - ok
11:45:06.0363 7616 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
11:45:06.0416 7616 ALG - ok
11:45:06.0433 7616 [ 3D76FDA1A10ACC3DC84728F55C29B6D4 ] aliide C:\Windows\system32\drivers\aliide.sys
11:45:06.0451 7616 aliide - ok
11:45:06.0492 7616 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
11:45:06.0514 7616 amdagp - ok
11:45:06.0526 7616 [ 5B92E7839F5A1FBC1B39DE67758AD6F8 ] amdide C:\Windows\system32\drivers\amdide.sys
11:45:06.0544 7616 amdide - ok
11:45:06.0572 7616 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
11:45:06.0625 7616 AmdK7 - ok
11:45:06.0651 7616 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
11:45:06.0703 7616 AmdK8 - ok
11:45:06.0739 7616 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
11:45:06.0810 7616 Appinfo - ok
11:45:06.0863 7616 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
11:45:06.0884 7616 arc - ok
11:45:06.0904 7616 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
11:45:06.0924 7616 arcsas - ok
11:45:06.0950 7616 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
11:45:07.0002 7616 AsyncMac - ok
11:45:07.0034 7616 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
11:45:07.0055 7616 atapi - ok
11:45:07.0115 7616 [ 600EFE56F37ADBD65A0FB076B50D1B8D ] athr C:\Windows\system32\DRIVERS\athr.sys
11:45:07.0215 7616 athr - ok
11:45:07.0352 7616 [ 44FA26470D4C8123CCF71F4200B782D3 ] athrusb C:\Windows\system32\DRIVERS\athrusb.sys
11:45:07.0586 7616 athrusb - ok
11:45:07.0636 7616 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:45:07.0685 7616 AudioEndpointBuilder - ok
11:45:07.0698 7616 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
11:45:07.0744 7616 Audiosrv - ok
11:45:07.0781 7616 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
11:45:07.0841 7616 Beep - ok
11:45:07.0929 7616 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
11:45:08.0063 7616 BFE - ok
11:45:08.0177 7616 [ 76154FA6A742C613B44BB636B1A7C057 ] BHDrvx86 C:\Windows\System32\Drivers\NIS\1008030.006\BHDrvx86.sys
11:45:08.0206 7616 BHDrvx86 - ok
11:45:08.0268 7616 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\system32\qmgr.dll
11:45:08.0366 7616 BITS - ok
11:45:08.0444 7616 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
11:45:08.0522 7616 blbdrive - ok
11:45:08.0555 7616 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
11:45:08.0617 7616 bowser - ok
11:45:08.0679 7616 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
11:45:08.0719 7616 BrFiltLo - ok
11:45:08.0743 7616 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
11:45:08.0785 7616 BrFiltUp - ok
11:45:08.0821 7616 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
11:45:08.0876 7616 Browser - ok
11:45:08.0911 7616 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
11:45:09.0021 7616 Brserid - ok
11:45:09.0041 7616 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
11:45:09.0146 7616 BrSerWdm - ok
11:45:09.0196 7616 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
11:45:09.0298 7616 BrUsbMdm - ok
11:45:09.0324 7616 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
11:45:09.0433 7616 BrUsbSer - ok
11:45:09.0465 7616 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
11:45:09.0581 7616 BTHMODEM - ok
11:45:09.0624 7616 [ 248DFA5762DDE38DFDDBBD44149E9D7A ] BVRPMPR5 C:\Windows\system32\drivers\BVRPMPR5.SYS
11:45:09.0639 7616 BVRPMPR5 ( UnsignedFile.Multi.Generic ) - warning
11:45:09.0639 7616 BVRPMPR5 - detected UnsignedFile.Multi.Generic (1)
11:45:09.0745 7616 catchme - ok
11:45:09.0799 7616 [ 3182B846490DC4D71FABD4A8CB6B73EA ] ccHP C:\Windows\System32\Drivers\NIS\1008030.006\ccHPx86.sys
11:45:09.0850 7616 ccHP - ok
11:45:09.0889 7616 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
11:45:09.0946 7616 cdfs - ok
11:45:09.0995 7616 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
11:45:10.0037 7616 cdrom - ok
11:45:10.0073 7616 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
11:45:10.0115 7616 CertPropSvc - ok
11:45:10.0163 7616 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys
11:45:10.0219 7616 circlass - ok
11:45:10.0275 7616 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
11:45:10.0314 7616 CLFS - ok
11:45:10.0441 7616 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:45:10.0462 7616 clr_optimization_v2.0.50727_32 - ok
11:45:10.0834 7616 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:45:10.0863 7616 clr_optimization_v4.0.30319_32 - ok
11:45:10.0969 7616 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
11:45:11.0023 7616 CmBatt - ok
11:45:11.0046 7616 [ D36372A6EA6805EFBE8884D10772313F ] cmdide C:\Windows\system32\drivers\cmdide.sys
11:45:11.0065 7616 cmdide - ok
11:45:11.0098 7616 [ 1ADF6F4852E7D7E2E8AC481BDB970586 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT32.sys
11:45:11.0164 7616 CnxtHdAudService - ok
11:45:11.0250 7616 [ 7795F8CEBC284A426B53F541E538695F ] Com4QLBEx C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
11:45:11.0273 7616 Com4QLBEx - ok
11:45:11.0300 7616 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
11:45:11.0319 7616 Compbatt - ok
11:45:11.0330 7616 COMSysApp - ok
11:45:11.0346 7616 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
11:45:11.0365 7616 crcdisk - ok
11:45:11.0395 7616 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
11:45:11.0450 7616 Crusoe - ok
11:45:11.0502 7616 [ FB27772BEAF8E1D28CCD825C09DA939B ] CryptSvc C:\Windows\system32\cryptsvc.dll
11:45:11.0552 7616 CryptSvc - ok
11:45:11.0609 7616 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
11:45:11.0740 7616 DcomLaunch - ok
11:45:11.0823 7616 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
11:45:11.0868 7616 DfsC - ok
11:45:12.0019 7616 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
11:45:12.0257 7616 DFSR - ok
11:45:12.0430 7616 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
11:45:12.0477 7616 Dhcp - ok
11:45:12.0508 7616 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
11:45:12.0560 7616 disk - ok
11:45:12.0649 7616 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
11:45:12.0766 7616 Dnscache - ok
11:45:12.0819 7616 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
11:45:12.0868 7616 dot3svc - ok
11:45:12.0897 7616 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
11:45:12.0956 7616 DPS - ok
11:45:12.0993 7616 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
11:45:13.0034 7616 drmkaud - ok
11:45:13.0087 7616 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
11:45:13.0200 7616 DXGKrnl - ok
11:45:13.0253 7616 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
11:45:13.0309 7616 E1G60 - ok
11:45:13.0355 7616 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
11:45:13.0400 7616 EapHost - ok
11:45:13.0443 7616 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
11:45:13.0470 7616 Ecache - ok
