Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

svhost.exe*32 virus [Closed]


  • This topic is locked This topic is locked

#1
Troks

Troks

    New Member

  • Member
  • Pip
  • 7 posts
Ok so my computer has been infected with something that matches this persons symptoms perfectly. It slows my computer down a lot and makes getting anything done difficult. Like him, it was also invisible to both malware bytes, and my main antivirus software (AVG). Also I am experiencing a google redirect and none of the tricks or methods posted anywhere have gotten rid of it, so I'm assuming it has to do with the svhost.exe*32 virus.

I was going to just repeat the steps done in this thread but I figured it would be wise to post here about it, before doing anything that could potentially destroy my computer.

Any and all help is welcomed, thank you in advanced :)
  • 0

Advertisements


#2
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hello Troks and welcome to my office here at G2G! :)

My nick is maliprog and I'll be your technical support on this issue. Before we start please read my notes carefully:

NOTES:
  • Malware removal is NOT instantaneous, most infections require several courses of action to completely eradicate.
  • Absence of symptoms does not always mean the computer is clean
  • Kindly follow my instructions in the order posted. Order is crucial in cleaning process.
  • Please DO NOT run any scans or fix on your own without my direction.
  • Please read all of my response through at least once before attempting to follow the procedures described.
  • If there's anything you don't understand or isn't totally clear, please come back to me for clarification.
  • Please do not attach any log files to your replies unless I specifically ask you. Instead please copy and paste it to include the log in your reply.
  • You must reply within 3 days or your topic will be closed

Step 1

Download OTL to your Desktop

  • Double click on the icon to run it (If running Vista or Windows 7, right click on it and select "Run as an Administrator"). Make sure all other windows are closed and to let it run uninterrupted.
  • Under the Custom Scan/Fixes box paste this in

    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    services.exe
    /md5stop
    %systemroot%\*. /mp /s
    CREATERESTOREPOINT
    
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them here for me.

Step 2

Please download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
    Posted Image
  • Put a checkmark beside loaded modules.
    Posted Image
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
    Posted Image
  • Click the Start Scan button.
    Posted Image
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
    Posted Image
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
    Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Posted Image
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Step 3

Please don't forget to include these items in your reply:

  • OTL log
  • OTL Extras log
  • TDSSKiller log
It would be helpful if you could post each log in separate post using "Add Reply" button
  • 0

#3
Troks

Troks

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
OTL LOG

OTL logfile created on: 11/7/2012 10:51:14 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\mattroks\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.60 Gb Total Physical Memory | 1.65 Gb Available Physical Memory | 45.88% Memory free
3.60 Gb Paging File | 1.52 Gb Available in Paging File | 42.28% Paging File free
Paging file location(s): [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 282.92 Gb Total Space | 88.92 Gb Free Space | 31.43% Space Free | Partition Type: NTFS

Computer Name: MATTROKS-PC | User Name: mattroks | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/11/07 10:50:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\mattroks\Desktop\OTL.exe
PRC - [2012/10/27 04:12:22 | 003,558,856 | ---- | M] (Xfire Inc.) -- C:\Program Files (x86)\Xfire\Xfire.exe
PRC - [2012/10/26 12:17:52 | 000,079,384 | ---- | M] (Google) -- C:\Users\mattroks\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
PRC - [2012/10/16 13:02:04 | 001,111,432 | ---- | M] (Spigot, Inc.) -- C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
PRC - [2012/10/09 15:44:44 | 000,799,112 | ---- | M] (Spigot, Inc.) -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
PRC - [2012/08/29 11:03:38 | 001,996,200 | ---- | M] (LogMeIn Inc.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2012/06/28 10:40:52 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winampa.exe
PRC - [2012/06/08 17:30:48 | 000,880,528 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
PRC - [2012/05/29 15:56:12 | 000,312,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
PRC - [2012/05/24 13:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Users\mattroks\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012/05/02 21:21:06 | 002,469,380 | ---- | M] (NCH Software) -- C:\Program Files (x86)\NCH Software\BroadCam\broadcam.exe
PRC - [2011/10/01 07:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011/10/01 07:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011/07/28 18:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2011/07/19 10:59:30 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe
PRC - [2011/07/19 10:48:25 | 000,123,320 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\SymcPCCULaunchSvc.exe
PRC - [2010/11/20 22:24:27 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
PRC - [2010/07/12 06:52:50 | 000,548,864 | ---- | M] () -- C:\Program Files (x86)\Greenshot\Greenshot.exe
PRC - [2009/08/29 01:00:12 | 000,966,656 | ---- | M] () -- C:\Users\mattroks\Local Settings\Apps\F.lux\flux.exe


========== Modules (No Company Name) ==========

MOD - [2012/10/24 02:04:57 | 000,460,312 | ---- | M] () -- C:\Users\mattroks\AppData\Local\Google\Chrome\Application\22.0.1229.96\ppgooglenaclpluginchrome.dll
MOD - [2012/10/24 02:04:55 | 012,435,992 | ---- | M] () -- C:\Users\mattroks\AppData\Local\Google\Chrome\Application\22.0.1229.96\PepperFlash\pepflashplayer.dll
MOD - [2012/10/24 02:04:54 | 004,005,912 | ---- | M] () -- C:\Users\mattroks\AppData\Local\Google\Chrome\Application\22.0.1229.96\pdf.dll
MOD - [2012/10/24 02:03:38 | 000,578,072 | ---- | M] () -- C:\Users\mattroks\AppData\Local\Google\Chrome\Application\22.0.1229.96\libglesv2.dll
MOD - [2012/10/24 02:03:37 | 000,123,928 | ---- | M] () -- C:\Users\mattroks\AppData\Local\Google\Chrome\Application\22.0.1229.96\libegl.dll
MOD - [2012/10/24 02:03:25 | 000,156,712 | ---- | M] () -- C:\Users\mattroks\AppData\Local\Google\Chrome\Application\22.0.1229.96\avutil-51.dll
MOD - [2012/10/24 02:03:24 | 000,275,496 | ---- | M] () -- C:\Users\mattroks\AppData\Local\Google\Chrome\Application\22.0.1229.96\avformat-54.dll
MOD - [2012/10/24 02:03:23 | 002,168,360 | ---- | M] () -- C:\Users\mattroks\AppData\Local\Google\Chrome\Application\22.0.1229.96\avcodec-54.dll
MOD - [2012/06/18 02:56:23 | 012,436,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012/06/18 02:56:04 | 001,591,808 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012/05/10 02:55:45 | 005,452,800 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012/05/10 02:55:34 | 000,971,264 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012/05/10 02:55:33 | 007,967,232 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012/05/10 02:55:17 | 011,492,864 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2012/02/13 18:58:02 | 000,070,424 | ---- | M] () -- C:\Program Files\TortoiseSVN\bin\libsasl32.dll
MOD - [2011/07/28 18:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/07/28 18:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2010/11/20 22:24:09 | 000,232,448 | ---- | M] () -- \\?\globalroot\systemroot\syswow64\mswsock.DLL
MOD - [2010/11/20 22:24:09 | 000,232,448 | ---- | M] () -- \\.\globalroot\systemroot\syswow64\mswsock.dll
MOD - [2010/07/12 06:52:50 | 000,548,864 | ---- | M] () -- C:\Program Files (x86)\Greenshot\Greenshot.exe
MOD - [2010/07/12 06:52:48 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Greenshot\GreenshotPlugin.dll
MOD - [2009/08/29 01:00:12 | 000,966,656 | ---- | M] () -- C:\Users\mattroks\Local Settings\Apps\F.lux\flux.exe


========== Services (SafeList) ==========

SRV:64bit: - [2011/06/09 23:10:00 | 000,138,152 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:64bit: - [2011/06/08 00:54:56 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011/05/17 17:34:18 | 000,574,896 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:64bit: - [2010/10/20 17:41:00 | 000,138,656 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV:64bit: - [2010/09/22 20:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2012/10/30 14:02:00 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/10/09 15:44:44 | 000,799,112 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2012/08/29 11:03:36 | 002,369,960 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012/07/13 19:17:12 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/07/03 12:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/05/02 21:21:06 | 002,469,380 | ---- | M] (NCH Software) [Auto | Running] -- C:\Program Files (x86)\NCH Software\BroadCam\broadcam.exe -- (BroadCamService)
SRV - [2012/02/25 20:35:43 | 000,131,912 | ---- | M] (Desura Pty Ltd) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Desura\desura_service.exe -- (Desura Install Service)
SRV - [2011/10/01 07:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 07:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011/07/19 10:59:30 | 000,126,392 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe -- (PCCUJobMgr)
SRV - [2011/07/19 10:48:25 | 000,123,320 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\SymcPCCULaunchSvc.exe -- (Norton PC Checkup Application Launcher)
SRV - [2011/07/11 20:16:06 | 000,057,216 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2010/10/12 12:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/16 14:30:27 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011/11/10 17:32:02 | 000,115,272 | ---- | M] (MotioninJoy) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MijXfilt.sys -- (MotioninJoyXFilter)
DRV:64bit: - [2011/10/01 07:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011/10/01 07:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011/10/01 07:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011/10/01 07:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011/06/08 01:42:26 | 009,360,896 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/06/08 00:16:14 | 000,309,760 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/04 14:44:12 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2011/02/14 15:43:00 | 001,581,184 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2011/02/08 22:07:00 | 000,038,096 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)
DRV:64bit: - [2011/01/05 04:08:58 | 001,109,096 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192ce.sys -- (RTL8192Ce)
DRV:64bit: - [2010/11/20 22:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 22:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 22:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/11 15:58:54 | 000,137,512 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2010/11/05 10:52:54 | 000,038,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2010/11/05 10:52:52 | 000,075,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2010/10/08 14:49:08 | 000,243,712 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/09/27 18:24:42 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2010/08/19 18:24:34 | 000,074,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2010/07/01 13:21:50 | 000,038,992 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys -- (ScreamBAudioSvc)
DRV:64bit: - [2009/07/30 23:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2009/07/14 18:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/07 12:51:42 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FwLnk.sys -- (FwLnk)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/03/18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2007/08/31 13:15:34 | 000,079,872 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\emAudio64.sys -- (emAudio)
DRV:64bit: - [2007/06/21 16:51:46 | 000,215,808 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\emDevice64.sys -- (DCamUSBEMPIA)
DRV:64bit: - [2007/06/21 16:51:32 | 000,006,400 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\emFilter64.sys -- (FiltUSBEMPIA)
DRV:64bit: - [2007/06/21 16:51:30 | 000,006,144 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\emScan64.sys -- (ScanUSBEMPIA)
DRV:64bit: - [2005/09/23 22:18:34 | 000,261,120 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MarvinBus64.sys -- (MarvinBus)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}
IE:64bit: - HKLM\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.co...ng}&rlz=1I7TSNO
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}
IE - HKLM\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.co...ng}&rlz=1I7TSNO

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.toshiba.com/?cid=C001B2Y
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\..\URLSearchHook: {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files (x86)\Dealio Toolbar\IE\6.5\dealioToolbarIE.dll (Spigot, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {ED5F7125-6386-4ED9-AEC3-67341483DDC9}
IE - HKCU\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.co...ng}&rlz=1I7TSNO
IE - HKCU\..\SearchScopes\{A2136905-C82E-44D9-9F66-45B4802EB415}: "URL" = http://websearch.ask...79-15670A029F2B
IE - HKCU\..\SearchScopes\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}: "URL" = http://www.ask.com/w...q={searchTerms}
IE - HKCU\..\SearchScopes\{ED5F7125-6386-4ED9-AEC3-67341483DDC9}: "URL" = http://www.google.co...1I7TSNO_enUS474
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.ask.com/?...?l=dis&o=14676"
FF - prefs.js..extensions.enabledAddons: {EEE6C361-6118-11DC-9C72-001320C79847}:1.6.0.3
FF - prefs.js..extensions.enabledAddons: [email protected]:6.5
FF - prefs.js..extensions.enabledAddons: [email protected]:6.5
FF - prefs.js..keyword.URL: "http://search.sweeti...10000.10001&q="
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://search.sweeti...h.asp?src=2&q="
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\mattroks\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\mattroks\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\mattroks\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\mattroks\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/08/24 10:56:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/09/12 11:33:30 | 000,000,000 | ---D | M]

[2012/08/03 15:05:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mattroks\AppData\Roaming\Mozilla\Extensions
[2012/10/31 22:00:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mattroks\AppData\Roaming\Mozilla\Firefox\Profiles\o9iyxwfv.default\extensions
[2012/08/03 15:08:34 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\mattroks\AppData\Roaming\Mozilla\Firefox\Profiles\o9iyxwfv.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012/09/08 19:49:10 | 000,169,792 | ---- | M] () (No name found) -- C:\Users\mattroks\AppData\Roaming\Mozilla\Firefox\Profiles\o9iyxwfv.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
[2012/09/07 21:07:36 | 000,003,915 | ---- | M] () -- C:\Users\mattroks\AppData\Roaming\Mozilla\Firefox\Profiles\o9iyxwfv.default\searchplugins\sweetim.xml
[2012/08/24 10:56:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/10/19 21:34:11 | 000,000,000 | ---D | M] (Widgi Toolbar Platform) -- C:\PROGRAM FILES (X86)\COMMON FILES\SPIGOT\WTXPCOM
[2012/10/19 21:34:11 | 000,000,000 | ---D | M] (Dealio Toolbar) -- C:\PROGRAM FILES (X86)\DEALIO TOOLBAR\FF
[2012/07/13 19:17:47 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/06/28 10:42:00 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2012/07/13 19:16:36 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/07/13 19:16:36 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\mattroks\AppData\Local\Google\Chrome\Application\22.0.1229.96\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\mattroks\AppData\Local\Google\Chrome\Application\22.0.1229.96\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\mattroks\AppData\Local\Google\Chrome\Application\22.0.1229.96\pdf.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\mattroks\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: QuickTime Plug-in 7.5 (861) (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.5 (861) (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.5 (861) (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.5 (861) (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.5 (861) (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.5 (861) (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.5 (861) (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\mattroks\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\mattroks\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 7 U3 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: Entanglement = C:\Users\mattroks\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.7.9_0\
CHR - Extension: Angry Birds = C:\Users\mattroks\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: Awesome Screenshot: Capture & Annotate = C:\Users\mattroks\AppData\Local\Google\Chrome\User Data\Default\Extensions\alelhddbbhepgpmgidjdcjakblofbmce\3.3.7_0\
CHR - Extension: Google Drive = C:\Users\mattroks\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: YouTube = C:\Users\mattroks\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Adblock Plus = C:\Users\mattroks\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.3_0\
CHR - Extension: Google Search = C:\Users\mattroks\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Poppit = C:\Users\mattroks\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\
CHR - Extension: Gmail = C:\Users\mattroks\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: pumpkin = C:\Users\mattroks\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkigkiflejlmpibnlecfdgkhjijgkoao\1.0_0\
CHR - Extension: RSS Feed Reader = C:\Users\mattroks\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnjaodmkngahhkoihejjehlcdlnohgmp\3.3.17_0\