11:45:13.0540 7616 [ 70AEAC5D481B2904B40F2173E280B1B5 ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
11:45:13.0580 7616 eeCtrl - ok
11:45:13.0704 7616 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
11:45:13.0738 7616 ehRecvr - ok
11:45:13.0753 7616 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
11:45:13.0783 7616 ehSched - ok
11:45:13.0800 7616 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
11:45:13.0836 7616 ehstart - ok
11:45:13.0875 7616 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
11:45:13.0913 7616 elxstor - ok
11:45:13.0966 7616 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
11:45:14.0020 7616 EMDMgmt - ok
11:45:14.0162 7616 [ EC6A73CD8413F68655E5E0B99C415A21 ] EPSON_EB_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE
11:45:14.0178 7616 EPSON_EB_RPCV4_01 ( UnsignedFile.Multi.Generic ) - warning
11:45:14.0179 7616 EPSON_EB_RPCV4_01 - detected UnsignedFile.Multi.Generic (1)
11:45:14.0197 7616 [ 8FE6AB59CAB8F2C038FEA9522A5EEBA7 ] EPSON_PM_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
11:45:14.0211 7616 EPSON_PM_RPCV4_01 ( UnsignedFile.Multi.Generic ) - warning
11:45:14.0211 7616 EPSON_PM_RPCV4_01 - detected UnsignedFile.Multi.Generic (1)
11:45:14.0243 7616 [ 00BD6FC4A873D3341DCF9AEF2D3C841E ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
11:45:14.0263 7616 EraserUtilRebootDrv - ok
11:45:14.0281 7616 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
11:45:14.0348 7616 ErrDev - ok
11:45:14.0416 7616 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
11:45:14.0466 7616 EventSystem - ok
11:45:14.0524 7616 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
11:45:14.0574 7616 exfat - ok
11:45:14.0625 7616 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
11:45:14.0669 7616 fastfat - ok
11:45:14.0703 7616 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
11:45:14.0757 7616 fdc - ok
11:45:14.0790 7616 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
11:45:14.0843 7616 fdPHost - ok
11:45:14.0861 7616 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
11:45:14.0962 7616 FDResPub - ok
11:45:14.0983 7616 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
11:45:15.0005 7616 FileInfo - ok
11:45:15.0071 7616 [ 8A231081166D912D5EF4E525F5A1CB7B ] FileMonitor C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_x86\FileMonitor.sys
11:45:15.0087 7616 FileMonitor - ok
11:45:15.0116 7616 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
11:45:15.0172 7616 Filetrace - ok
11:45:15.0194 7616 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
11:45:15.0247 7616 flpydisk - ok
11:45:15.0281 7616 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
11:45:15.0310 7616 FltMgr - ok
11:45:15.0361 7616 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
11:45:15.0432 7616 FontCache - ok
11:45:15.0514 7616 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
11:45:15.0533 7616 FontCache3.0.0.0 - ok
11:45:15.0586 7616 [ 65EA8B77B5851854F0C55C43FA51A198 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
11:45:15.0628 7616 Fs_Rec - ok
11:45:15.0654 7616 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
11:45:15.0675 7616 gagp30kx - ok
11:45:15.0731 7616 [ 617DC2877015270914CA3C03873560D5 ] GameConsoleService C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
11:45:15.0754 7616 GameConsoleService - ok
11:45:15.0799 7616 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
11:45:15.0867 7616 gpsvc - ok
11:45:16.0018 7616 [ CC839E8D766CC31A7710C9F38CF3E375 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
11:45:16.0043 7616 gusvc - ok
11:45:16.0148 7616 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:45:16.0287 7616 HdAudAddService - ok
11:45:16.0338 7616 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
11:45:16.0410 7616 HDAudBus - ok
11:45:16.0470 7616 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
11:45:16.0566 7616 HidBth - ok
11:45:16.0583 7616 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
11:45:16.0681 7616 HidIr - ok
11:45:16.0708 7616 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\System32\hidserv.dll
11:45:16.0735 7616 hidserv - ok
11:45:16.0762 7616 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
11:45:16.0804 7616 HidUsb - ok
11:45:16.0842 7616 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
11:45:16.0902 7616 hkmsvc - ok
11:45:16.0945 7616 [ A19B0BB5A7EB6DF2DD4A0711D36955EE ] HP Health Check Service c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
11:45:16.0959 7616 HP Health Check Service ( UnsignedFile.Multi.Generic ) - warning
11:45:16.0960 7616 HP Health Check Service - detected UnsignedFile.Multi.Generic (1)
11:45:16.0975 7616 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
11:45:16.0995 7616 HpCISSs - ok
11:45:17.0029 7616 [ 35956140E686D53BF676CF0C778880FC ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
11:45:17.0074 7616 HpqKbFiltr - ok
11:45:17.0130 7616 [ 1665C7121A026DF10C903DB9BC5E9D43 ] hpqwmiex C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
11:45:17.0152 7616 hpqwmiex - ok
11:45:17.0204 7616 [ CC267848CB3508E72762BE65734E764D ] HSF_DPV C:\Windows\system32\DRIVERS\HSX_DPV.sys
11:45:17.0300 7616 HSF_DPV - ok
11:45:17.0335 7616 [ A2882945CC4B6E3E4E9E825590438888 ] HSXHWAZL C:\Windows\system32\DRIVERS\HSXHWAZL.sys
11:45:17.0445 7616 HSXHWAZL - ok
11:45:17.0488 7616 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
11:45:17.0551 7616 HTTP - ok
11:45:17.0615 7616 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
11:45:17.0635 7616 i2omp - ok
11:45:17.0652 7616 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
11:45:17.0694 7616 i8042prt - ok
11:45:17.0719 7616 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
11:45:17.0750 7616 iaStorV - ok
11:45:17.0811 7616 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
11:45:17.0827 7616 IDriverT ( UnsignedFile.Multi.Generic ) - warning
11:45:17.0827 7616 IDriverT - detected UnsignedFile.Multi.Generic (1)
11:45:17.0929 7616 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:45:18.0012 7616 idsvc - ok
11:45:18.0096 7616 [ 1B7363491BBBC1DCA7C7E48B30A5658B ] IDSVix86 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20090709.001\IDSvix86.sys
11:45:18.0126 7616 IDSVix86 - ok
11:45:18.0150 7616 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
11:45:18.0170 7616 iirsp - ok
11:45:18.0215 7616 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
11:45:18.0282 7616 IKEEXT - ok
11:45:18.0338 7616 [ F36A072F5D7DDF5CFADDB8FD384D6C65 ] IMFservice C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
11:45:18.0409 7616 IMFservice - ok
11:45:18.0450 7616 [ DD512A049BD7B4BCE8A83554C5EFF2C1 ] intelide C:\Windows\system32\drivers\intelide.sys
11:45:18.0469 7616 intelide - ok
11:45:18.0488 7616 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
11:45:18.0542 7616 intelppm - ok