O1 HOSTS File: ([2012/11/02 19:19:52 | 000,000,036 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 local host
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files (x86)\Dealio Toolbar\IE\6.5\dealioToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files (x86)\Dealio Toolbar\IE\6.5\dealioToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [] File not found
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe (Conexant systems, Inc.)
O4:64bit: - HKLM..\Run: [TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosNC] C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe (Toshiba)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [Sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [ToshibaAppPlace] C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe (Toshiba)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKCU..\Run: [BitTorrent] C:\Program Files (x86)\BitTorrent\BitTorrent.exe (BitTorrent, Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Desura] C:\Program Files (x86)\Desura\desura.exe (Desura Pty Ltd)
O4 - HKCU..\Run: [F.lux] C:\Users\mattroks\Local Settings\Apps\F.lux\flux.exe ()
O4 - HKCU..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKCU..\Run: [Greenshot] C:\Program Files (x86)\Greenshot\Greenshot.exe ()
O4 - HKCU..\Run: [MP3 Skype Recorder] C:\Program Files (x86)\MP3 Skype Recorder\MP3 Skype Recorder.exe (Alexander Nikiforov)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - HKCU..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - Startup: C:\Users\mattroks\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\mattroks\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\mattroks\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - mmswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.3.0)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_03)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B2B17F1B-A2AF-4ADD-8F57-A5191AD474EB}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)


CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/11/07 10:50:17 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\mattroks\Desktop\OTL.exe
[2012/11/06 21:15:24 | 000,000,000 | ---D | C] -- C:\Users\mattroks\AppData\Roaming\Xfire
[2012/11/06 21:13:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xfire
[2012/11/06 21:13:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Xfire
[2012/11/06 21:13:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Xfire
[2012/11/06 12:56:40 | 000,000,000 | ---D | C] -- C:\Users\mattroks\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
[2012/11/06 12:56:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
[2012/11/06 12:56:37 | 000,000,000 | ---D | C] -- C:\Users\mattroks\AppData\Roaming\Notepad++
[2012/11/06 12:56:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Notepad++
[2012/11/02 19:26:31 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012/11/02 17:56:45 | 000,000,000 | ---D | C] -- C:\AVGTemp
[2012/11/01 15:13:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012/11/01 15:13:14 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012/11/01 14:30:01 | 000,000,000 | ---D | C] -- C:\Users\mattroks\AppData\Roaming\Malwarebytes
[2012/11/01 14:29:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/11/01 14:29:50 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2012/11/01 14:29:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/11/01 10:50:31 | 002,267,096 | ---- | C] (Threat Expert Ltd.) -- C:\windows\PCTBDCore.dll1152.old
[2012/11/01 10:50:31 | 000,149,464 | ---- | C] (PC Tools) -- C:\windows\SGDetectionTool.dll1152.old
[2012/11/01 10:48:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Tools
[2012/11/01 10:44:36 | 000,251,560 | ---- | C] (PC Tools) -- C:\windows\SysNative\drivers\PCTSD64.sys
[2012/11/01 10:44:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PC Tools
[2012/11/01 10:44:10 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2012/11/01 10:44:04 | 000,000,000 | ---D | C] -- C:\Users\mattroks\AppData\Roaming\TestApp
[2012/10/31 22:49:12 | 000,000,000 | ---D | C] -- C:\Users\mattroks\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012/10/30 13:38:11 | 000,000,000 | -HSD | C] -- C:\windows\SysWow64\%APPDATA%
[2012/10/30 13:13:07 | 000,000,000 | ---D | C] -- C:\windows\SysNative\Macromed
[2012/10/30 13:06:12 | 000,000,000 | ---D | C] -- C:\Users\mattroks\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The You Testament
[2012/10/30 13:05:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MDickie
[2012/10/28 10:31:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eidos
[2012/10/28 10:26:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Eidos
[2012/10/27 00:03:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SSF Realism Mod
[2012/10/27 00:03:06 | 000,000,000 | ---D | C] -- C:\Users\mattroks\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SSF Realism Mod
[2012/10/26 23:34:33 | 000,000,000 | ---D | C] -- C:\Users\mattroks\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SSF Realism Mod v2.1
[2012/10/26 23:34:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SSF Realism Mod v2.1
[2012/10/20 23:19:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RPG Maker 2000
[2012/10/20 23:19:50 | 000,000,000 | ---D | C] -- C:\Users\mattroks\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RPG Maker 2000
[2012/10/20 23:18:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASCII
[2012/10/19 21:33:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Spigot
[2012/10/19 21:33:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dealio Toolbar
[2012/10/19 21:33:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Application Updater
[2012/10/15 21:51:53 | 000,000,000 | ---D | C] -- C:\Users\mattroks\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Virtual DJ
[2012/10/15 21:51:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual DJ
[2012/10/15 19:28:36 | 000,000,000 | ---D | C] -- C:\Users\mattroks\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ
[2012/10/15 19:28:32 | 000,000,000 | ---D | C] -- C:\Users\mattroks\Documents\VirtualDJ
[2012/10/15 19:28:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VirtualDJ
[2012/10/11 23:01:24 | 000,000,000 | ---D | C] -- C:\Users\mattroks\Desktop\AMV [bleep] is dead
[1 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/11/07 10:51:56 | 000,731,412 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2012/11/07 10:51:56 | 000,624,622 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2012/11/07 10:51:56 | 000,110,932 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2012/11/07 10:50:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\mattroks\Desktop\OTL.exe
[2012/11/07 10:49:39 | 000,000,920 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1948912164-410549572-1474110350-1001UA.job
[2012/11/07 10:48:46 | 000,000,912 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/11/07 10:48:34 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/11/07 05:55:13 | 000,000,908 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/11/06 23:27:04 | 000,000,868 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1948912164-410549572-1474110350-1001Core.job
[2012/11/06 21:13:49 | 000,000,970 | ---- | M] () -- C:\Users\Public\Desktop\Xfire.lnk
[2012/11/06 12:56:41 | 000,001,070 | ---- | M] () -- C:\Users\mattroks\Desktop\Notepad++.lnk
[2012/11/04 23:25:38 | 000,271,074 | ---- | M] () -- C:\Users\mattroks\Documents\Track 3 - 35.wav
[2012/11/04 23:25:38 | 000,001,112 | ---- | M] () -- C:\Users\mattroks\Documents\Track 3 - 35.sfk
[2012/11/04 23:24:49 | 000,385,498 | ---- | M] () -- C:\Users\mattroks\Documents\Track 3 - 34.wav
[2012/11/04 23:24:49 | 000,001,560 | ---- | M] () -- C:\Users\mattroks\Documents\Track 3 - 34.sfk
[2012/11/04 22:06:42 | 000,359,622 | ---- | M] () -- C:\Users\mattroks\Documents\Track 3 - 33.wav
[2012/11/04 22:06:42 | 000,001,464 | ---- | M] () -- C:\Users\mattroks\Documents\Track 3 - 33.sfk
[2012/11/04 20:36:02 | 000,633,462 | ---- | M] () -- C:\Users\mattroks\Documents\Track 3 - 32.wav
[2012/11/04 20:36:02 | 000,002,528 | ---- | M] () -- C:\Users\mattroks\Documents\Track 3 - 32.sfk
[2012/11/04 17:28:51 | 000,919,638 | ---- | M] () -- C:\Users\mattroks\Documents\Track 3 - 31.wav
[2012/11/04 17:28:51 | 000,003,648 | ---- | M] () -- C:\Users\mattroks\Documents\Track 3 - 31.sfk
[2012/11/04 17:28:21 | 000,372,274 | ---- | M] () -- C:\Users\mattroks\Documents\Track 3 - 30.wav
[2012/11/04 17:28:21 | 000,001,512 | ---- | M] () -- C:\Users\mattroks\Documents\Track 3 - 30.sfk
[2012/11/04 17:17:13 | 000,699,762 | ---- | M] () -- C:\Users\mattroks\Documents\Track 3 - 29.wav
[2012/11/04 17:17:13 | 000,002,792 | ---- | M] () -- C:\Users\mattroks\Documents\Track 3 - 29.sfk
[2012/11/04 17:16:40 | 000,503,322 | ---- | M] () -- C:\Users\mattroks\Documents\Track 3 - 28.wav
[2012/11/04 17:16:40 | 000,002,024 | ---- | M] () -- C:\Users\mattroks\Documents\Track 3 - 28.sfk
[2012/11/04 17:14:32 | 000,493,830 | ---- | M] () -- C:\Users\mattroks\Documents\Track 3 - 27.wav
[2012/11/04 17:14:32 | 000,001,984 | ---- | M] () -- C:\Users\mattroks\Documents\Track 3 - 27.sfk
[2012/11/04 11:53:36 | 000,024,608 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/11/04 11:53:36 | 000,024,608 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/11/04 11:45:27 | 2899,468,288 | -HS- | M] () -- C:\hiberfil.sys
[2012/11/03 21:44:54 | 000,368,746 | ---- | M] () -- C:\Users\mattroks\Documents\Track 3 - 26.wav
[2012/11/03 21:44:54 | 000,001,496 | ---- | M] () -- C:\Users\mattroks\Documents\Track 3 - 26.sfk
[2012/11/03 21:44:27 | 000,497,390 | ---- | M] () -- C:\Users\mattroks\Documents\Track 3 - 25.wav
[2012/11/03 21:44:27 | 000,002,000 | ---- | M] () -- C:\Users\mattroks\Documents\Track 3 - 25.sfk
[2012/11/03 21:43:49 | 000,556,874 | ---- | M] () -- C:\Users\mattroks\Documents\Track 3 - 24.wav
[2012/11/03 21:43:49 | 000,002,232 | ---- | M] () -- C:\Users\mattroks\Documents\Track 3 - 24.sfk
[2012/11/03 21:36:59 | 000,424,282 | ---- | M] () -- C:\Users\mattroks\Documents\Track 3 - 23.wav
[2012/11/03 21:36:59 | 000,001,712 | ---- | M] () -- C:\Users\mattroks\Documents\Track 3 - 23.sfk
[2012/11/03 21:16:17 | 000,281,054 | ---- | M] () -- C:\Users\mattroks\Documents\Track 3 - 22.wav
[2012/11/03 21:16:17 | 000,001,152 | ---- | M] () -- C:\Users\mattroks\Documents\Track 3 - 22.sfk
[2012/11/03 21:16:02 | 000,244,642 | ---- | M] () -- C:\Users\mattroks\Documents\Track 3 - 21.wav
[2012/11/03 21:16:02 | 000,001,008 | ---- | M] () -- C:\Users\mattroks\Documents\Track 3 - 21.sfk
[2012/11/03 21:11:15 | 001,374,082 | ---- | M] () -- C:\Users\mattroks\Documents\Track 3 - 20.wav
[2012/11/03 21:11:15 | 000,005,424 | ---- | M] () -- C:\Users\mattroks\Documents\Track 3 - 20.sfk
[2012/11/03 21:04:09 | 000,622,174 | ---- | M] () -- C:\Users\mattroks\Documents\Track 3 - 19.wav
[2012/11/03 21:04:09 | 000,002,488 | ---- | M] () -- C:\Users\mattroks\Documents\Track 3 - 19.sfk
[2012/11/03 21:03:30 | 000,617,386 | ---- | M] () -- C:\Users\mattroks\Documents\Track 3 - 18.wav
[2012/11/03 21:03:30 | 000,002,464 | ---- | M] () -- C:\Users\mattroks\Documents\Track 3 - 18.sfk
[2012/11/03 21:03:00 | 000,767,190 | ---- | M] () -- C:\Users\mattroks\Documents\Track 3 - 17.wav
[2012/11/03 21:03:00 | 000,003,056 | ---- | M] () -- C:\Users\mattroks\Documents\Track 3 - 17.sfk
[2012/11/03 21:01:55 | 000,363,938 | ---- | M] () -- C:\Users\mattroks\Documents\Track 3 - 16.wav
[2012/11/03 21:01:55 | 000,001,480 | ---- | M] () -- C:\Users\mattroks\Documents\Track 3 - 16.sfk
[2012/11/03 21:00:53 | 000,822,254 | ---- | M] () -- C:\Users\mattroks\Documents\Track 3 - 15.wav
[2012/11/03 21:00:53 | 000,003,264 | ---- | M] () -- C:\Users\mattroks\Documents\Track 3 - 15.sfk
[2012/11/03 21:00:26 | 000,390,306 | ---- | M] () -- C:\Users\mattroks\Documents\Track 3 - 14.wav
[2012/11/03 21:00:26 | 000,001,584 | ---- | M] () -- C:\Users\mattroks\Documents\Track 3 - 14.sfk
[2012/11/03 20:59:55 | 001,836,130 | ---- | M] () -- C:\Users\mattroks\Documents\Track 3 - 13.wav
[2012/11/03 20:59:55 | 000,007,224 | ---- | M] () -- C:\Users\mattroks\Documents\Track 3 - 13.sfk
[2012/11/03 20:51:08 | 004,318,378 | ---- | M] () -- C:\Users\mattroks\Documents\Track 3 - 12.wav
[2012/11/03 20:51:08 | 000,016,928 | ---- | M] () -- C:\Users\mattroks\Documents\Track 3 - 12.sfk
[2012/11/03 20:49:28 | 002,554,318 | ---- | M] () -- C:\Users\mattroks\Documents\Track 3 - 11.wav
[2012/11/03 20:49:28 | 000,010,032 | ---- | M] () -- C:\Users\mattroks\Documents\Track 3 - 11.sfk
[2012/11/03 20:45:16 | 002,710,158 | ---- | M] () -- C:\Users\mattroks\Documents\Track 3 - 10.wav
[2012/11/03 20:45:16 | 000,010,640 | ---- | M] () -- C:\Users\mattroks\Documents\Track 3 - 10.sfk
[2012/11/03 20:43:49 | 002,586,878 | ---- | M] () -- C:\Users\mattroks\Documents\Track 3 - 9.wav
[2012/11/03 20:43:49 | 000,010,160 | ---- | M] () -- C:\Users\mattroks\Documents\Track 3 - 9.sfk
[2012/11/03 20:36:47 | 003,691,166 | ---- | M] () -- C:\Users\mattroks\Documents\Track 3 - 8.wav
[2012/11/03 20:36:47 | 000,014,472 | ---- | M] () -- C:\Users\mattroks\Documents\Track 3 - 8.sfk
[2012/11/02 19:19:52 | 000,000,036 | ---- | M] () -- C:\windows\SysNative\drivers\etc\hosts
[2012/11/01 15:29:33 | 000,136,920 | ---- | M] () -- C:\Users\mattroks\Documents\cc_20121101_162821.reg
[2012/11/01 15:13:16 | 000,000,833 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/11/01 14:29:53 | 000,001,120 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/11/01 10:46:11 | 001,710,922 | ---- | M] () -- C:\windows\SysNative\drivers\Cat.DB
[2012/10/31 22:49:23 | 000,002,394 | ---- | M] () -- C:\Users\mattroks\Desktop\Google Chrome.lnk
[2012/10/31 16:06:16 | 001,673,938 | ---- | M] () -- C:\Users\mattroks\Documents\Track 3 - 7.wav
[2012/10/31 16:06:16 | 000,006,592 | ---- | M] () -- C:\Users\mattroks\Documents\Track 3 - 7.sfk
[2012/10/31 15:57:23 | 020,302,770 | ---- | M] () -- C:\Users\mattroks\Documents\Track 3 - 6.wav
[2012/10/31 15:57:23 | 000,079,360 | ---- | M] () -- C:\Users\mattroks\Documents\Track 3 - 6.sfk
[2012/10/31 15:33:17 | 001,160,906 | ---- | M] () -- C:\Users\mattroks\Documents\Track 6 - 1.wav
[2012/10/31 15:33:17 | 000,004,592 | ---- | M] () -- C:\Users\mattroks\Documents\Track 6 - 1.sfk
[2012/10/28 16:17:53 | 000,010,240 | ---- | M] () -- C:\Users\mattroks\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/10/27 14:03:11 | 000,002,660 | ---- | M] () -- C:\Users\mattroks\Documents\Register Vegas Pro.htm
[2012/10/27 13:57:51 | 000,001,049 | ---- | M] () -- C:\Users\Public\Desktop\Vegas Pro 10.0 (64-bit).lnk
[2012/10/27 04:12:28 | 000,042,440 | ---- | M] () -- C:\windows\SysWow64\xfcodec.dll
[2012/10/27 04:12:28 | 000,028,104 | ---- | M] () -- C:\windows\SysNative\xfcodec64.dll
[2012/10/16 08:51:00 | 004,920,656 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2012/10/15 21:51:53 | 000,000,822 | ---- | M] () -- C:\Users\mattroks\Desktop\Virtual DJ Pro.lnk
[2012/10/10 14:30:22 | 000,839,398 | ---- | M] () -- C:\Users\mattroks\Desktop\Combo.wav
[1 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/11/06 21:13:49 | 000,000,970 | ---- | C] () -- C:\Users\Public\Desktop\Xfire.lnk
[2012/11/06 12:56:41 | 000,001,070 | ---- | C] () -- C:\Users\mattroks\Desktop\Notepad++.lnk
[2012/11/04 23:25:38 | 000,001,112 | ---- | C] () -- C:\Users\mattroks\Documents\Track 3 - 35.sfk
[2012/11/04 23:24:49 | 000,271,074 | ---- | C] () -- C:\Users\mattroks\Documents\Track 3 - 35.wav
[2012/11/04 23:24:49 | 000,001,560 | ---- | C] () -- C:\Users\mattroks\Documents\Track 3 - 34.sfk
[2012/11/04 22:06:42 | 000,385,498 | ---- | C] () -- C:\Users\mattroks\Documents\Track 3 - 34.wav
[2012/11/04 22:06:42 | 000,001,464 | ---- | C] () -- C:\Users\mattroks\Documents\Track 3 - 33.sfk
[2012/11/04 20:36:02 | 000,359,622 | ---- | C] () -- C:\Users\mattroks\Documents\Track 3 - 33.wav
[2012/11/04 20:36:02 | 000,002,528 | ---- | C] () -- C:\Users\mattroks\Documents\Track 3 - 32.sfk
[2012/11/04 17:28:51 | 000,633,462 | ---- | C] () -- C:\Users\mattroks\Documents\Track 3 - 32.wav
[2012/11/04 17:28:51 | 000,003,648 | ---- | C] () -- C:\Users\mattroks\Documents\Track 3 - 31.sfk
[2012/11/04 17:28:21 | 000,919,638 | ---- | C] () -- C:\Users\mattroks\Documents\Track 3 - 31.wav
[2012/11/04 17:28:21 | 000,001,512 | ---- | C] () -- C:\Users\mattroks\Documents\Track 3 - 30.sfk
[2012/11/04 17:17:13 | 000,372,274 | ---- | C] () -- C:\Users\mattroks\Documents\Track 3 - 30.wav
[2012/11/04 17:17:13 | 000,002,792 | ---- | C] () -- C:\Users\mattroks\Documents\Track 3 - 29.sfk
[2012/11/04 17:16:40 | 000,699,762 | ---- | C] () -- C:\Users\mattroks\Documents\Track 3 - 29.wav
[2012/11/04 17:16:40 | 000,002,024 | ---- | C] () -- C:\Users\mattroks\Documents\Track 3 - 28.sfk
[2012/11/04 17:14:32 | 000,503,322 | ---- | C] () -- C:\Users\mattroks\Documents\Track 3 - 28.wav
[2012/11/04 17:14:32 | 000,001,984 | ---- | C] () -- C:\Users\mattroks\Documents\Track 3 - 27.sfk
[2012/11/04 17:14:17 | 000,493,830 | ---- | C] () -- C:\Users\mattroks\Documents\Track 3 - 27.wav
[2012/11/03 21:44:54 | 000,001,496 | ---- | C] () -- C:\Users\mattroks\Documents\Track 3 - 26.sfk
[2012/11/03 21:44:27 | 000,368,746 | ---- | C] () -- C:\Users\mattroks\Documents\Track 3 - 26.wav
[2012/11/03 21:44:27 | 000,002,000 | ---- | C] () -- C:\Users\mattroks\Documents\Track 3 - 25.sfk
[2012/11/03 21:43:49 | 000,497,390 | ---- | C] () -- C:\Users\mattroks\Documents\Track 3 - 25.wav
[2012/11/03 21:43:49 | 000,002,232 | ---- | C] () -- C:\Users\mattroks\Documents\Track 3 - 24.sfk
[2012/11/03 21:36:59 | 000,556,874 | ---- | C] () -- C:\Users\mattroks\Documents\Track 3 - 24.wav
[2012/11/03 21:36:59 | 000,001,712 | ---- | C] () -- C:\Users\mattroks\Documents\Track 3 - 23.sfk
[2012/11/03 21:16:17 | 000,424,282 | ---- | C] () -- C:\Users\mattroks\Documents\Track 3 - 23.wav
[2012/11/03 21:16:17 | 000,001,152 | ---- | C] () -- C:\Users\mattroks\Documents\Track 3 - 22.sfk
[2012/11/03 21:16:02 | 000,281,054 | ---- | C] () -- C:\Users\mattroks\Documents\Track 3 - 22.wav
[2012/11/03 21:16:02 | 000,001,008 | ---- | C] () -- C:\Users\mattroks\Documents\Track 3 - 21.sfk
[2012/11/03 21:11:15 | 000,244,642 | ---- | C] () -- C:\Users\mattroks\Documents\Track 3 - 21.wav
[2012/11/03 21:11:15 | 000,005,424 | ---- | C] () -- C:\Users\mattroks\Documents\Track 3 - 20.sfk
[2012/11/03 21:04:09 | 001,374,082 | ---- | C] () -- C:\Users\mattroks\Documents\Track 3 - 20.wav
[2012/11/03 21:04:09 | 000,002,488 | ---- | C] () -- C:\Users\mattroks\Documents\Track 3 - 19.sfk
[2012/11/03 21:03:30 | 000,622,174 | ---- | C] () -- C:\Users\mattroks\Documents\Track 3 - 19.wav
[2012/11/03 21:03:30 | 000,002,464 | ---- | C] () -- C:\Users\mattroks\Documents\Track 3 - 18.sfk
[2012/11/03 21:03:00 | 000,617,386 | ---- | C] () -- C:\Users\mattroks\Documents\Track 3 - 18.wav
[2012/11/03 21:03:00 | 000,003,056 | ---- | C] () -- C:\Users\mattroks\Documents\Track 3 - 17.sfk
[2012/11/03 21:01:55 | 000,767,190 | ---- | C] () -- C:\Users\mattroks\Documents\Track 3 - 17.wav
[2012/11/03 21:01:55 | 000,001,480 | ---- | C] () -- C:\Users\mattroks\Documents\Track 3 - 16.sfk
[2012/11/03 21:00:53 | 000,363,938 | ---- | C] () -- C:\Users\mattroks\Documents\Track 3 - 16.wav
[2012/11/03 21:00:53 | 000,003,264 | ---- | C] () -- C:\Users\mattroks\Documents\Track 3 - 15.sfk
[2012/11/03 21:00:26 | 000,822,254 | ---- | C] () -- C:\Users\mattroks\Documents\Track 3 - 15.wav
[2012/11/03 21:00:26 | 000,001,584 | ---- | C] () -- C:\Users\mattroks\Documents\Track 3 - 14.sfk
[2012/11/03 20:59:55 | 000,390,306 | ---- | C] () -- C:\Users\mattroks\Documents\Track 3 - 14.wav
[2012/11/03 20:59:55 | 000,007,224 | ---- | C] () -- C:\Users\mattroks\Documents\Track 3 - 13.sfk
[2012/11/03 20:51:08 | 001,836,130 | ---- | C] () -- C:\Users\mattroks\Documents\Track 3 - 13.wav
[2012/11/03 20:51:08 | 000,016,928 | ---- | C] () -- C:\Users\mattroks\Documents\Track 3 - 12.sfk
[2012/11/03 20:49:28 | 004,318,378 | ---- | C] () -- C:\Users\mattroks\Documents\Track 3 - 12.wav
[2012/11/03 20:49:28 | 000,010,032 | ---- | C] () -- C:\Users\mattroks\Documents\Track 3 - 11.sfk
[2012/11/03 20:45:16 | 002,554,318 | ---- | C] () -- C:\Users\mattroks\Documents\Track 3 - 11.wav
[2012/11/03 20:45:16 | 000,010,640 | ---- | C] () -- C:\Users\mattroks\Documents\Track 3 - 10.sfk
[2012/11/03 20:43:49 | 002,710,158 | ---- | C] () -- C:\Users\mattroks\Documents\Track 3 - 10.wav
[2012/11/03 20:43:49 | 000,010,160 | ---- | C] () -- C:\Users\mattroks\Documents\Track 3 - 9.sfk
[2012/11/03 20:36:47 | 002,586,878 | ---- | C] () -- C:\Users\mattroks\Documents\Track 3 - 9.wav
[2012/11/03 20:36:47 | 000,014,472 | ---- | C] () -- C:\Users\mattroks\Documents\Track 3 - 8.sfk
[2012/11/03 20:35:44 | 003,691,166 | ---- | C] () -- C:\Users\mattroks\Documents\Track 3 - 8.wav
[2012/11/01 15:29:17 | 000,136,920 | ---- | C] () -- C:\Users\mattroks\Documents\cc_20121101_162821.reg
[2012/11/01 15:13:16 | 000,000,833 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/11/01 14:29:52 | 000,001,120 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/11/01 10:50:32 | 000,767,960 | ---- | C] () -- C:\windows\BDTSupport.dll1152.old
[2012/11/01 10:44:58 | 001,710,922 | ---- | C] () -- C:\windows\SysNative\drivers\Cat.DB
[2012/10/31 22:49:23 | 000,002,394 | ---- | C] () -- C:\Users\mattroks\Desktop\Google Chrome.lnk
[2012/10/31 16:06:16 | 000,006,592 | ---- | C] () -- C:\Users\mattroks\Documents\Track 3 - 7.sfk
[2012/10/31 15:57:23 | 001,673,938 | ---- | C] () -- C:\Users\mattroks\Documents\Track 3 - 7.wav
[2012/10/31 15:57:23 | 000,079,360 | ---- | C] () -- C:\Users\mattroks\Documents\Track 3 - 6.sfk
[2012/10/31 15:55:22 | 020,302,770 | ---- | C] () -- C:\Users\mattroks\Documents\Track 3 - 6.wav
[2012/10/31 15:33:17 | 000,004,592 | ---- | C] () -- C:\Users\mattroks\Documents\Track 6 - 1.sfk
[2012/10/31 15:33:06 | 001,160,906 | ---- | C] () -- C:\Users\mattroks\Documents\Track 6 - 1.wav
[2012/10/27 13:57:51 | 000,001,049 | ---- | C] () -- C:\Users\Public\Desktop\Vegas Pro 10.0 (64-bit).lnk
[2012/10/27 04:12:28 | 000,042,440 | ---- | C] () -- C:\windows\SysWow64\xfcodec.dll
[2012/10/27 04:12:28 | 000,028,104 | ---- | C] () -- C:\windows\SysNative\xfcodec64.dll
[2012/10/20 23:19:50 | 000,080,384 | ---- | C] () -- C:\windows\gamedelete.exe
[2012/10/15 21:51:53 | 000,000,822 | ---- | C] () -- C:\Users\mattroks\Desktop\Virtual DJ Pro.lnk
[2012/10/10 14:30:21 | 000,839,398 | ---- | C] () -- C:\Users\mattroks\Desktop\Combo.wav
[2012/05/21 09:54:12 | 001,970,176 | ---- | C] () -- C:\windows\SysWow64\d3dx9.dll
[2012/05/17 22:34:21 | 000,000,088 | RHS- | C] () -- C:\ProgramData\C114EED874.sys
[2012/05/17 22:34:20 | 000,001,890 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2012/03/20 20:13:43 | 000,645,632 | ---- | C] () -- C:\windows\SysWow64\xvidcore.dll
[2012/03/20 20:13:43 | 000,240,640 | ---- | C] () -- C:\windows\SysWow64\xvidvfw.dll
[2012/02/26 12:28:31 | 000,010,240 | ---- | C] () -- C:\Users\mattroks\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/02/17 15:30:29 | 000,743,534 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2012/01/09 15:00:48 | 004,346,880 | ---- | C] () -- C:\windows\SysWow64\ffmpeg.dll
[2012/01/07 17:22:00 | 000,172,032 | ---- | C] () -- C:\windows\SysWow64\libbluray.dll
[2012/01/07 17:21:50 | 006,366,094 | ---- | C] () -- C:\windows\SysWow64\avcodec-lav-53.dll
[2012/01/07 17:21:50 | 001,007,151 | ---- | C] () -- C:\windows\SysWow64\avformat-lav-53.dll
[2012/01/07 17:21:50 | 000,354,979 | ---- | C] () -- C:\windows\SysWow64\swscale-lav-2.dll
[2012/01/07 17:21:50 | 000,203,306 | ---- | C] () -- C:\windows\SysWow64\avutil-lav-51.dll
[2012/01/07 17:21:50 | 000,138,727 | ---- | C] () -- C:\windows\SysWow64\avfilter-lav-2.dll
[2011/12/26 02:34:56 | 000,451,072 | ---- | C] () -- C:\windows\SysWow64\ISSRemoveSP.exe
[2011/12/26 02:21:17 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2011/12/26 02:17:46 | 000,003,929 | ---- | C] () -- C:\windows\SysWow64\atipblag.dat
[2011/12/20 13:50:04 | 000,079,360 | ---- | C] () -- C:\windows\SysWow64\ff_vfw.dll
[2011/12/20 13:49:56 | 000,099,328 | ---- | C] () -- C:\windows\SysWow64\ff_wmv9.dll
[2011/12/20 13:49:54 | 000,158,720 | ---- | C] () -- C:\windows\SysWow64\ff_unrar.dll
[2011/12/20 13:49:54 | 000,146,944 | ---- | C] () -- C:\windows\SysWow64\ff_libmad.dll
[2011/12/20 13:49:52 | 001,525,248 | ---- | C] () -- C:\windows\SysWow64\ff_samplerate.dll
[2011/12/20 13:49:52 | 000,212,480 | ---- | C] () -- C:\windows\SysWow64\ff_libdts.dll
[2011/12/20 13:49:52 | 000,115,200 | ---- | C] () -- C:\windows\SysWow64\ff_liba52.dll
[2011/12/20 13:49:50 | 000,328,704 | ---- | C] () -- C:\windows\SysWow64\ff_libfaad2.dll
[2011/12/20 13:49:50 | 000,260,608 | ---- | C] () -- C:\windows\SysWow64\TomsMoComp_ff.dll
[2011/12/20 13:49:50 | 000,137,728 | ---- | C] () -- C:\windows\SysWow64\libmpeg2_ff.dll
[2011/12/07 14:32:24 | 000,216,064 | ---- | C] ( ) -- C:\windows\SysWow64\Lagarith.dll
[2011/09/08 09:00:52 | 000,150,528 | ---- | C] () -- C:\windows\SysWow64\mkx.dll
[2011/09/08 09:00:48 | 000,142,336 | ---- | C] () -- C:\windows\SysWow64\mp4.dll
[2011/09/08 09:00:42 | 000,123,392 | ---- | C] () -- C:\windows\SysWow64\ogm.dll
[2011/09/08 09:00:38 | 000,249,856 | ---- | C] () -- C:\windows\SysWow64\dxr.dll
[2011/09/08 09:00:34 | 000,113,152 | ---- | C] () -- C:\windows\SysWow64\dsmux.exe
[2011/09/08 09:00:24 | 000,154,624 | ---- | C] () -- C:\windows\SysWow64\ts.dll
[2011/09/08 09:00:10 | 000,137,728 | ---- | C] () -- C:\windows\SysWow64\mkv2vfr.exe
[2011/09/08 09:00:06 | 000,358,400 | ---- | C] () -- C:\windows\SysWow64\gdsmux.exe
[2011/09/08 08:59:54 | 000,080,384 | ---- | C] () -- C:\windows\SysWow64\mkzlib.dll
[2011/09/08 08:59:52 | 000,024,576 | ---- | C] () -- C:\windows\SysWow64\mkunicode.dll
[2011/03/03 06:39:56 | 000,109,568 | ---- | C] () -- C:\windows\SysWow64\avi.dll
[2011/03/03 06:38:10 | 000,097,792 | ---- | C] () -- C:\windows\SysWow64\avs.dll
[2011/03/03 06:37:50 | 000,093,184 | ---- | C] () -- C:\windows\SysWow64\avss.dll