11:45:18.0579 7616 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
11:45:18.0638 7616 IPBusEnum - ok
11:45:18.0666 7616 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:45:18.0723 7616 IpFilterDriver - ok
11:45:18.0756 7616 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
11:45:18.0818 7616 iphlpsvc - ok
11:45:18.0828 7616 IpInIp - ok
11:45:18.0865 7616 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
11:45:18.0921 7616 IPMIDRV - ok
11:45:18.0955 7616 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
11:45:19.0013 7616 IPNAT - ok
11:45:19.0045 7616 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
11:45:19.0098 7616 IRENUM - ok
11:45:19.0122 7616 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
11:45:19.0143 7616 isapnp - ok
11:45:19.0184 7616 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
11:45:19.0213 7616 iScsiPrt - ok
11:45:19.0233 7616 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
11:45:19.0252 7616 iteatapi - ok
11:45:19.0273 7616 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
11:45:19.0294 7616 iteraid - ok
11:45:19.0317 7616 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
11:45:19.0335 7616 kbdclass - ok
11:45:19.0351 7616 [ 18247836959BA67E3511B62846B9C2E0 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
11:45:19.0406 7616 kbdhid - ok
11:45:19.0431 7616 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
11:45:19.0494 7616 KeyIso - ok
11:45:19.0567 7616 [ 2B2F1638466E8CB091400C9019CC730E ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
11:45:19.0612 7616 KSecDD - ok
11:45:19.0711 7616 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
11:45:19.0786 7616 KtmRm - ok
11:45:19.0822 7616 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\System32\srvsvc.dll
11:45:19.0855 7616 LanmanServer - ok
11:45:19.0887 7616 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:45:19.0940 7616 LanmanWorkstation - ok
11:45:19.0987 7616 [ ABF90FC5A127F481219B873C1B8DFC1C ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
11:45:20.0000 7616 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
11:45:20.0000 7616 LightScribeService - detected UnsignedFile.Multi.Generic (1)
11:45:20.0030 7616 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
11:45:20.0085 7616 lltdio - ok
11:45:20.0133 7616 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
11:45:20.0197 7616 lltdsvc - ok
11:45:20.0232 7616 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
11:45:20.0328 7616 lmhosts - ok
11:45:20.0413 7616 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
11:45:20.0437 7616 LSI_FC - ok
11:45:20.0463 7616 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
11:45:20.0486 7616 LSI_SAS - ok
11:45:20.0499 7616 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
11:45:20.0523 7616 LSI_SCSI - ok
11:45:20.0541 7616 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
11:45:20.0598 7616 luafv - ok
11:45:20.0637 7616 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
11:45:20.0664 7616 Mcx2Svc - ok
11:45:20.0704 7616 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
11:45:20.0726 7616 mdmxsdk - ok
11:45:20.0746 7616 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
11:45:20.0766 7616 megasas - ok
11:45:20.0790 7616 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
11:45:20.0832 7616 MegaSR - ok
11:45:20.0926 7616 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
11:45:20.0997 7616 MMCSS - ok
11:45:21.0187 7616 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
11:45:21.0282 7616 Modem - ok
11:45:21.0328 7616 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
11:45:21.0382 7616 monitor - ok
11:45:21.0404 7616 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
11:45:21.0424 7616 mouclass - ok
11:45:21.0443 7616 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\drivers\mouhid.sys
11:45:21.0500 7616 mouhid - ok
11:45:21.0519 7616 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
11:45:21.0541 7616 MountMgr - ok
11:45:21.0582 7616 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
11:45:21.0605 7616 MozillaMaintenance - ok
11:45:21.0622 7616 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
11:45:21.0646 7616 mpio - ok
11:45:21.0662 7616 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
11:45:21.0703 7616 mpsdrv - ok
11:45:21.0743 7616 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
11:45:21.0812 7616 MpsSvc - ok
11:45:21.0837 7616 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
11:45:21.0856 7616 Mraid35x - ok
11:45:21.0913 7616 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
11:45:21.0946 7616 MRxDAV - ok
11:45:21.0999 7616 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
11:45:22.0051 7616 mrxsmb - ok
11:45:22.0102 7616 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:45:22.0135 7616 mrxsmb10 - ok
11:45:22.0156 7616 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:45:22.0185 7616 mrxsmb20 - ok
11:45:22.0226 7616 [ AA305CFF241DA187BD5077DE4A2A043D ] msahci C:\Windows\system32\drivers\msahci.sys
11:45:22.0246 7616 msahci - ok
11:45:22.0272 7616 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
11:45:22.0295 7616 msdsm - ok
11:45:22.0332 7616 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
11:45:22.0391 7616 MSDTC - ok
11:45:22.0421 7616 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
11:45:22.0480 7616 Msfs - ok
11:45:22.0501 7616 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
11:45:22.0519 7616 msisadrv - ok
11:45:22.0587 7616 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
11:45:22.0653 7616 MSiSCSI - ok
11:45:22.0677 7616 msiserver - ok
11:45:22.0719 7616 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
11:45:22.0772 7616 MSKSSRV - ok
11:45:22.0801 7616 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
11:45:22.0856 7616 MSPCLOCK - ok
11:45:22.0881 7616 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
11:45:22.0935 7616 MSPQM - ok
11:45:22.0970 7616 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
11:45:22.0999 7616 MsRPC - ok
11:45:23.0028 7616 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
11:45:23.0050 7616 mssmbios - ok
11:45:23.0068 7616 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
11:45:23.0123 7616 MSTEE - ok
11:45:23.0145 7616 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
11:45:23.0168 7616 Mup - ok
11:45:23.0214 7616 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
11:45:23.0280 7616 napagent - ok
11:45:23.0320 7616 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
11:45:23.0372 7616 NativeWifiP - ok
11:45:23.0433 7616 NAVENG - ok
11:45:23.0444 7616 NAVEX15 - ok
11:45:23.0513 7616 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
11:45:23.0555 7616 NDIS - ok
11:45:23.0639 7616 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
11:45:23.0681 7616 NdisTapi - ok
11:45:23.0709 7616 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
11:45:23.0772 7616 Ndisuio - ok
11:45:23.0815 7616 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
11:45:23.0860 7616 NdisWan - ok
11:45:23.0894 7616 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
11:45:23.0938 7616 NDProxy - ok
11:45:23.0969 7616 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
11:45:24.0026 7616 NetBIOS - ok
11:45:24.0078 7616 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
11:45:24.0136 7616 netbt - ok
11:45:24.0162 7616 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
11:45:24.0187 7616 Netlogon - ok
11:45:24.0236 7616 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
11:45:24.0325 7616 Netman - ok
11:45:24.0618 7616 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
11:45:24.0949 7616 netprofm - ok
11:45:25.0015 7616 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:45:25.0114 7616 NetTcpPortSharing - ok
11:45:25.0249 7616 [ 35D5458D9A1B26B2005ABFFBF4C1C5E7 ] NETw3v32 C:\Windows\system32\DRIVERS\NETw3v32.sys
11:45:25.0445 7616 NETw3v32 - ok
11:45:25.0512 7616 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
11:45:25.0535 7616 nfrd960 - ok
11:45:25.0576 7616 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
11:45:25.0638 7616 NlaSvc - ok
11:45:25.0706 7616 [ 64C89DB40949FD0E7C8FF303676A91F1 ] Norton Internet Security C:\Program Files\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe
11:45:25.0728 7616 Norton Internet Security - ok
11:45:25.0764 7616 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
11:45:25.0809 7616 Npfs - ok
11:45:25.0837 7616 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
11:45:25.0893 7616 nsi - ok
11:45:25.0926 7616 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
11:45:25.0981 7616 nsiproxy - ok
11:45:26.0052 7616 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
11:45:26.0150 7616 Ntfs - ok
11:45:26.0214 7616 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
11:45:26.0320 7616 ntrigdigi - ok
11:45:26.0359 7616 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
11:45:26.0417 7616 Null - ok
11:45:26.0649 7616 [ AE78A7285DF03A277415FC62F8CE8F24 ] NVENETFD C:\Windows\system32\DRIVERS\nvmfdx32.sys
11:45:27.0352 7616 NVENETFD - ok
11:45:27.0547 7616 [ B0DD52428BF564F5FC5EE331060BE2A6 ] NVHDA C:\Windows\system32\drivers\nvhda32v.sys
11:45:27.0575 7616 NVHDA - ok
11:45:27.0943 7616 [ 9DAC05D828E56801FD6CE5FDFCED64AF ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:45:28.0605 7616 nvlddmkm - ok
11:45:28.0642 7616 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
11:45:28.0666 7616 nvraid - ok
11:45:28.0712 7616 [ 0FB6BF3AB170FC5BD403D25E134EAFDE ] nvsmu C:\Windows\system32\DRIVERS\nvsmu.sys
11:45:28.0761 7616 nvsmu - ok
11:45:28.0818 7616 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
11:45:28.0839 7616 nvstor - ok
11:45:28.0933 7616 [ 51E7F2C26B6ECE61C5241F1F731EAB2B ] nvsvc C:\Windows\system32\nvvsvc.exe
11:45:28.0961 7616 nvsvc - ok
11:45:28.0999 7616 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
11:45:29.0033 7616 nv_agp - ok
11:45:29.0100 7616 NwlnkFlt - ok
11:45:29.0154 7616 NwlnkFwd - ok
11:45:29.0232 7616 [ 1F0E05DFF4F5A833168E49BE1256F002 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
11:45:29.0271 7616 odserv - ok
11:45:29.0343 7616 [ 790E27C3DB53410B40FF9EF2FD10A1D9 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
11:45:29.0408 7616 ohci1394 - ok
11:45:29.0481 7616 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:45:29.0505 7616 ose - ok
11:45:29.0566 7616 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
11:45:29.0843 7616 p2pimsvc - ok
11:45:29.0933 7616 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
11:45:29.0985 7616 p2psvc - ok
11:45:30.0081 7616 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
11:45:30.0204 7616 Parport - ok
11:45:30.0244 7616 [ 57389FA59A36D96B3EB09D0CB91E9CDC ] partmgr C:\Windows\system32\drivers\partmgr.sys
11:45:30.0266 7616 partmgr - ok
11:45:30.0299 7616 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
11:45:30.0395 7616 Parvdm - ok
11:45:30.0425 7616 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
11:45:30.0455 7616 PcaSvc - ok
11:45:30.0496 7616 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
11:45:30.0523 7616 pci - ok
11:45:30.0565 7616 [ 1636D43F10416AEB483BC6001097B26C ] pciide C:\Windows\system32\drivers\pciide.sys
11:45:30.0588 7616 pciide - ok
11:45:30.0647 7616 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
11:45:30.0674 7616 pcmcia - ok
11:45:30.0770 7616 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
11:45:31.0064 7616 PEAUTH - ok
11:45:31.0719 7616 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
11:45:31.0909 7616 pla - ok
11:45:31.0972 7616 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
11:45:32.0028 7616 PlugPlay - ok
11:45:32.0087 7616 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
11:45:32.0134 7616 PNRPAutoReg - ok
11:45:32.0232 7616 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
11:45:32.0280 7616 PNRPsvc - ok
11:45:32.0319 7616 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
11:45:32.0374 7616 PolicyAgent - ok
11:45:32.0418 7616 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
11:45:32.0472 7616 PptpMiniport - ok
11:45:32.0512 7616 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\DRIVERS\processr.sys
11:45:32.0568 7616 Processor - ok
11:45:32.0600 7616 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
11:45:32.0647 7616 ProfSvc - ok
11:45:32.0668 7616 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
11:45:32.0730 7616 ProtectedStorage - ok
11:45:32.0788 7616 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
11:45:32.0831 7616 PSched - ok
11:45:32.0889 7616 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
11:45:33.0028 7616 ql2300 - ok
11:45:33.0090 7616 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
11:45:33.0118 7616 ql40xx - ok
11:45:33.0218 7616 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
11:45:33.0264 7616 QWAVE - ok
11:45:33.0292 7616 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
11:45:33.0324 7616 QWAVEdrv - ok
11:45:33.0399 7616 [ 70DBDAB246C18B78E2200D6401D038BE ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
11:45:33.0464 7616 RapiMgr - ok
11:45:33.0486 7616 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
11:45:33.0548 7616 RasAcd - ok
11:45:33.0617 7616 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
11:45:33.0679 7616 RasAuto - ok
11:45:33.0724 7616 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
11:45:33.0790 7616 Rasl2tp - ok
11:45:33.0846 7616 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
11:45:33.0901 7616 RasMan - ok
11:45:34.0049 7616 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
11:45:34.0141 7616 RasPppoe - ok
11:45:34.0169 7616 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