========== ZeroAccess Check ==========

[2011/11/17 01:41:18 | 000,002,048 | -HS- | M] () -- C:\Windows\Installer\{1124a725-e7eb-82f4-e978-28044d39f9dc}\@
[2012/10/30 14:52:38 | 000,000,000 | -HSD | M] -- C:\Windows\Installer\{1124a725-e7eb-82f4-e978-28044d39f9dc}\L
[2012/11/02 20:27:38 | 000,000,000 | -HSD | M] -- C:\Windows\Installer\{1124a725-e7eb-82f4-e978-28044d39f9dc}\U
[2012/11/04 11:45:37 | 000,000,804 | ---- | M] () -- C:\Windows\Installer\{1124a725-e7eb-82f4-e978-28044d39f9dc}\L\[email protected]
[2012/10/31 12:47:30 | 000,002,048 | ---- | M] () -- C:\Windows\Installer\{1124a725-e7eb-82f4-e978-28044d39f9dc}\U\[email protected]
[2012/11/02 20:27:38 | 000,232,960 | ---- | M] () -- C:\Windows\Installer\{1124a725-e7eb-82f4-e978-28044d39f9dc}\U\[email protected]
[2012/11/02 20:27:34 | 000,001,632 | ---- | M] () -- C:\Windows\Installer\{1124a725-e7eb-82f4-e978-28044d39f9dc}\U\[email protected]
[2012/10/30 13:11:28 | 000,015,360 | ---- | M] () -- C:\Windows\Installer\{1124a725-e7eb-82f4-e978-28044d39f9dc}\U\[email protected]
[2012/11/02 20:27:35 | 000,091,136 | ---- | M] () -- C:\Windows\Installer\{1124a725-e7eb-82f4-e978-28044d39f9dc}\U\[email protected]
[2012/11/01 14:59:41 | 000,078,848 | ---- | M] () -- C:\Windows\Installer\{1124a725-e7eb-82f4-e978-28044d39f9dc}\U\[email protected]
[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
[2012/11/04 11:45:37 | 000,004,608 | -HS- | M] () -- C:\windows\assembly\GAC_32\Desktop.ini
[2012/11/04 11:45:37 | 000,006,144 | -HS- | M] () -- C:\windows\assembly\GAC_64\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 00:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 23:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 22:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/07/21 18:47:06 | 000,000,000 | ---D | M] -- C:\Users\mattroks\AppData\Roaming\.doomseeker
[2012/10/03 23:25:03 | 000,000,000 | ---D | M] -- C:\Users\mattroks\AppData\Roaming\.minecraft
[2012/08/18 15:19:59 | 000,000,000 | ---D | M] -- C:\Users\mattroks\AppData\Roaming\Ableton
[2012/10/31 09:52:55 | 000,000,000 | ---D | M] -- C:\Users\mattroks\AppData\Roaming\AIMP3
[2012/11/07 10:49:31 | 000,000,000 | ---D | M] -- C:\Users\mattroks\AppData\Roaming\Audacity
[2012/08/15 15:36:14 | 000,000,000 | ---D | M] -- C:\Users\mattroks\AppData\Roaming\Awesomium
[2012/11/04 11:46:08 | 000,000,000 | ---D | M] -- C:\Users\mattroks\AppData\Roaming\BitTorrent
[2012/03/21 12:27:32 | 000,000,000 | ---D | M] -- C:\Users\mattroks\AppData\Roaming\Canneverbe Limited
[2012/11/01 15:43:33 | 000,000,000 | ---D | M] -- C:\Users\mattroks\AppData\Roaming\DAEMON Tools Lite
[2012/03/15 09:52:33 | 000,000,000 | ---D | M] -- C:\Users\mattroks\AppData\Roaming\Downloaded Installations
[2012/11/06 12:36:32 | 000,000,000 | ---D | M] -- C:\Users\mattroks\AppData\Roaming\Dropbox
[2012/09/25 21:00:28 | 000,000,000 | ---D | M] -- C:\Users\mattroks\AppData\Roaming\enchant
[2012/05/18 15:05:53 | 000,000,000 | ---D | M] -- C:\Users\mattroks\AppData\Roaming\Enterbrain
[2012/03/26 20:39:18 | 000,000,000 | ---D | M] -- C:\Users\mattroks\AppData\Roaming\fofix
[2012/06/19 19:30:11 | 000,000,000 | ---D | M] -- C:\Users\mattroks\AppData\Roaming\GOG.com
[2012/03/28 09:19:09 | 000,000,000 | ---D | M] -- C:\Users\mattroks\AppData\Roaming\Greenshot
[2012/08/24 13:01:07 | 000,000,000 | ---D | M] -- C:\Users\mattroks\AppData\Roaming\Gyazo
[2012/05/22 09:40:34 | 000,000,000 | ---D | M] -- C:\Users\mattroks\AppData\Roaming\HandBrake
[2012/09/02 21:36:25 | 000,000,000 | ---D | M] -- C:\Users\mattroks\AppData\Roaming\Leadertech
[2012/10/03 12:51:19 | 000,000,000 | ---D | M] -- C:\Users\mattroks\AppData\Roaming\LOVE
[2012/03/04 14:48:33 | 000,000,000 | ---D | M] -- C:\Users\mattroks\AppData\Roaming\Magic Set Editor
[2012/03/18 17:40:39 | 000,000,000 | ---D | M] -- C:\Users\mattroks\AppData\Roaming\MotioninJoy
[2012/02/16 21:01:45 | 000,000,000 | ---D | M] -- C:\Users\mattroks\AppData\Roaming\MP3SkypeRecorder
[2012/10/31 14:49:10 | 000,000,000 | ---D | M] -- C:\Users\mattroks\AppData\Roaming\Mp3tag
[2012/11/06 12:57:29 | 000,000,000 | ---D | M] -- C:\Users\mattroks\AppData\Roaming\Notepad++
[2012/02/16 10:50:19 | 000,000,000 | ---D | M] -- C:\Users\mattroks\AppData\Roaming\OpenOffice.org
[2012/03/08 13:12:45 | 000,000,000 | ---D | M] -- C:\Users\mattroks\AppData\Roaming\PACE Anti-Piracy
[2012/04/26 21:59:53 | 000,000,000 | ---D | M] -- C:\Users\mattroks\AppData\Roaming\Pamela
[2012/08/09 11:52:24 | 000,000,000 | ---D | M] -- C:\Users\mattroks\AppData\Roaming\Publish Providers
[2012/09/06 22:35:17 | 000,000,000 | ---D | M] -- C:\Users\mattroks\AppData\Roaming\REAPER
[2012/09/25 21:18:13 | 000,000,000 | ---D | M] -- C:\Users\mattroks\AppData\Roaming\RenPy
[2012/08/01 23:08:25 | 000,000,000 | ---D | M] -- C:\Users\mattroks\AppData\Roaming\Screaming Bee
[2012/11/04 11:43:43 | 000,000,000 | ---D | M] -- C:\Users\mattroks\AppData\Roaming\SoftGrid Client
[2012/10/27 13:56:21 | 000,000,000 | ---D | M] -- C:\Users\mattroks\AppData\Roaming\Sony
[2012/06/15 10:02:06 | 000,000,000 | ---D | M] -- C:\Users\mattroks\AppData\Roaming\Sony Creative Software
[2012/03/01 23:01:08 | 000,000,000 | ---D | M] -- C:\Users\mattroks\AppData\Roaming\Sony Creative Software Inc
[2012/03/08 13:15:13 | 000,000,000 | ---D | M] -- C:\Users\mattroks\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012/02/20 12:33:36 | 000,000,000 | ---D | M] -- C:\Users\mattroks\AppData\Roaming\Subversion
[2012/11/01 10:44:04 | 000,000,000 | ---D | M] -- C:\Users\mattroks\AppData\Roaming\TestApp
[2012/02/15 00:13:05 | 000,000,000 | ---D | M] -- C:\Users\mattroks\AppData\Roaming\Tific
[2012/02/14 17:01:42 | 000,000,000 | ---D | M] -- C:\Users\mattroks\AppData\Roaming\Toshiba
[2012/02/17 15:32:16 | 000,000,000 | ---D | M] -- C:\Users\mattroks\AppData\Roaming\TP
[2012/11/07 11:13:58 | 000,000,000 | ---D | M] -- C:\Users\mattroks\AppData\Roaming\uTorrent
[2012/06/25 21:39:29 | 000,000,000 | ---D | M] -- C:\Users\mattroks\AppData\Roaming\VSelect
[2012/02/14 16:56:59 | 000,000,000 | ---D | M] -- C:\Users\mattroks\AppData\Roaming\WinBatch
[2012/03/23 13:26:07 | 000,000,000 | ---D | M] -- C:\Users\mattroks\AppData\Roaming\Xilisoft

========== Purity Check ==========



========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >
[2012/07/05 17:46:34 | 000,172,098 | ---- | M] () -- C:\torrent.exe

< MD5 for: EXPLORER.EXE >
[2011/02/26 00:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/02/25 01:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 01:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 01:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 22:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/20 22:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: SERVICES.EXE >
[2009/07/13 20:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
[2009/07/13 20:39:37 | 000,329,216 | ---- | M] (Microsoft Corporation) MD5=50BEA589F7D7958BDD2528A8F69D05CC -- C:\windows\SysNative\services.exe

< MD5 for: SVCHOST.EXE >
[2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2011/03/01 03:10:51 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=635455A95EB8EC47AC72142E501465ED -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7601.21671_none_14271b75353e4391\svchost.exe
[2011/03/01 03:07:49 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=6F68F63794097E54F36474ED4384B759 -- C:\windows\SysNative\svchost.exe
[2011/03/01 03:07:49 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=6F68F63794097E54F36474ED4384B759 -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7601.17568_none_13af509c1c123937\svchost.exe
[2012/09/29 18:54:26 | 000,218,184 | ---- | M] () MD5=8846E87210AD131CF71E3E2E49F647B0 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2011/03/01 03:07:49 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=A91A288C91F9D9F1CFA4FAA9893C4D55 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7601.21671_none_b8087ff17ce0d25b\svchost.exe
[2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
[2011/03/01 03:05:31 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=ECDB182F885292145826C58252B53000 -- C:\Windows\SysWOW64\svchost.exe
[2011/03/01 03:05:31 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=ECDB182F885292145826C58252B53000 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7601.17568_none_b790b51863b4c801\svchost.exe

< MD5 for: USERINIT.EXE >
[2010/11/20 22:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 22:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/20 22:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\windows\SysNative\userinit.exe
[2010/11/20 22:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/20 22:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\windows\SysNative\winlogon.exe
[2010/11/20 22:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2012/09/29 18:54:26 | 000,218,184 | ---- | M] () MD5=8846E87210AD131CF71E3E2E49F647B0 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

< %systemroot%\*. /mp /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 153 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:888AFB86

< End of report >
  • 0

#4
Troks

Troks

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
OTL EXTRAS LOG

OTL Extras logfile created on: 11/7/2012 10:51:14 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\mattroks\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.60 Gb Total Physical Memory | 1.65 Gb Available Physical Memory | 45.88% Memory free
3.60 Gb Paging File | 1.52 Gb Available in Paging File | 42.28% Paging File free
Paging file location(s): [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 282.92 Gb Total Space | 88.92 Gb Free Space | 31.43% Space Free | Partition Type: NTFS