11:45:34.0199 7616 RasSstp - ok
11:45:34.0315 7616 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
11:45:34.0429 7616 rdbss - ok
11:45:34.0578 7616 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
11:45:34.0648 7616 RDPCDD - ok
11:45:34.0747 7616 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
11:45:34.0858 7616 rdpdr - ok
11:45:34.0880 7616 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
11:45:34.0933 7616 RDPENCDD - ok
11:45:35.0054 7616 [ 30BFBDFB7F95559EDE971F9DDB9A00BA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
11:45:35.0105 7616 RDPWD - ok
11:45:35.0190 7616 [ 0D362785BEF9BDF5A6E1F4628D06716D ] Recovery Service for Windows C:\Program Files\SMINST\BLService.exe
11:45:35.0224 7616 Recovery Service for Windows - ok
11:45:35.0336 7616 [ 6799A96873BF74F5C640B02CA04AA50C ] RegFilter C:\Program Files\IObit\IObit Malware Fighter\drivers\wlh_x86\regfilter.sys
11:45:35.0391 7616 RegFilter - ok
11:45:35.0443 7616 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
11:45:35.0503 7616 RemoteAccess - ok
11:45:35.0523 7616 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
11:45:35.0571 7616 RemoteRegistry - ok
11:45:35.0625 7616 [ A1E255CC092CB760753969F4BC3F51E3 ] Response Hardware C:\Program Files\SMART Technologies\SMART Response\ResponseHardwareService.exe
11:45:35.0641 7616 Response Hardware - ok
11:45:35.0710 7616 [ 805AE1F90C64758D19AAA001CF8CBA12 ] RichVideo C:\Program Files\CyberLink\Shared files\RichVideo.exe
11:45:35.0730 7616 RichVideo ( UnsignedFile.Multi.Generic ) - warning
11:45:35.0730 7616 RichVideo - detected UnsignedFile.Multi.Generic (1)
11:45:35.0764 7616 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
11:45:35.0791 7616 RpcLocator - ok
11:45:35.0907 7616 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\System32\rpcss.dll
11:45:35.0989 7616 RpcSs - ok
11:45:36.0047 7616 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
11:45:36.0116 7616 rspndr - ok
11:45:36.0154 7616 [ 8DAB5975B5C7923D61506A48E251DBAD ] RTSTOR C:\Windows\system32\drivers\RTSTOR.SYS
11:45:36.0217 7616 RTSTOR - ok
11:45:36.0281 7616 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
11:45:36.0306 7616 SamSs - ok
11:45:36.0359 7616 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
11:45:36.0375 7616 SASDIFSV - ok
11:45:36.0401 7616 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
11:45:36.0419 7616 SASKUTIL - ok
11:45:36.0509 7616 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
11:45:36.0530 7616 sbp2port - ok
11:45:36.0577 7616 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
11:45:36.0623 7616 SCardSvr - ok
11:45:36.0680 7616 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
11:45:37.0064 7616 Schedule - ok
11:45:37.0137 7616 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
11:45:37.0177 7616 SCPolicySvc - ok
11:45:37.0246 7616 [ 126EA89BCC413EE45E3004FB0764888F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
11:45:37.0392 7616 sdbus - ok
11:45:37.0512 7616 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
11:45:37.0723 7616 SDRSVC - ok
11:45:37.0794 7616 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
11:45:37.0895 7616 secdrv - ok
11:45:37.0958 7616 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
11:45:38.0014 7616 seclogon - ok
11:45:38.0049 7616 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\system32\sens.dll
11:45:38.0145 7616 SENS - ok
11:45:38.0226 7616 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
11:45:38.0439 7616 Serenum - ok
11:45:38.0524 7616 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
11:45:38.0647 7616 Serial - ok
11:45:38.0701 7616 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
11:45:38.0761 7616 sermouse - ok
11:45:38.0832 7616 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
11:45:38.0892 7616 SessionEnv - ok
11:45:38.0937 7616 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
11:45:39.0017 7616 sffdisk - ok
11:45:39.0046 7616 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
11:45:39.0144 7616 sffp_mmc - ok
11:45:39.0204 7616 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
11:45:39.0265 7616 sffp_sd - ok
11:45:39.0298 7616 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
11:45:39.0432 7616 sfloppy - ok
11:45:39.0488 7616 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
11:45:39.0557 7616 SharedAccess - ok
11:45:39.0589 7616 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:45:39.0638 7616 ShellHWDetection - ok
11:45:39.0677 7616 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
11:45:39.0700 7616 sisagp - ok
11:45:39.0749 7616 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
11:45:39.0771 7616 SiSRaid2 - ok
11:45:39.0795 7616 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
11:45:39.0818 7616 SiSRaid4 - ok
11:45:39.0955 7616 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
11:45:40.0191 7616 slsvc - ok
11:45:40.0255 7616 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
11:45:40.0299 7616 SLUINotify - ok
11:45:40.0347 7616 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
11:45:40.0390 7616 Smb - ok
11:45:40.0434 7616 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
11:45:40.0519 7616 SNMPTRAP - ok
11:45:40.0546 7616 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
11:45:40.0566 7616 spldr - ok
11:45:40.0611 7616 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
11:45:40.0657 7616 Spooler - ok
11:45:40.0722 7616 [ E81F6CAEAB9AD5732E94C07C97866AA2 ] SRTSP C:\Windows\System32\Drivers\NIS\1008030.006\SRTSP.SYS
11:45:40.0848 7616 SRTSP - ok
11:45:40.0913 7616 [ E28DE499D942B08058BFFAC69D4122B6 ] SRTSPX C:\Windows\system32\drivers\NIS\1008030.006\SRTSPX.SYS
11:45:40.0930 7616 SRTSPX - ok
11:45:40.0980 7616 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
11:45:41.0032 7616 srv - ok
11:45:41.0072 7616 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
11:45:41.0119 7616 srv2 - ok
11:45:41.0161 7616 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
11:45:41.0191 7616 srvnet - ok
11:45:41.0228 7616 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
11:45:41.0296 7616 SSDPSRV - ok
11:45:41.0334 7616 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
11:45:41.0508 7616 SstpSvc - ok
11:45:41.0576 7616 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
11:45:41.0729 7616 stisvc - ok
11:45:41.0816 7616 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
11:45:41.0836 7616 swenum - ok
11:45:41.0917 7616 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
11:45:41.0970 7616 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
11:45:41.0970 7616 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
11:45:42.0039 7616 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
11:45:42.0095 7616 swprv - ok
11:45:42.0119 7616 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
11:45:42.0140 7616 Symc8xx - ok
11:45:42.0153 7616 SYMDNS - ok
11:45:42.0204 7616 [ D0885F6E24259A6C65E68D6AD749910A ] SymEFA C:\Windows\system32\drivers\NIS\1008030.006\SYMEFA.SYS
11:45:42.0253 7616 SymEFA - ok
11:45:42.0314 7616 [ A54FF04BD6E75DC4D8CB6F3E352635E0 ] SymEvent C:\Windows\system32\Drivers\SYMEVENT.SYS
11:45:42.0336 7616 SymEvent - ok
11:45:42.0356 7616 SYMFW - ok
11:45:42.0385 7616 [ 34F1C9D5DCC19DF1E824D6B73767B8AF ] SymIM C:\Windows\system32\DRIVERS\SymIMv.sys
11:45:42.0401 7616 SymIM - ok
11:45:42.0413 7616 SYMNDISV - ok
11:45:42.0433 7616 SYMREDRV - ok
11:45:42.0502 7616 [ 26BC80EC79D7BA478249C266CBDF17B4 ] SYMTDI C:\Windows\System32\Drivers\NIS\1008030.006\SYMTDI.SYS
11:45:42.0537 7616 SYMTDI - ok
11:45:42.0568 7616 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
11:45:42.0593 7616 Sym_hi - ok
11:45:42.0668 7616 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
11:45:42.0693 7616 Sym_u3 - ok
11:45:42.0915 7616 [ 00B19F27858F56181EDB58B71A7C67A0 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
11:45:42.0942 7616 SynTP - ok
11:45:43.0040 7616 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
11:45:43.0187 7616 SysMain - ok
11:45:43.0254 7616 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:45:43.0288 7616 TabletInputService - ok
11:45:43.0326 7616 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
11:45:43.0444 7616 TapiSrv - ok
11:45:43.0477 7616 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
11:45:43.0551 7616 TBS - ok
11:45:43.0913 7616 [ A474879AFA4A596B3A531F3E69730DBF ] Tcpip C:\Windows\system32\drivers\tcpip.sys
11:45:44.0030 7616 Tcpip - ok
11:45:44.0086 7616 [ A474879AFA4A596B3A531F3E69730DBF ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
11:45:44.0145 7616 Tcpip6 - ok
11:45:44.0189 7616 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
11:45:44.0231 7616 tcpipreg - ok
11:45:44.0275 7616 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
11:45:44.0337 7616 TDPIPE - ok
11:45:44.0366 7616 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
11:45:44.0420 7616 TDTCP - ok
11:45:44.0470 7616 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
11:45:44.0517 7616 tdx - ok
11:45:44.0565 7616 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
11:45:44.0589 7616 TermDD - ok
11:45:44.0647 7616 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
11:45:44.0715 7616 TermService - ok
11:45:44.0828 7616 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
11:45:44.0861 7616 Themes - ok
11:45:44.0902 7616 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
11:45:44.0979 7616 THREADORDER - ok
11:45:45.0177 7616 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
11:45:45.0275 7616 TrkWks - ok
11:45:45.0329 7616 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:45:45.0370 7616 TrustedInstaller - ok
11:45:45.0421 7616 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
11:45:45.0484 7616 tssecsrv - ok
11:45:45.0527 7616 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
11:45:45.0606 7616 tunmp - ok
11:45:45.0673 7616 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
11:45:45.0699 7616 tunnel - ok
11:45:45.0753 7616 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
11:45:45.0774 7616 uagp35 - ok
11:45:45.0829 7616 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
11:45:45.0878 7616 udfs - ok
11:45:45.0934 7616 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
11:45:45.0993 7616 UI0Detect - ok
11:45:46.0020 7616 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
11:45:46.0044 7616 uliagpkx - ok
11:45:46.0074 7616 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
11:45:46.0103 7616 uliahci - ok
11:45:46.0130 7616 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
11:45:46.0152 7616 UlSata - ok
11:45:46.0189 7616 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
11:45:46.0213 7616 ulsata2 - ok
11:45:46.0241 7616 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
11:45:46.0296 7616 umbus - ok
11:45:46.0341 7616 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
11:45:46.0408 7616 upnphost - ok
11:45:46.0444 7616 [ 115D1FC230548904DEA317867C924C4A ] UrlFilter C:\Program Files\IObit\IObit Malware Fighter\drivers\wlh_x86\UrlFilter.sys
11:45:46.0459 7616 UrlFilter - ok
11:45:46.0515 7616 [ 32DB9517628FF0D070682AAB61E688F0 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
11:45:46.0561 7616 usbaudio - ok
11:45:46.0594 7616 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
11:45:46.0640 7616 usbccgp - ok
11:45:46.0680 7616 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
11:45:46.0778 7616 usbcir - ok
11:45:46.0849 7616 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
11:45:46.0899 7616 usbehci - ok
11:45:46.0940 7616 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
11:45:46.0989 7616 usbhub - ok
11:45:47.0025 7616 [ CE697FEE0D479290D89BEC80DFE793B7 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
11:45:47.0070 7616 usbohci - ok
11:45:47.0098 7616 [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint C:\Windows\system32\drivers\usbprint.sys
11:45:47.0203 7616 usbprint - ok
11:45:47.0232 7616 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:45:47.0280 7616 USBSTOR - ok
11:45:47.0304 7616 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
11:45:47.0401 7616 usbuhci - ok
11:45:47.0507 7616 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
11:45:47.0573 7616 usbvideo - ok
11:45:47.0645 7616 [ 35C9095FA7076466AFBFC5B9EC4B779E ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
11:45:47.0687 7616 usb_rndisx - ok
11:45:47.0731 7616 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
11:45:47.0776 7616 UxSms - ok
11:45:47.0820 7616 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
11:45:47.0889 7616 vds - ok
11:45:47.0967 7616 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
11:45:48.0022 7616 vga - ok
11:45:48.0054 7616 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
11:45:48.0119 7616 VgaSave - ok
11:45:48.0171 7616 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
11:45:48.0194 7616 viaagp - ok
11:45:48.0257 7616 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
11:45:48.0338 7616 ViaC7 - ok
11:45:48.0365 7616 [ EA1AA6E3ABB3C194FEBA12A46DE8CF2C ] viaide C:\Windows\system32\drivers\viaide.sys
11:45:48.0386 7616 viaide - ok
11:45:48.0421 7616 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
11:45:48.0446 7616 volmgr - ok
11:45:48.0488 7616 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
11:45:48.0523 7616 volmgrx - ok
11:45:48.0590 7616 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys
11:45:48.0626 7616 volsnap - ok
11:45:48.0651 7616 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
11:45:48.0675 7616 vsmraid - ok
11:45:48.0738 7616 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
11:45:48.0846 7616 VSS - ok