Computer Name: MATTROKS-PC | User Name: mattroks | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1C8C049A-145F-4A6E-8290-B5C245EBE39D}" = TOSHIBA Bulletin Board
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{24811C12-F4A9-4D0F-8494-A7B8FE46123C}" = TOSHIBA ReelTime
"{26A24AE4-039D-4CA4-87B4-2F86416031FF}" = Java™ 6 Update 31 (64-bit)
"{29AFE1B0-26A4-11E1-BFD4-F04DA23A5C58}" = MSVCRT Redists
"{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1" = MotioninJoy DS3 driver version 0.6.0005
"{33C19CDE-E935-11E0-A0DA-F04DA23A5C58}" = MSVCRT Redists
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4ACA5AE7-E68C-5A48-F8E6-D67946267506}" = ATI Catalyst Install Manager
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6316805C-2485-2FF5-974C-750E3BE1DF65}" = AMD Media Foundation Decoders
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6DE721A5-5E89-4D74-994C-652BB3C0672E}" = Pinnacle Video Driver
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A34D9B7F-8453-DA02-DC98-EEEE085411C6}" = ccc-utility64
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C32A0C11-B1A1-4ABC-8C1E-C1E2E3936D26}" = TortoiseSVN 1.7.5.22551 (64 bit)
"{C616FD4F-11F5-11E0-A38F-0013D3D69929}" = Vegas Pro 10.0 (64-bit)
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{C9608300-11F5-11E0-A64B-0013D3D69929}" = MSVCRT Redists
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"CCleaner" = CCleaner
"CNXT_AUDIO_HDA" = Conexant HD Audio
"Defraggler" = Defraggler
"Elantech" = ETDWare PS/2-X64 8.0.8.0_R01
"GIMP-2_is1" = GIMP 2.8.2
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Windows Movie Maker" = Windows Movie Maker
"WinRAR archiver" = WinRAR 4.10 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0146E330-EEE7-B924-B347-B399460893ED}" = CCC Help Czech
"{014A2868-BE56-4888-A16C-693989B8F153}" = SlimDX Runtime .NET 2.0 (January 2012)
"{024521CF-C07E-4F8E-8481-0D75695E03AF}" = PxMergeModule
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}" = Battlefield 2™
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{08CA9554-B5FE-4313-938F-D4A417B81175}" = QuickTime
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{09927C92-A652-057A-3A7B-153F23175C58}" = CCC Help Dutch
"{0AF17224-CF88-40B8-BB1A-D179369847B4}" = TOSHIBA Supervisor Password
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C5A930C-0413-4C4C-BBAE-4061109C3615}" = Seesmic Ping
"{0D795777-9D60-4692-8386-F2B3F2B5E5BF}" = [email protected] 1.0
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{109CBCC5-7151-1CC6-DAD6-6F7DD3162A8A}" = Catalyst Control Center InstallProxy
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{19E40731-8E1A-07FB-DA7D-8A54603F6408}" = CCC Help English
"{1A4F5611-13A0-4EBD-BFAF-156D5B5AC0ED}" = VirtualDJ LE (Numark)
"{1B97813D-74A7-25EB-4837-792413507E82}" = CCC Help Danish
"{1CF94211-A7BB-8151-44B8-6618C5A162F8}" = CCC Help Portuguese
"{1D7FEEAC-6CEE-5B5F-A8B0-9BE7A6BCB7FB}" = CCC Help Chinese Traditional
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{247E03D2-485B-7A70-BF5C-AB9BDF6AFB44}" = CCC Help Polish
"{2515EAA9-AE9F-4F0A-8301-B40034838B8A}" = Livestream Procaster
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java™ 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java™ 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217003FF}" = Java™ 7 Update 3
"{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2DCD0543-22F6-4E54-80D3-B4EFB9AC4943}" = TweetDeck
"{2EEFB3C4-4706-C2B5-DF69-CF914D87BCE4}" = CCC Help Swedish
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{337FDED7-D27B-E476-E888-3674E1C01C69}" = CCC Help Spanish
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{3D374523-CFDE-461A-827E-2A102E2AB365}" = Star Wars Battlefront II
"{3E171899-0175-47CC-84C4-562ACDD4C021}" = OpenOffice.org 3.3
"{43D16DA8-BF42-3C62-89D3-3AD47829DC2E}" = Google Talk Plugin
"{4485C9D0-A742-F1BB-C0B0-58FC61960D99}" = CCC Help Korean
"{456A5815-604D-4D72-94DF-346D2B978A59}_is1" = GOG.com Downloader version 3.2.11
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{521F829A-CBDD-4525-A94C-05D4650E9F71}" = DVD Architect Pro 5.0
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5AF550B4-BB67-4E7E-82F1-2C4300279050}" = TOSHIBARegistration
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{666E35A7-A224-E3E9-48C2-C641837535D9}" = Catalyst Control Center Localization All
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6c8841d1-0bf1-43f3-b1f1-b58ec284fc69}" = Seesmic Ping
"{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1" = Gyazo 1.0
"{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}" = TOSHIBA Web Camera Application
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-toshiba" = WildTangent Games App (Toshiba Games)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7683B745-6060-41FD-AA75-0BBB383FEAD4}" = SweetIM for Messenger 3.7
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{8064A378-46F4-4A4E-8AF5-153D0D4018DD}" = Catalyst Control Center - Branding
"{83601916-2E71-F1C7-EE5F-A1C985BC9217}" = CCC Help German
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8A34A135-D405-DD03-9B2E-0EB99238A312}" = CCC Help Finnish
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English
"{907B4640-266B-4A21-92FB-CD1A86CD0F63}" = RollerCoaster Tycoon 3 Platinum
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9550EA6C-4CBE-C1F3-1E1C-5E87F2C645ED}" = CCC Help French
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}" = TOSHIBA Application Installer
"{97965331-BC5D-4D9F-B6DF-5C0A123E4AE0}" = TOSHIBA Hardware Setup
"{97F67013-3076-4261-DC10-808409655042}" = AMD VISION Engine Control Center
"{986BB897-C295-2FED-8DCA-4ADE3AFCEF84}" = CCC Help Russian
"{99843EA4-C506-40F6-87FC-FFDC588D810F}" = Quest
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D3D8C60-A55F-4fed-B2B9-173001290E16}" = Realtek WLAN Driver
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A14962A7-2B7D-456E-BFCD-F54E3A88D41F}" = Toshiba Book Place
"{A26161BC-1360-404A-A85D-0E90BE3B5F67}" = Dealio Toolbar v6.5
"{A4FF8F4E-D665-712B-07EE-F03ED360E9BE}" = CCC Help Italian
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X MUI
"{ADB50F70-98FF-067F-DF39-47DD83E32D58}" = CCC Help Chinese Standard
"{AFD834CA-4579-49DF-9CF0-EA58822A7C2E}_is1" = Battlefront Extreme 2.2
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{B83FCE14-53D5-CBF8-87E9-59B8968ADB4C}" = CCC Help Norwegian
"{B8ABD8C7-991E-4A70-B5A3-20C6FC680680}" = LogMeIn Hamachi
"{C0E8FE43-C35B-451D-B35F-D4BD056D70E7}" = Camtasia Studio 7
"{C28DD992-5B7B-D195-6841-4EC57DF512BD}" = Adobe Story
"{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}" = TOSHIBA Assist
"{C3592426-531E-4110-911D-BFECE2CE284C}" = osu!
"{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}" = Internet Explorer Toolbar 4.6 by SweetPacks
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Toshiba Online Backup
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C78E3449-4F24-839B-5F7A-6911C67A5BE9}" = Catalyst Control Center Graphics Previews Common
"{C79CB9C7-10A4-4814-8402-F574672C2192}" = Star Wars Battlefront
"{C7A4F26F-F9B0-41B2-8659-99181108CDE3}" = TOSHIBA Media Controller
"{CA31F991-DBD2-4DE1-B6D2-30105F23CBBC}" = RapeLay
"{CB606F47-7D0E-40DF-95BB-0E5413A1295F}" = MP3 Skype Recorder
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D5B1535A-FDFC-4B40-B2E2-21DA83D9CB57}" = Adobe Audition CS5.5
"{D6E90970-BA9C-51AA-EFA2-9F80A7AE0956}" = CCC Help Thai
"{D826A52E-0AC9-5A55-61B8-0E088477A1B0}" = CCC Help Greek
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DA84ECBF-4B79-47F2-B34C-95C38484C058}" = Skype Launcher
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE289787-7ECA-4BED-9D8C-99FAC407E3D6}" = MorphVOX Pro
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E69540AC-FFC3-5519-F925-5ACC8D20DED5}" = CCC Help Hungarian
"{E69992ED-A7F6-406C-9280-1C156417BC49}" = TOSHIBA Quality Application
"{E8FD4349-AF5E-4906-90D8-75AB44140B95}" = Quest
"{E9D96BD5-7D33-7ED3-0A8E-229FA2524487}" = CCC Help Turkish
"{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}" = Update Manager for SweetPacks 1.1
"{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}" = Toshiba App Place
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EF581945-BBE9-11D5-A7FE-50275FC10000}" = Capitalism II
"{EF67AE1A-6B31-4C98-91A9-F195D8702150}" = Google Drive
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F8511A0F-D91D-4E3D-A59C-3CA8FB8EAFE8}" = MechWarrior Online
"{F931F27F-A967-982A-9226-494787D5FBBB}" = CCC Help Japanese
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop CS4_is1" = Adobe Photoshop CS4
"Aleks 3.18" = Aleks 3.18
"ASIO4ALL" = ASIO4ALL
"aTube Catcher" = aTube Catcher
"Audacity_is1" = Audacity 2.0
"Beneath a Steel Sky_is1" = Beneath a Steel Sky
"BitTorrent" = BitTorrent
"BroadCam" = BroadCam Video Streaming Server
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"Cheat Engine 5.6_is1" = Cheat Engine 5.6
"com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Story
"DAEMON Tools Lite" = DAEMON Tools Lite
"Descent Manager Tools" = Descent Manager Tools
"Desura" = Desura
"Desura_51346334023696" = Desura: WWI Source
"D-Fend Reloaded" = D-Fend Reloaded 1.3.0 (deinstall)
"DivX Setup" = DivX Setup
"Doom Builder 2_is1" = Doom Builder 2.1
"DragonUnPACKer5_is1" = Dragon UnPACKer 5
"DVD Decrypter" = DVD Decrypter (Remove Only)
"Easy GIF Animator_is1" = Easy GIF Animator 5.02
"Empire Earth Gold Edition_is1" = Empire Earth Gold Edition
"FormatFactory" = FormatFactory 2.80
"Fraps" = Fraps (remove only)
"Game Extractor" = Game Extractor 2.0
"Greenshot_is1" = Greenshot
"Half-Life_is1" = Half-Life
"HandBrake" = HandBrake 0.9.6
"Hitman 2 Silent Assassin" = Hitman 2 Silent Assassin
"Hitman: Codename 47_is1" = Hitman: Codename 47
"Hitman: Contracts" = Hitman: Contracts
"htmltads.exe" = HTML TADS Player Kit
"htmltdb3.exe" = TADS 3 Author's Kit
"IL Download Manager" = IL Download Manager
"InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"InstallShield_{1C8C049A-145F-4A6E-8290-B5C245EBE39D}" = TOSHIBA Bulletin Board
"InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}" = TOSHIBA ReelTime
"InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}" = TOSHIBA Web Camera Application
"InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"Katawa Shoujo" = Katawa Shoujo
"LAME_is1" = LAME v3.99.3 (for Windows)
"LogMeIn Hamachi" = LogMeIn Hamachi
"Magic Set Editor 2_is1" = Magic Set Editor 2.0.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.65.1.1000
"mIRC" = mIRC
"Mozilla Firefox 14.0.1 (x86 en-US)" = Mozilla Firefox 14.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mp3tag" = Mp3tag v2.52
"MTA:SA 1.3" = MTA:SA v1.3
"NortonPCCheckup" = Toshiba Laptop Checkup
"Notepad++" = Notepad++
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"One Unit Whole Blood_is1" = One Unit Whole Blood
"OpenAL" = OpenAL
"Pivot Stickfigure Animator_is1" = Pivot Stickfigure Animator version 2.2.6
"Postal 2" = Postal 2
"REAPER" = REAPER
"RPG Maker 2000 ColumbineRPG" = RPG Maker 2000 - Super Columbine Massacre RPG!
"RPG Maker VX RTP_is1" = RPG Maker VX RTP
"RPG Maker VX_is1" = RPG Maker VX
"RPGVXAce_E_is1" = RPG MAKER VX Ace
"RPGVXAce_RTP_is1" = RPG MAKER VX Ace RTP
"S.W.A.T. 4_is1" = S.W.A.T. 4
"Sanny Builder 3_is1" = Sanny Builder 3.04
"Skulltag" = Skulltag
"SSF Realism Mod" = SSF Realism Mod
"SSF Realism Mod v2.1" = SSF Realism Mod v2.1
"Steam App 1260" = Killing Floor SDK
"Steam App 215" = Source SDK Base 2006
"Steam App 218" = Source SDK Base 2007
"Sumotori Full Version" = Sumotori Full Version
"The You Testament" = The You Testament
"ToolBox" = NCH Toolbox
"Uplink" = Uplink
"uTorrent" = µTorrent
"Virtual DJ Pro Full - Atomix Productions" = Virtual DJ Pro Full - Atomix Productions
"VLC media player" = VLC media player 2.0.1
"WildTangent toshiba Master Uninstall" = WildTangent Games
"Winamp" = Winamp
"Windows 7 - Codec Pack" = Windows 7 Codec Pack 3.7.0
"WinLiveSuite" = Windows Live Essentials
"Worlds of Ultima - Martian Dreams_is1" = Worlds of Ultima - Martian Dreams
"WTA-1bba0e63-12d1-4696-9f9d-fcfdc020c237" = Zuma's Revenge
"WTA-23f2d570-9741-411e-9c42-b5223475e354" = Plants vs. Zombies - Game of the Year
"WTA-47198c73-c083-48c2-a7f5-49d60f48b77b" = Bejeweled 3
"WTA-95bc2a49-5e51-4c57-ae73-68e0c4d1148b" = FATE - The Traitor Soul
"WTA-95c3d5a3-1c0a-4bb9-b8f3-1f59a26d23e7" = Letters from Nowhere 2
"WTA-9e81a185-5977-4125-b45e-c03983b47cd4" = RollerCoaster Tycoon 3: Platinum
"WTA-a46486f9-7903-4f76-b8ff-5a0f5b074b2b" = Polar Bowler
"WTA-ba6346b3-025b-49ab-96e7-d9ae39939ecc" = Penguins!
"WTA-f64c137f-4dc8-49c9-beab-df6ff2df9fe7" = Tales of Lagoona
"Xfire" = Xfire
"Xvid Video Codec 1.3.2" = Xvid Video Codec
"ZMBV" = Zip Motion Block Video codec (Remove Only)

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{329BF75E-4876-4687-9CAD-5AE7DE56EA22}" = The Punisher
"{74d11f91-05cc-44f6-8e49-94fe7f33c79b}" = MechWarrior Online
"Adobe Connect Add-in" = Adobe Connect Add-in
"Dropbox" = Dropbox
"Flux" = F.lux
"Google Chrome" = Google Chrome
"Mixxx (1.10.1)" = Mixxx 1.10.1
"Winamp Detect" = Winamp Detector Plug-in
"Xilisoft Video Converter Ultimate" = Xilisoft Video Converter Ultimate

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 11/6/2012 8:56:52 PM | Computer Name = mattroks-PC | Source = PerfOS | ID = 2011
Description =

Error - 11/6/2012 9:00:52 PM | Computer Name = mattroks-PC | Source = PerfOS | ID = 2011
Description =

Error - 11/6/2012 11:11:52 PM | Computer Name = mattroks-PC | Source = PerfOS | ID = 2011
Description =

Error - 11/6/2012 11:11:57 PM | Computer Name = mattroks-PC | Source = WinMgmt | ID = 10
Description =

Error - 11/7/2012 11:49:41 AM | Computer Name = mattroks-PC | Source = PerfOS | ID = 2011
Description =

Error - 11/7/2012 11:49:49 AM | Computer Name = mattroks-PC | Source = PerfOS | ID = 2011
Description =

Error - 11/7/2012 11:51:56 AM | Computer Name = mattroks-PC | Source = PerfOS | ID = 2011
Description =

Error - 11/7/2012 11:51:58 AM | Computer Name = mattroks-PC | Source = PerfOS | ID = 2011
Description =

Error - 11/7/2012 11:53:55 AM | Computer Name = mattroks-PC | Source = PerfOS | ID = 2011
Description =

Error - 11/7/2012 11:57:55 AM | Computer Name = mattroks-PC | Source = PerfOS | ID = 2011
Description =

[ System Events ]
Error - 11/7/2012 6:55:08 AM | Computer Name = mattroks-PC | Source = Service Control Manager | ID = 7001
Description = The HomeGroup Provider service depends on the Function Discovery Resource
Publication service which failed to start because of the following error: %%-2147024891

Error - 11/7/2012 6:55:08 AM | Computer Name = mattroks-PC | Source = Service Control Manager | ID = 7023
Description = The Function Discovery Resource Publication service terminated with
the following error: %%-2147024891

Error - 11/7/2012 6:55:08 AM | Computer Name = mattroks-PC | Source = Service Control Manager | ID = 7001
Description = The HomeGroup Provider service depends on the Function Discovery Resource
Publication service which failed to start because of the following error: %%-2147024891

Error - 11/7/2012 11:48:31 AM | Computer Name = mattroks-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the Wlansvc service.

Error - 11/7/2012 11:48:46 AM | Computer Name = mattroks-PC | Source = Service Control Manager | ID = 7023
Description = The Function Discovery Resource Publication service terminated with
the following error: %%-2147024891

Error - 11/7/2012 11:48:46 AM | Computer Name = mattroks-PC | Source = Service Control Manager | ID = 7001
Description = The HomeGroup Provider service depends on the Function Discovery Resource
Publication service which failed to start because of the following error: %%-2147024891

Error - 11/7/2012 11:48:49 AM | Computer Name = mattroks-PC | Source = Service Control Manager | ID = 7023
Description = The Function Discovery Resource Publication service terminated with
the following error: %%-2147024891

Error - 11/7/2012 11:48:49 AM | Computer Name = mattroks-PC | Source = Service Control Manager | ID = 7001
Description = The HomeGroup Provider service depends on the Function Discovery Resource
Publication service which failed to start because of the following error: %%-2147024891

Error - 11/7/2012 11:48:49 AM | Computer Name = mattroks-PC | Source = Service Control Manager | ID = 7023
Description = The Function Discovery Resource Publication service terminated with
the following error: %%-2147024891

Error - 11/7/2012 11:48:49 AM | Computer Name = mattroks-PC | Source = Service Control Manager | ID = 7001
Description = The HomeGroup Provider service depends on the Function Discovery Resource
Publication service which failed to start because of the following error: %%-2147024891