11:45:48.0899 7616 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
11:45:48.0955 7616 W32Time - ok
11:45:48.0999 7616 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
11:45:49.0104 7616 WacomPen - ok
11:45:49.0138 7616 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
11:45:49.0182 7616 Wanarp - ok
11:45:49.0194 7616 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
11:45:49.0242 7616 Wanarpv6 - ok
11:45:49.0283 7616 [ 779F9C90D3FE9C70B6FFD8EF035F3E83 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
11:45:49.0355 7616 WcesComm - ok
11:45:49.0418 7616 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
11:45:49.0474 7616 wcncsvc - ok
11:45:49.0558 7616 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:45:49.0609 7616 WcsPlugInService - ok
11:45:49.0641 7616 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
11:45:49.0661 7616 Wd - ok
11:45:49.0707 7616 [ D6EFAF429FD30C5DF613D220E344CCE7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam.sys
11:45:49.0741 7616 WDC_SAM - ok
11:45:49.0793 7616 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
11:45:49.0842 7616 Wdf01000 - ok
11:45:49.0883 7616 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
11:45:49.0945 7616 WdiServiceHost - ok
11:45:49.0954 7616 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
11:45:50.0013 7616 WdiSystemHost - ok
11:45:50.0057 7616 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
11:45:50.0097 7616 WebClient - ok
11:45:50.0133 7616 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
11:45:50.0165 7616 Wecsvc - ok
11:45:50.0185 7616 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
11:45:50.0232 7616 wercplsupport - ok
11:45:50.0260 7616 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
11:45:50.0308 7616 WerSvc - ok
11:45:50.0351 7616 [ 0ACD399F5DB3DF1B58903CF4949AB5A8 ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys
11:45:50.0416 7616 winachsf - ok
11:45:50.0542 7616 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
11:45:50.0575 7616 WinDefend - ok
11:45:50.0591 7616 WinHttpAutoProxySvc - ok
11:45:50.0638 7616 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
11:45:50.0694 7616 Winmgmt - ok
11:45:50.0764 7616 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
11:45:50.0858 7616 WinRM - ok
11:45:50.0974 7616 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
11:45:51.0040 7616 Wlansvc - ok
11:45:51.0180 7616 [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:45:51.0307 7616 wlidsvc - ok
11:45:51.0335 7616 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
11:45:51.0389 7616 WmiAcpi - ok
11:45:51.0645 7616 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
11:45:51.0818 7616 wmiApSrv - ok
11:45:51.0945 7616 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
11:45:52.0016 7616 WMPNetworkSvc - ok
11:45:52.0036 7616 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
11:45:52.0085 7616 WPCSvc - ok
11:45:52.0115 7616 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
11:45:52.0168 7616 WPDBusEnum - ok
11:45:52.0218 7616 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
11:45:52.0246 7616 WpdUsb - ok
11:45:52.0347 7616 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
11:45:52.0420 7616 WPFFontCache_v0400 - ok
11:45:52.0495 7616 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
11:45:52.0554 7616 ws2ifsl - ok
11:45:52.0598 7616 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\system32\wscsvc.dll
11:45:52.0636 7616 wscsvc - ok
11:45:52.0646 7616 WSearch - ok
11:45:52.0748 7616 [ 6298277B73C77FA99106B271A7525163 ] wuauserv C:\Windows\system32\wuaueng.dll
11:45:52.0892 7616 wuauserv - ok
11:45:52.0990 7616 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
11:45:53.0047 7616 WUDFRd - ok
11:45:53.0065 7616 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
11:45:53.0124 7616 wudfsvc - ok
11:45:53.0152 7616 [ DAB33CFA9DD24251AAA389FF36B64D4B ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys
11:45:53.0175 7616 XAudio - ok
11:45:53.0210 7616 [ CD5F291A1161F15896D1A4D63DAFF5DF ] XAudioService C:\Windows\system32\DRIVERS\xaudio.exe
11:45:53.0253 7616 XAudioService - ok
11:45:53.0305 7616 [ 7D1F3B131D503EF43EE594B5A2B9B427 ] yukonwlh C:\Windows\system32\DRIVERS\yk60x86.sys
11:45:53.0412 7616 yukonwlh - ok
11:45:53.0474 7616 ================ Scan global ===============================
11:45:53.0506 7616 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
11:45:53.0554 7616 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
11:45:53.0609 7616 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
11:45:53.0736 7616 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
11:45:53.0751 7616 [Global] - ok
11:45:53.0752 7616 ================ Scan MBR ==================================
11:45:53.0763 7616 [ 588AE8F0C685C02BA11F30D9CD7E61A0 ] \Device\Harddisk0\DR0
11:45:54.0217 7616 \Device\Harddisk0\DR0 - ok
11:45:54.0218 7616 ================ Scan VBR ==================================
11:45:54.0225 7616 [ 34B2549E0F0DE0F0E628362E6FFB157C ] \Device\Harddisk0\DR0\Partition1
11:45:54.0228 7616 \Device\Harddisk0\DR0\Partition1 - ok
11:45:54.0238 7616 [ 956E4B6C738615C5520A4AEAA9F9A63A ] \Device\Harddisk0\DR0\Partition2
11:45:54.0242 7616 \Device\Harddisk0\DR0\Partition2 - ok
11:45:54.0244 7616 ============================================================
11:45:54.0244 7616 Scan finished
11:45:54.0244 7616 ============================================================
11:45:54.0272 7488 Detected object count: 8
11:45:54.0272 7488 Actual detected object count: 8
11:46:11.0560 7488 BVRPMPR5 ( UnsignedFile.Multi.Generic ) - skipped by user
11:46:11.0560 7488 BVRPMPR5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:46:11.0565 7488 EPSON_EB_RPCV4_01 ( UnsignedFile.Multi.Generic ) - skipped by user
11:46:11.0565 7488 EPSON_EB_RPCV4_01 ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:46:11.0566 7488 EPSON_PM_RPCV4_01 ( UnsignedFile.Multi.Generic ) - skipped by user
11:46:11.0566 7488 EPSON_PM_RPCV4_01 ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:46:11.0571 7488 HP Health Check Service ( UnsignedFile.Multi.Generic ) - skipped by user
11:46:11.0572 7488 HP Health Check Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:46:11.0577 7488 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
11:46:11.0577 7488 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:46:11.0578 7488 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
11:46:11.0578 7488 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:46:11.0582 7488 RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user
11:46:11.0582 7488 RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:46:11.0583 7488 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
11:46:11.0583 7488 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:47:00.0569 5348 Deinitialize success
  • 0