< End of report >
  • 0

#5
Troks

Troks

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
TDSSKiller LOG

20:25:47.0369 5784 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
20:25:47.0884 5784 ============================================================
20:25:47.0884 5784 Current date / time: 2012/11/02 20:25:47.0884
20:25:47.0884 5784 SystemInfo:
20:25:47.0884 5784
20:25:47.0884 5784 OS Version: 6.1.7601 ServicePack: 1.0
20:25:47.0884 5784 Product type: Workstation
20:25:47.0885 5784 ComputerName: MATTROKS-PC
20:25:47.0885 5784 UserName: mattroks
20:25:47.0885 5784 Windows directory: C:\windows
20:25:47.0885 5784 System windows directory: C:\windows
20:25:47.0885 5784 Running under WOW64
20:25:47.0885 5784 Processor architecture: Intel x64
20:25:47.0885 5784 Number of processors: 2
20:25:47.0885 5784 Page size: 0x1000
20:25:47.0885 5784 Boot type: Normal boot
20:25:47.0885 5784 ============================================================
20:25:49.0755 5784 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:25:49.0769 5784 ============================================================
20:25:49.0769 5784 \Device\Harddisk0\DR0:
20:25:49.0769 5784 MBR partitions:
20:25:49.0769 5784 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x235D7000
20:25:49.0769 5784 ============================================================
20:25:49.0794 5784 C: <-> \Device\Harddisk0\DR0\Partition1
20:25:49.0795 5784 ============================================================
20:25:49.0795 5784 Initialize success
20:25:49.0795 5784 ============================================================
20:25:51.0732 2404 ============================================================
20:25:51.0732 2404 Scan started
20:25:51.0732 2404 Mode: Manual;
20:25:51.0732 2404 ============================================================
20:25:56.0724 2404 ================ Scan system memory ========================
20:25:56.0725 2404 System memory - ok
20:25:56.0726 2404 ================ Scan services =============================
20:25:57.0034 2404 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
20:25:57.0040 2404 1394ohci - ok
20:25:57.0081 2404 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
20:25:57.0090 2404 ACPI - ok
20:25:57.0128 2404 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
20:25:57.0131 2404 AcpiPmi - ok
20:25:57.0180 2404 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
20:25:57.0191 2404 adp94xx - ok
20:25:57.0251 2404 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\drivers\adpahci.sys
20:25:57.0260 2404 adpahci - ok
20:25:57.0283 2404 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\drivers\adpu320.sys
20:25:57.0288 2404 adpu320 - ok
20:25:57.0335 2404 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
20:25:57.0390 2404 AeLookupSvc - ok
20:25:57.0450 2404 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
20:25:57.0463 2404 AFD - ok
20:25:57.0519 2404 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
20:25:57.0523 2404 agp440 - ok
20:25:57.0555 2404 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
20:25:57.0560 2404 ALG - ok
20:25:57.0596 2404 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
20:25:57.0600 2404 aliide - ok
20:25:57.0652 2404 [ 2F2E91FD092811353C3BC968BEC274D8 ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
20:25:57.0658 2404 AMD External Events Utility - ok
20:25:57.0720 2404 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
20:25:57.0722 2404 amdide - ok
20:25:57.0772 2404 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
20:25:57.0776 2404 AmdK8 - ok
20:25:58.0350 2404 [ 194D76D2083318A2E7071A988E02ECF4 ] amdkmdag C:\windows\system32\DRIVERS\atikmdag.sys
20:25:58.0651 2404 amdkmdag - ok
20:25:58.0724 2404 [ 1EEFFCE9A3A65A56A28793EAA3F57026 ] amdkmdap C:\windows\system32\DRIVERS\atikmpag.sys
20:25:58.0732 2404 amdkmdap - ok
20:25:58.0771 2404 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
20:25:58.0772 2404 AmdPPM - ok
20:25:58.0804 2404 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
20:25:58.0808 2404 amdsata - ok
20:25:58.0827 2404 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\drivers\amdsbs.sys
20:25:58.0833 2404 amdsbs - ok
20:25:58.0860 2404 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
20:25:58.0865 2404 amdxata - ok
20:25:58.0898 2404 [ CAEE7C1AFC9F1C9EE8DD11ACD18D22E7 ] amd_sata C:\windows\system32\DRIVERS\amd_sata.sys
20:25:58.0900 2404 amd_sata - ok
20:25:58.0927 2404 [ 23726116B4FBCC84FC45B95157C08F5F ] amd_xata C:\windows\system32\DRIVERS\amd_xata.sys
20:25:58.0930 2404 amd_xata - ok
20:25:58.0965 2404 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
20:25:58.0968 2404 AppID - ok
20:25:59.0002 2404 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
20:25:59.0007 2404 AppIDSvc - ok
20:25:59.0029 2404 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
20:25:59.0032 2404 Appinfo - ok
20:25:59.0119 2404 [ 70968A726D9DE0F0259D4AEB965FAD61 ] Application Updater C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
20:25:59.0138 2404 Application Updater - ok
20:25:59.0181 2404 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\drivers\arc.sys
20:25:59.0184 2404 arc - ok
20:25:59.0213 2404 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\drivers\arcsas.sys
20:25:59.0219 2404 arcsas - ok
20:25:59.0235 2404 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
20:25:59.0236 2404 AsyncMac - ok
20:25:59.0281 2404 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
20:25:59.0283 2404 atapi - ok
20:25:59.0350 2404 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
20:25:59.0363 2404 AudioEndpointBuilder - ok
20:25:59.0387 2404 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
20:25:59.0399 2404 AudioSrv - ok
20:25:59.0452 2404 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
20:25:59.0457 2404 AxInstSV - ok
20:25:59.0499 2404 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
20:25:59.0512 2404 b06bdrv - ok
20:25:59.0560 2404 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
20:25:59.0568 2404 b57nd60a - ok
20:25:59.0641 2404 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
20:25:59.0648 2404 BDESVC - ok
20:25:59.0923 2404 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
20:25:59.0937 2404 Beep - ok
20:26:00.0123 2404 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
20:26:00.0126 2404 blbdrive - ok
20:26:00.0199 2404 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
20:26:00.0205 2404 bowser - ok
20:26:00.0238 2404 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
20:26:00.0240 2404 BrFiltLo - ok
20:26:00.0256 2404 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
20:26:00.0258 2404 BrFiltUp - ok
20:26:00.0376 2404 [ A794840F36B2BD54FCCFDE0CA5E75E9B ] BroadCamService C:\Program Files (x86)\NCH Software\BroadCam\broadcam.exe
20:26:00.0425 2404 BroadCamService - ok
20:26:00.0463 2404 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
20:26:00.0468 2404 Browser - ok
20:26:00.0505 2404 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
20:26:00.0514 2404 Brserid - ok
20:26:00.0528 2404 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
20:26:00.0530 2404 BrSerWdm - ok
20:26:00.0550 2404 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
20:26:00.0552 2404 BrUsbMdm - ok
20:26:00.0567 2404 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
20:26:00.0570 2404 BrUsbSer - ok
20:26:00.0586 2404 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
20:26:00.0590 2404 BTHMODEM - ok
20:26:00.0647 2404 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
20:26:00.0650 2404 bthserv - ok
20:26:00.0677 2404 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
20:26:00.0681 2404 cdfs - ok
20:26:00.0728 2404 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
20:26:00.0733 2404 cdrom - ok
20:26:00.0779 2404 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
20:26:00.0785 2404 CertPropSvc - ok
20:26:00.0814 2404 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\drivers\circlass.sys
20:26:00.0816 2404 circlass - ok
20:26:00.0855 2404 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
20:26:00.0864 2404 CLFS - ok
20:26:00.0929 2404 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:26:00.0932 2404 clr_optimization_v2.0.50727_32 - ok
20:26:00.0974 2404 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:26:00.0978 2404 clr_optimization_v2.0.50727_64 - ok
20:26:01.0049 2404 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:26:01.0052 2404 clr_optimization_v4.0.30319_32 - ok
20:26:01.0115 2404 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:26:01.0120 2404 clr_optimization_v4.0.30319_64 - ok
20:26:01.0179 2404 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
20:26:01.0182 2404 CmBatt - ok
20:26:01.0205 2404 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
20:26:01.0207 2404 cmdide - ok
20:26:01.0252 2404 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys
20:26:01.0262 2404 CNG - ok
20:26:01.0385 2404 [ 99B1B888B793DE320C5479B3C953781F ] CnxtHdAudService C:\windows\system32\drivers\CHDRT64.sys
20:26:01.0414 2404 CnxtHdAudService - ok
20:26:01.0490 2404 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\drivers\compbatt.sys
20:26:01.0495 2404 Compbatt - ok
20:26:01.0530 2404 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
20:26:01.0534 2404 CompositeBus - ok
20:26:01.0566 2404 COMSysApp - ok
20:26:01.0596 2404 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
20:26:01.0603 2404 crcdisk - ok
20:26:01.0685 2404 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\windows\system32\cryptsvc.dll
20:26:01.0689 2404 CryptSvc - ok
20:26:02.0092 2404 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
20:26:02.0107 2404 cvhsvc - ok
20:26:02.0169 2404 [ B1C55A95006D621D04FE4A23F86C0A54 ] DCamUSBEMPIA C:\windows\system32\DRIVERS\emDevice64.sys
20:26:02.0176 2404 DCamUSBEMPIA - ok
20:26:02.0253 2404 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
20:26:02.0271 2404 DcomLaunch - ok
20:26:02.0316 2404 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
20:26:02.0329 2404 defragsvc - ok
20:26:02.0381 2404 [ 2B9A817DC1BDAD9CE5495099B6A7136A ] Desura Install Service C:\Program Files (x86)\Common Files\Desura\desura_service.exe
20:26:02.0384 2404 Desura Install Service - ok
20:26:02.0442 2404 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
20:26:02.0446 2404 DfsC - ok
20:26:02.0518 2404 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
20:26:02.0526 2404 Dhcp - ok
20:26:02.0567 2404 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
20:26:02.0570 2404 discache - ok
20:26:02.0616 2404 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\drivers\disk.sys
20:26:02.0618 2404 Disk - ok
20:26:02.0673 2404 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
20:26:02.0680 2404 Dnscache - ok
20:26:02.0766 2404 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
20:26:02.0774 2404 dot3svc - ok
20:26:02.0808 2404 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
20:26:02.0816 2404 DPS - ok
20:26:02.0870 2404 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
20:26:02.0872 2404 drmkaud - ok
20:26:02.0916 2404 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\windows\system32\DRIVERS\dtsoftbus01.sys
20:26:02.0922 2404 dtsoftbus01 - ok
20:26:02.0974 2404 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
20:26:02.0997 2404 DXGKrnl - ok
20:26:03.0050 2404 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
20:26:03.0054 2404 EapHost - ok
20:26:03.0178 2404 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\drivers\evbda.sys
20:26:03.0247 2404 ebdrv - ok
20:26:03.0282 2404 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
20:26:03.0287 2404 EFS - ok
20:26:03.0421 2404 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
20:26:03.0434 2404 ehRecvr - ok
20:26:03.0483 2404 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
20:26:03.0489 2404 ehSched - ok
20:26:03.0570 2404 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\drivers\elxstor.sys
20:26:03.0582 2404 elxstor - ok
20:26:03.0645 2404 [ 8543BB84CD5872CD1619183F5CBBE3F9 ] emAudio C:\windows\system32\drivers\emAudio64.sys
20:26:03.0649 2404 emAudio - ok
20:26:03.0670 2404 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
20:26:03.0672 2404 ErrDev - ok
20:26:03.0764 2404 [ 5D82D501D2FEE413B1F45F0302B5802C ] ETD C:\windows\system32\DRIVERS\ETD.sys
20:26:03.0769 2404 ETD - ok
20:26:03.0854 2404 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
20:26:03.0865 2404 EventSystem - ok
20:26:03.0927 2404 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
20:26:03.0933 2404 exfat - ok
20:26:03.0988 2404 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
20:26:03.0995 2404 fastfat - ok
20:26:04.0037 2404 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
20:26:04.0057 2404 Fax - ok
20:26:04.0096 2404 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\drivers\fdc.sys
20:26:04.0098 2404 fdc - ok
20:26:04.0138 2404 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
20:26:04.0141 2404 fdPHost - ok
20:26:04.0158 2404 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
20:26:04.0164 2404 FDResPub - ok
20:26:04.0197 2404 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
20:26:04.0200 2404 FileInfo - ok
20:26:04.0238 2404 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
20:26:04.0241 2404 Filetrace - ok
20:26:04.0275 2404 [ 73FBB50C4D92ADC30A9D57A269489A0B ] FiltUSBEMPIA C:\windows\system32\DRIVERS\emFilter64.sys
20:26:04.0282 2404 FiltUSBEMPIA - ok
20:26:04.0331 2404 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\drivers\flpydisk.sys
20:26:04.0333 2404 flpydisk - ok
20:26:04.0381 2404 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
20:26:04.0387 2404 FltMgr - ok
20:26:04.0466 2404 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll
20:26:04.0515 2404 FontCache - ok
20:26:04.0595 2404 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:26:04.0599 2404 FontCache3.0.0.0 - ok
20:26:04.0646 2404 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
20:26:04.0649 2404 FsDepends - ok
20:26:04.0688 2404 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
20:26:04.0690 2404 Fs_Rec - ok
20:26:04.0736 2404 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
20:26:04.0742 2404 fvevol - ok
20:26:04.0790 2404 [ 60ACB128E64C35C2B4E4AAB1B0A5C293 ] FwLnk C:\windows\system32\DRIVERS\FwLnk.sys
20:26:04.0792 2404 FwLnk - ok
20:26:04.0841 2404 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
20:26:04.0849 2404 gagp30kx - ok
20:26:04.0915 2404 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
20:26:04.0922 2404 GamesAppService - ok
20:26:04.0982 2404 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
20:26:04.0996 2404 gpsvc - ok
20:26:05.0056 2404 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:26:05.0063 2404 gupdate - ok
20:26:05.0094 2404 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:26:05.0097 2404 gupdatem - ok
20:26:05.0144 2404 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
20:26:05.0151 2404 gusvc - ok
20:26:05.0183 2404 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\windows\system32\DRIVERS\hamachi.sys
20:26:05.0185 2404 hamachi - ok
20:26:05.0313 2404 [ F10C3F2E002100BF8B797DCF283FEA7D ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
20:26:05.0356 2404 Hamachi2Svc - ok
20:26:05.0408 2404 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
20:26:05.0410 2404 hcw85cir - ok
20:26:05.0453 2404 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
20:26:05.0462 2404 HdAudAddService - ok
20:26:05.0502 2404 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
20:26:05.0504 2404 HDAudBus - ok
20:26:05.0537 2404 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\drivers\HidBatt.sys
20:26:05.0541 2404 HidBatt - ok
20:26:05.0554 2404 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\drivers\hidbth.sys
20:26:05.0563 2404 HidBth - ok
20:26:05.0575 2404 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\drivers\hidir.sys
20:26:05.0583 2404 HidIr - ok
20:26:05.0632 2404 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll
20:26:05.0635 2404 hidserv - ok
20:26:05.0666 2404 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
20:26:05.0669 2404 HidUsb - ok
20:26:05.0695 2404 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
20:26:05.0703 2404 hkmsvc - ok
20:26:05.0766 2404 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
20:26:05.0773 2404 HomeGroupListener - ok
20:26:05.0838 2404 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
20:26:05.0847 2404 HomeGroupProvider - ok
20:26:05.0916 2404 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
20:26:05.0919 2404 HpSAMD - ok
20:26:06.0005 2404 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
20:26:06.0021 2404 HTTP - ok
20:26:06.0075 2404 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
20:26:06.0080 2404 hwpolicy - ok
20:26:06.0122 2404 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
20:26:06.0125 2404 i8042prt - ok
20:26:06.0242 2404 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
20:26:06.0251 2404 iaStorV - ok
20:26:06.0341 2404 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:26:06.0356 2404 idsvc - ok
20:26:06.0404 2404 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\drivers\iirsp.sys
20:26:06.0407 2404 iirsp - ok
20:26:06.0469 2404 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
20:26:06.0486 2404 IKEEXT - ok
20:26:06.0507 2404 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
20:26:06.0509 2404 intelide - ok
20:26:06.0549 2404 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\drivers\intelppm.sys
20:26:06.0552 2404 intelppm - ok
20:26:06.0583 2404 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
20:26:06.0588 2404 IPBusEnum - ok
20:26:06.0618 2404 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
20:26:06.0621 2404 IpFilterDriver - ok
20:26:06.0649 2404 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
20:26:06.0652 2404 IPMIDRV - ok
20:26:06.0672 2404 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
20:26:06.0679 2404 IPNAT - ok
20:26:06.0712 2404 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
20:26:06.0715 2404 IRENUM - ok
20:26:06.0732 2404 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
20:26:06.0734 2404 isapnp - ok
20:26:06.0798 2404 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
20:26:06.0804 2404 iScsiPrt - ok
20:26:06.0832 2404 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
20:26:06.0835 2404 kbdclass - ok
20:26:06.0861 2404 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys
20:26:06.0864 2404 kbdhid - ok
20:26:06.0894 2404 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
20:26:06.0900 2404 KeyIso - ok
20:26:06.0934 2404 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
20:26:06.0937 2404 KSecDD - ok
20:26:06.0965 2404 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
20:26:06.0970 2404 KSecPkg - ok
20:26:07.0007 2404 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
20:26:07.0012 2404 ksthunk - ok
20:26:07.0068 2404 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
20:26:07.0088 2404 KtmRm - ok
20:26:07.0317 2404 [ 0E154DA6CA9105354A07D0C576804037 ] L1C C:\windows\system32\DRIVERS\L1C62x64.sys
20:26:07.0368 2404 L1C - ok
20:26:07.0469 2404 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\system32\srvsvc.dll
20:26:07.0478 2404 LanmanServer - ok
20:26:07.0554 2404 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
20:26:07.0565 2404 LanmanWorkstation - ok
20:26:07.0651 2404 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
20:26:07.0654 2404 lltdio - ok
20:26:07.0739 2404 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
20:26:07.0751 2404 lltdsvc - ok
20:26:07.0790 2404 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
20:26:07.0793 2404 lmhosts - ok
20:26:07.0886 2404 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
20:26:07.0890 2404 LSI_FC - ok
20:26:07.0905 2404 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
20:26:07.0911 2404 LSI_SAS - ok
20:26:07.0928 2404 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
20:26:07.0931 2404 LSI_SAS2 - ok
20:26:08.0003 2404 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
20:26:08.0008 2404 LSI_SCSI - ok
20:26:08.0062 2404 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
20:26:08.0069 2404 luafv - ok
20:26:08.0203 2404 [ 024DA28053D57E9E32BEE52600576BBB ] MarvinBus C:\windows\system32\DRIVERS\MarvinBus64.sys
20:26:08.0209 2404 MarvinBus - ok
20:26:08.0266 2404 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
20:26:08.0272 2404 Mcx2Svc - ok
20:26:08.0296 2404 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\drivers\megasas.sys
20:26:08.0301 2404 megasas - ok
20:26:08.0349 2404 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
20:26:08.0356 2404 MegaSR - ok
20:26:08.0400 2404 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
20:26:08.0406 2404 MMCSS - ok
20:26:08.0418 2404 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
20:26:08.0420 2404 Modem - ok
20:26:08.0446 2404 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
20:26:08.0448 2404 monitor - ok
20:26:08.0489 2404 [ 5FEC1FF5BB9A1FA5C9CF4544D19D6D5D ] MotioninJoyXFilter C:\windows\system32\DRIVERS\MijXfilt.sys
20:26:08.0495 2404 MotioninJoyXFilter - ok
20:26:08.0521 2404 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
20:26:08.0529 2404 mouclass - ok
20:26:08.0571 2404 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
20:26:08.0575 2404 mouhid - ok
20:26:08.0614 2404 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
20:26:08.0618 2404 mountmgr - ok
20:26:08.0714 2404 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:26:08.0720 2404 MozillaMaintenance - ok
20:26:08.0769 2404 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
20:26:08.0773 2404 mpio - ok
20:26:08.0800 2404 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
20:26:08.0803 2404 mpsdrv - ok
20:26:08.0822 2404 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
20:26:08.0829 2404 MRxDAV - ok
20:26:08.0891 2404 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
20:26:08.0898 2404 mrxsmb - ok
20:26:08.0932 2404 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
20:26:08.0941 2404 mrxsmb10 - ok
20:26:08.0966 2404 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
20:26:08.0970 2404 mrxsmb20 - ok
20:26:08.0995 2404 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\drivers\msahci.sys
20:26:08.0997 2404 msahci - ok
20:26:09.0039 2404 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
20:26:09.0048 2404 msdsm - ok
20:26:09.0085 2404 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
20:26:09.0092 2404 MSDTC - ok
20:26:09.0147 2404 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
20:26:09.0149 2404 Msfs - ok
20:26:09.0178 2404 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
20:26:09.0180 2404 mshidkmdf - ok
20:26:09.0195 2404 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
20:26:09.0198 2404 msisadrv - ok
20:26:09.0236 2404 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
20:26:09.0241 2404 MSiSCSI - ok
20:26:09.0256 2404 msiserver - ok
20:26:09.0291 2404 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
20:26:09.0297 2404 MSKSSRV - ok
20:26:09.0331 2404 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
20:26:09.0333 2404 MSPCLOCK - ok
20:26:09.0363 2404 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
20:26:09.0365 2404 MSPQM - ok
20:26:09.0407 2404 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
20:26:09.0420 2404 MsRPC - ok
20:26:09.0454 2404 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
20:26:09.0455 2404 mssmbios - ok
20:26:09.0500 2404 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
20:26:09.0502 2404 MSTEE - ok
20:26:09.0515 2404 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\drivers\MTConfig.sys
20:26:09.0517 2404 MTConfig - ok
20:26:09.0565 2404 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
20:26:09.0567 2404 Mup - ok
20:26:09.0628 2404 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
20:26:09.0639 2404 napagent - ok
20:26:09.0730 2404 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
20:26:09.0738 2404 NativeWifiP - ok
20:26:09.0828 2404 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\windows\system32\drivers\ndis.sys
20:26:09.0846 2404 NDIS - ok
20:26:09.0935 2404 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
20:26:09.0938 2404 NdisCap - ok
20:26:09.0981 2404 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
20:26:09.0983 2404 NdisTapi - ok
20:26:10.0023 2404 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
20:26:10.0028 2404 Ndisuio - ok
20:26:10.0082 2404 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
20:26:10.0088 2404 NdisWan - ok
20:26:10.0130 2404 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
20:26:10.0133 2404 NDProxy - ok
20:26:10.0217 2404 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
20:26:10.0224 2404 NetBIOS - ok
20:26:10.0447 2404 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
20:26:10.0454 2404 NetBT - ok
20:26:10.0506 2404 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
20:26:10.0509 2404 Netlogon - ok
20:26:10.0579 2404 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
20:26:10.0591 2404 Netman - ok
20:26:10.0651 2404 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
20:26:10.0665 2404 netprofm - ok
20:26:10.0699 2404 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:26:10.0704 2404 NetTcpPortSharing - ok
20:26:10.0750 2404 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
20:26:10.0753 2404 nfrd960 - ok
20:26:10.0831 2404 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\windows\System32\nlasvc.dll
20:26:10.0839 2404 NlaSvc - ok
20:26:10.0912 2404 Norton PC Checkup Application Launcher - ok
20:26:10.0952 2404 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
20:26:10.0954 2404 Npfs - ok
20:26:10.0984 2404 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
20:26:10.0987 2404 nsi - ok
20:26:11.0005 2404 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
20:26:11.0007 2404 nsiproxy - ok
20:26:11.0098 2404 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
20:26:11.0131 2404 Ntfs - ok
20:26:11.0177 2404 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
20:26:11.0180 2404 Null - ok
20:26:11.0216 2404 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
20:26:11.0220 2404 nvraid - ok
20:26:11.0249 2404 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
20:26:11.0253 2404 nvstor - ok
20:26:11.0287 2404 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
20:26:11.0290 2404 nv_agp - ok
20:26:11.0325 2404 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
20:26:11.0331 2404 ohci1394 - ok
20:26:11.0401 2404 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:26:11.0405 2404 ose - ok
20:26:11.0610 2404 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:26:11.0781 2404 osppsvc - ok
20:26:11.0849 2404 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
20:26:11.0859 2404 p2pimsvc - ok
20:26:11.0943 2404 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
20:26:11.0953 2404 p2psvc - ok
20:26:12.0022 2404 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\drivers\parport.sys
20:26:12.0025 2404 Parport - ok
20:26:12.0081 2404 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
20:26:12.0084 2404 partmgr - ok
20:26:12.0127 2404 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
20:26:12.0134 2404 PcaSvc - ok
20:26:12.0182 2404 [ 2F86BE1818C2D7AC90478E3323EE7FCB ] PCCUJobMgr C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe
20:26:12.0185 2404 PCCUJobMgr - ok
20:26:12.0229 2404 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
20:26:12.0234 2404 pci - ok
20:26:12.0264 2404 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\DRIVERS\pciide.sys
20:26:12.0266 2404 pciide - ok
20:26:12.0316 2404 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\drivers\pcmcia.sys
20:26:12.0321 2404 pcmcia - ok
20:26:12.0357 2404 PCTBD - ok
20:26:12.0384 2404 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
20:26:12.0388 2404 pcw - ok
20:26:12.0421 2404 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
20:26:12.0439 2404 PEAUTH - ok
20:26:12.0549 2404 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
20:26:12.0553 2404 PerfHost - ok
20:26:12.0636 2404 [ 91111CEBBDE8015E822C46120ED9537C ] PGEffect C:\windows\system32\DRIVERS\pgeffect.sys
20:26:12.0639 2404 PGEffect - ok
20:26:12.0706 2404 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
20:26:12.0736 2404 pla - ok
20:26:12.0786 2404 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
20:26:12.0799 2404 PlugPlay - ok
20:26:12.0844 2404 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
20:26:12.0849 2404 PNRPAutoReg - ok
20:26:12.0895 2404 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
20:26:12.0906 2404 PNRPsvc - ok
20:26:12.0954 2404 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
20:26:12.0969 2404 PolicyAgent - ok
20:26:13.0027 2404 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
20:26:13.0034 2404 Power - ok
20:26:13.0087 2404 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
20:26:13.0100 2404 PptpMiniport - ok
20:26:13.0163 2404 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\drivers\processr.sys
20:26:13.0168 2404 Processor - ok
20:26:13.0220 2404 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
20:26:13.0229 2404 ProfSvc - ok
20:26:13.0248 2404 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
20:26:13.0251 2404 ProtectedStorage - ok
20:26:13.0321 2404 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
20:26:13.0336 2404 Psched - ok
20:26:13.0438 2404 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\windows\system32\Drivers\PxHlpa64.sys
20:26:13.0446 2404 PxHlpa64 - ok
20:26:13.0548 2404 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\drivers\ql2300.sys
20:26:13.0577 2404 ql2300 - ok
20:26:13.0650 2404 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\drivers\ql40xx.sys
20:26:13.0656 2404 ql40xx - ok
20:26:13.0717 2404 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
20:26:13.0728 2404 QWAVE - ok
20:26:13.0775 2404 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
20:26:13.0780 2404 QWAVEdrv - ok
20:26:13.0807 2404 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
20:26:13.0810 2404 RasAcd - ok
20:26:13.0869 2404 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
20:26:13.0872 2404 RasAgileVpn - ok
20:26:13.0936 2404 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
20:26:13.0945 2404 RasAuto - ok
20:26:13.0991 2404 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
20:26:14.0000 2404 Rasl2tp - ok
20:26:14.0054 2404 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
20:26:14.0090 2404 RasMan - ok
20:26:14.0165 2404 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
20:26:14.0168 2404 RasPppoe - ok
20:26:14.0238 2404 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
20:26:14.0241 2404 RasSstp - ok
20:26:14.0285 2404 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
20:26:14.0292 2404 rdbss - ok
20:26:14.0335 2404 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\drivers\rdpbus.sys
20:26:14.0338 2404 rdpbus - ok
20:26:14.0369 2404 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
20:26:14.0371 2404 RDPCDD - ok
20:26:14.0402 2404 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
20:26:14.0407 2404 RDPENCDD - ok
20:26:14.0432 2404 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
20:26:14.0434 2404 RDPREFMP - ok
20:26:14.0487 2404 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
20:26:14.0493 2404 RDPWD - ok
20:26:14.0532 2404 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
20:26:14.0541 2404 rdyboost - ok
20:26:14.0595 2404 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
20:26:14.0606 2404 RemoteAccess - ok
20:26:14.0669 2404 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
20:26:14.0676 2404 RemoteRegistry - ok
20:26:14.0712 2404 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
20:26:14.0717 2404 RpcEptMapper - ok
20:26:14.0752 2404 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
20:26:14.0755 2404 RpcLocator - ok
20:26:14.0787 2404 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
20:26:14.0801 2404 RpcSs - ok
20:26:14.0849 2404 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
20:26:14.0853 2404 rspndr - ok
20:26:14.0901 2404 [ 0E3DCF76F11DC431B088A2DFD7265CDA ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys
20:26:14.0913 2404 RSUSBSTOR - ok
20:26:14.0988 2404 [ 64FDF4FE366CA42DA2B7D9D424B6E39B ] RTL8192Ce C:\windows\system32\DRIVERS\rtl8192Ce.sys
20:26:15.0011 2404 RTL8192Ce - ok
20:26:15.0037 2404 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
20:26:15.0040 2404 SamSs - ok
20:26:15.0078 2404 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
20:26:15.0082 2404 sbp2port - ok
20:26:15.0128 2404 [ EECBBF7D76300E5558D316983961FFC1 ] ScanUSBEMPIA C:\windows\system32\DRIVERS\emScan64.sys
20:26:15.0130 2404 ScanUSBEMPIA - ok
20:26:15.0181 2404 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
20:26:15.0189 2404 SCardSvr - ok
20:26:15.0242 2404 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
20:26:15.0244 2404 scfilter - ok
20:26:15.0296 2404 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
20:26:15.0320 2404 Schedule - ok
20:26:15.0358 2404 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
20:26:15.0364 2404 SCPolicySvc - ok
20:26:15.0424 2404 [ 8B56BDCE6A303DDE63D63440D1CF9AD1 ] ScreamBAudioSvc C:\windows\system32\drivers\ScreamingBAudio64.sys
20:26:15.0426 2404 ScreamBAudioSvc - ok
20:26:15.0485 2404 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
20:26:15.0493 2404 SDRSVC - ok
20:26:15.0547 2404 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
20:26:15.0550 2404 secdrv - ok
20:26:15.0578 2404 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
20:26:15.0582 2404 seclogon - ok
20:26:15.0648 2404 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll
20:26:15.0654 2404 SENS - ok
20:26:15.0693 2404 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
20:26:15.0699 2404 SensrSvc - ok
20:26:15.0752 2404 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\drivers\serenum.sys
20:26:15.0754 2404 Serenum - ok
20:26:15.0815 2404 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\drivers\serial.sys
20:26:15.0822 2404 Serial - ok
20:26:15.0881 2404 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\drivers\sermouse.sys
20:26:15.0883 2404 sermouse - ok
20:26:15.0988 2404 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
20:26:15.0995 2404 SessionEnv - ok
20:26:16.0031 2404 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
20:26:16.0033 2404 sffdisk - ok
20:26:16.0055 2404 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
20:26:16.0057 2404 sffp_mmc - ok
20:26:16.0083 2404 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
20:26:16.0086 2404 sffp_sd - ok
20:26:16.0116 2404 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
20:26:16.0118 2404 sfloppy - ok
20:26:16.0173 2404 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\windows\system32\DRIVERS\Sftfslh.sys
20:26:16.0193 2404 Sftfs - ok
20:26:16.0268 2404 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
20:26:16.0277 2404 sftlist - ok
20:26:16.0314 2404 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\windows\system32\DRIVERS\Sftplaylh.sys
20:26:16.0320 2404 Sftplay - ok
20:26:16.0348 2404 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\windows\system32\DRIVERS\Sftredirlh.sys
20:26:16.0350 2404 Sftredir - ok
20:26:16.0380 2404 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\windows\system32\DRIVERS\Sftvollh.sys
20:26:16.0384 2404 Sftvol - ok
20:26:16.0424 2404 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
20:26:16.0431 2404 sftvsa - ok
20:26:16.0480 2404 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
20:26:16.0491 2404 ShellHWDetection - ok
20:26:16.0556 2404 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
20:26:16.0561 2404 SiSRaid2 - ok
20:26:16.0595 2404 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
20:26:16.0603 2404 SiSRaid4 - ok
20:26:16.0678 2404 [ EA396139541706B4B433641D62EA53CE ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
20:26:16.0684 2404 SkypeUpdate - ok
20:26:16.0737 2404 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
20:26:16.0745 2404 Smb - ok
20:26:16.0811 2404 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
20:26:16.0817 2404 SNMPTRAP - ok
20:26:16.0846 2404 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
20:26:16.0849 2404 spldr - ok
20:26:16.0898 2404 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe
20:26:16.0912 2404 Spooler - ok
20:26:17.0030 2404 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
20:26:17.0093 2404 sppsvc - ok
20:26:17.0114 2404 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
20:26:17.0122 2404 sppuinotify - ok
20:26:17.0163 2404 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
20:26:17.0174 2404 srv - ok
20:26:17.0242 2404 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
20:26:17.0252 2404 srv2 - ok
20:26:17.0283 2404 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
20:26:17.0287 2404 srvnet - ok
20:26:17.0378 2404 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
20:26:17.0387 2404 SSDPSRV - ok
20:26:17.0435 2404 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
20:26:17.0444 2404 SstpSvc - ok
20:26:17.0475 2404 Steam Client Service - ok
20:26:17.0518 2404 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\drivers\stexstor.sys
20:26:17.0520 2404 stexstor - ok
20:26:17.0654 2404 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
20:26:17.0686 2404 stisvc - ok
20:26:17.0734 2404 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\DRIVERS\swenum.sys
20:26:17.0738 2404 swenum - ok
20:26:17.0790 2404 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
20:26:17.0808 2404 swprv - ok
20:26:17.0907 2404 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
20:26:17.0943 2404 SysMain - ok
20:26:17.0995 2404 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
20:26:18.0003 2404 TabletInputService - ok
20:26:18.0056 2404 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
20:26:18.0068 2404 TapiSrv - ok
20:26:18.0116 2404 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
20:26:18.0121 2404 TBS - ok
20:26:18.0199 2404 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\windows\system32\drivers\tcpip.sys
20:26:18.0235 2404 Tcpip - ok
20:26:18.0293 2404 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
20:26:18.0321 2404 TCPIP6 - ok
20:26:18.0358 2404 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
20:26:18.0363 2404 tcpipreg - ok
20:26:18.0402 2404 [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys
20:26:18.0404 2404 tdcmdpst - ok
20:26:18.0429 2404 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
20:26:18.0431 2404 TDPIPE - ok
20:26:18.0471 2404 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
20:26:18.0474 2404 TDTCP - ok
20:26:18.0511 2404 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
20:26:18.0515 2404 tdx - ok
20:26:18.0565 2404 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\DRIVERS\termdd.sys
20:26:18.0568 2404 TermDD - ok
20:26:18.0642 2404 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
20:26:18.0659 2404 TermService - ok
20:26:18.0712 2404 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
20:26:18.0717 2404 Themes - ok
20:26:18.0746 2404 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
20:26:18.0750 2404 THREADORDER - ok
20:26:18.0826 2404 [ 71C321649B28638EE80A2EEB164C1DC8 ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
20:26:18.0828 2404 TMachInfo - ok
20:26:18.0867 2404 [ 8E2C799D3476EAC32C3BA0DF7CE6AF19 ] TODDSrv C:\windows\system32\TODDSrv.exe
20:26:18.0874 2404 TODDSrv - ok
20:26:18.0946 2404 [ 1C73689B900428C7D054A41C4687F55C ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
20:26:18.0957 2404 TosCoSrv - ok
20:26:19.0040 2404 [ 29D0886CF250FCEF1BF9E65AB8D2C0C8 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
20:26:19.0043 2404 TOSHIBA HDD SSD Alert Service - ok
20:26:19.0082 2404 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
20:26:19.0089 2404 TrkWks - ok
20:26:19.0155 2404 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
20:26:19.0162 2404 TrustedInstaller - ok
20:26:19.0206 2404 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
20:26:19.0211 2404 tssecsrv - ok
20:26:19.0264 2404 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
20:26:19.0267 2404 TsUsbFlt - ok
20:26:19.0306 2404 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
20:26:19.0308 2404 TsUsbGD - ok
20:26:19.0347 2404 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
20:26:19.0352 2404 tunnel - ok
20:26:19.0400 2404 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS
20:26:19.0405 2404 TVALZ - ok
20:26:19.0445 2404 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\drivers\uagp35.sys
20:26:19.0449 2404 uagp35 - ok
20:26:19.0488 2404 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
20:26:19.0499 2404 udfs - ok
20:26:19.0560 2404 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
20:26:19.0567 2404 UI0Detect - ok
20:26:19.0607 2404 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
20:26:19.0621 2404 uliagpkx - ok
20:26:19.0661 2404 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys
20:26:19.0663 2404 umbus - ok
20:26:19.0752 2404 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\drivers\umpass.sys
20:26:19.0755 2404 UmPass - ok
20:26:19.0852 2404 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
20:26:19.0865 2404 upnphost - ok
20:26:19.0960 2404 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\windows\system32\drivers\usbaudio.sys
20:26:19.0965 2404 usbaudio - ok
20:26:19.0994 2404 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
20:26:19.0998 2404 usbccgp - ok
20:26:20.0038 2404 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
20:26:20.0047 2404 usbcir - ok
20:26:20.0083 2404 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
20:26:20.0086 2404 usbehci - ok
20:26:20.0156 2404 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
20:26:20.0167 2404 usbhub - ok
20:26:20.0182 2404 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\DRIVERS\usbohci.sys
20:26:20.0188 2404 usbohci - ok
20:26:20.0275 2404 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\drivers\usbprint.sys
20:26:20.0282 2404 usbprint - ok
20:26:20.0324 2404 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
20:26:20.0331 2404 USBSTOR - ok
20:26:20.0370 2404 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys
20:26:20.0372 2404 usbuhci - ok
20:26:20.0443 2404 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
20:26:20.0448 2404 usbvideo - ok
20:26:20.0488 2404 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
20:26:20.0492 2404 UxSms - ok
20:26:20.0516 2404 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
20:26:20.0519 2404 VaultSvc - ok
20:26:20.0564 2404 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
20:26:20.0567 2404 vdrvroot - ok
20:26:20.0628 2404 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
20:26:20.0647 2404 vds - ok
20:26:20.0688 2404 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
20:26:20.0691 2404 vga - ok
20:26:20.0740 2404 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
20:26:20.0745 2404 VgaSave - ok
20:26:20.0806 2404 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
20:26:20.0813 2404 vhdmp - ok
20:26:20.0852 2404 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
20:26:20.0854 2404 viaide - ok
20:26:20.0880 2404 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
20:26:20.0884 2404 volmgr - ok
20:26:20.0923 2404 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
20:26:20.0933 2404 volmgrx - ok
20:26:20.0973 2404 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\windows\system32\drivers\volsnap.sys
20:26:20.0983 2404 volsnap - ok
20:26:21.0031 2404 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\drivers\vsmraid.sys
20:26:21.0035 2404 vsmraid - ok
20:26:21.0155 2404 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
20:26:21.0193 2404 VSS - ok
20:26:21.0217 2404 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
20:26:21.0220 2404 vwifibus - ok
20:26:21.0275 2404 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
20:26:21.0280 2404 vwififlt - ok
20:26:21.0333 2404 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
20:26:21.0344 2404 W32Time - ok
20:26:21.0391 2404 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\drivers\wacompen.sys
20:26:21.0397 2404 WacomPen - ok
20:26:21.0454 2404 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
20:26:21.0459 2404 WANARP - ok
20:26:21.0471 2404 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
20:26:21.0473 2404 Wanarpv6 - ok
20:26:21.0564 2404 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
20:26:21.0588 2404 WatAdminSvc - ok
20:26:21.0683 2404 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
20:26:21.0714 2404 wbengine - ok
20:26:21.0764 2404 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
20:26:21.0773 2404 WbioSrvc - ok
20:26:21.0837 2404 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
20:26:21.0852 2404 wcncsvc - ok
20:26:21.0893 2404 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
20:26:21.0899 2404 WcsPlugInService - ok
20:26:21.0951 2404 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\drivers\wd.sys
20:26:21.0955 2404 Wd - ok
20:26:22.0017 2404 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
20:26:22.0033 2404 Wdf01000 - ok
20:26:22.0076 2404 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
20:26:22.0088 2404 WdiServiceHost - ok
20:26:22.0112 2404 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
20:26:22.0118 2404 WdiSystemHost - ok
20:26:22.0148 2404 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
20:26:22.0159 2404 WebClient - ok
20:26:22.0184 2404 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
20:26:22.0195 2404 Wecsvc - ok
20:26:22.0224 2404 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
20:26:22.0232 2404 wercplsupport - ok
20:26:22.0281 2404 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
20:26:22.0287 2404 WerSvc - ok
20:26:22.0325 2404 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
20:26:22.0331 2404 WfpLwf - ok
20:26:22.0370 2404 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
20:26:22.0373 2404 WIMMount - ok
20:26:22.0389 2404 WinHttpAutoProxySvc - ok
20:26:22.0485 2404 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
20:26:22.0490 2404 Winmgmt - ok
20:26:22.0581 2404 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
20:26:22.0624 2404 WinRM - ok
20:26:22.0699 2404 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
20:26:22.0701 2404 WinUsb - ok
20:26:22.0789 2404 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
20:26:22.0811 2404 Wlansvc - ok
20:26:22.0886 2404 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
20:26:22.0890 2404 wlcrasvc - ok
20:26:22.0990 2404 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:26:23.0033 2404 wlidsvc - ok
20:26:23.0059 2404 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
20:26:23.0067 2404 WmiAcpi - ok
20:26:23.0124 2404 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
20:26:23.0130 2404 wmiApSrv - ok
20:26:23.0176 2404 WMPNetworkSvc - ok
20:26:23.0205 2404 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
20:26:23.0211 2404 WPCSvc - ok
20:26:23.0257 2404 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
20:26:23.0267 2404 WPDBusEnum - ok
20:26:23.0297 2404 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
20:26:23.0299 2404 ws2ifsl - ok
20:26:23.0315 2404 WSearch - ok
20:26:23.0353 2404 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\windows\system32\drivers\WudfPf.sys
20:26:23.0358 2404 WudfPf - ok
20:26:23.0395 2404 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
20:26:23.0401 2404 WUDFRd - ok
20:26:23.0439 2404 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\windows\System32\WUDFSvc.dll
20:26:23.0448 2404 wudfsvc - ok
20:26:23.0481 2404 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
20:26:23.0490 2404 WwanSvc - ok
20:26:23.0541 2404 [ 9176C0822FAA649E45121875BE32F5D2 ] xusb21 C:\windows\system32\DRIVERS\xusb21.sys
20:26:23.0545 2404 xusb21 - ok
20:26:23.0629 2404 ================ Scan global ===============================
20:26:23.0664 2404 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
20:26:23.0715 2404 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\windows\system32\winsrv.dll
20:26:23.0735 2404 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\windows\system32\winsrv.dll
20:26:23.0796 2404 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
20:26:23.0850 2404 [ 50BEA589F7D7958BDD2528A8F69D05CC ] C:\windows\system32\services.exe
20:26:23.0859 2404 C:\windows\system32\services.exe ( Virus.Win64.ZAccess.a ) - infected
20:26:23.0859 2404 C:\windows\system32\services.exe - detected Virus.Win64.ZAccess.a (0)
20:26:23.0861 2404 ================ Scan MBR ==================================
20:26:23.0891 2404 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
20:26:24.0127 2404 \Device\Harddisk0\DR0 - ok
20:26:24.0129 2404 ================ Scan VBR ==================================
20:26:24.0150 2404 [ 0E8181833307AF9717CE06CA6178D97C ] \Device\Harddisk0\DR0\Partition1
20:26:24.0153 2404 \Device\Harddisk0\DR0\Partition1 - ok
20:26:24.0154 2404 ============================================================
20:26:24.0154 2404 Scan finished
20:26:24.0154 2404 ============================================================
20:26:24.0190 2436 Detected object count: 1
20:26:24.0190 2436 Actual detected object count: 1
20:26:31.0807 2436 C:\windows\system32\services.exe - copied to quarantine
20:26:32.0577 2436 C:\windows\assembly\GAC_32\desktop.ini - copied to quarantine
20:26:32.0595 2436 C:\windows\assembly\GAC_64\desktop.ini - copied to quarantine
20:26:32.0608 2436 C:\windows\installer\{1124a725-e7eb-82f4-e978-28044d39f9dc}\@ - copied to quarantine
20:26:32.0645 2436 C:\windows\installer\{1124a725-e