#8
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
That all looks good :)

Subject to no further problems :)

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Remove ComboFix
  • Hold down the Windows key + R on your keyboard. This will display the Run dialogue box
  • In the Run box, type in ComboFix /Uninstall
    (Notice the space between the "x" and "/")
    then click OK

    Posted Image
  • Follow the prompts on the screen
  • A message should appear confirming that ComboFix was uninstalled

Run OTL and hit the cleanup button. It will remove all the programmes we have used plus itself.

We will now confirm that your hidden files are set to that, as some of the tools I use will change that
  • Click Start.
  • Open My Computer.
  • Select the Tools menu and click Folder Options.
  • Select the View Tab.
  • Under the Hidden files and folders heading select Do not show hidden files and folders.
  • Click Yes to confirm.
  • Click OK.

Posted Image Your Java is out of date.
Older versions have vulnerabilities that malware can use to infect your system.
Please follow these steps to remove older version of Java components and upgrade the application.

Upgrading Java:
  • Go to this site and click Do I have Java
  • It will check your current version and then offer to update to the latest version


Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

Posted Image Malwarebytes.

Update and run weekly to keep your system clean

Download and install FileHippo update checker and run it monthly it will show you which programmes on your system need updating and give a download link

If you use on-line banking then as an added layer of protection install Trusteer Rapport

It is critical to have both a firewall and anti virus to protect your system and to keep them updated. To keep your operating system up to date visit
To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?Keep safe :wave:
  • 0

#9
Liz2012

Liz2012

    Member

  • Topic Starter
  • Member
  • PipPip
  • 42 posts
I am having an issue with my internet explorer flashing. I open a page and it flashes once when it opens. It is a recent issue, that comes and goes and I thought it was gone. But apparently not.
  • 0

#10
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Is it just the first time you open IE or does it occur when you open other tabs as well ?
  • 0

Advertisements


#11
Liz2012

Liz2012

    Member

  • Topic Starter
  • Member
  • PipPip
  • 42 posts
Other tabs as well. Doesn't happen every single time, but it is often.
  • 0

#12
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
How many add ons do you have running in IE ?

As I find that my Roboform addon delays the start of IE for a quick flash


  • 0

#13
Liz2012

Liz2012

    Member

  • Topic Starter
  • Member
  • PipPip
  • 42 posts
Adobe Systems Incorporated
Shockwave Flash Object Enabled

Microsoft Corporation
XML DOM Document Enabled
Windows Media Player Enabled
XML HTTP 6.0 Enabled
Microsoft Silverlight Enabled
XML HTTP 3.0 Enabled
Windows Live ID Sign-in Helper Disabled
Research Disabled

Not Available
Discuss Disabled

Oracle America, Inc.
Deployment Toolkit Enabled

RealNetworks, Inc.
RealPlayer Download and Record Plugin Disabled

Smart Technologies ULC
CIEDownload Object Disabled

Symantec Corporation
Symantec NCO BHO Disabled
Symantec Intrusion Prevention Disabled

Edited by Liz2012, 06 November 2012 - 06:54 PM.

  • 0

#14
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Could you disable this one please and let me know if it helps :

Oracle America, Inc.
Deployment Toolkit Enabled

  • 0

#15
Liz2012

Liz2012

    Member

  • Topic Starter
  • Member
  • PipPip
  • 42 posts
I disabled it and I think it is ok. I have not noticed an issue.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP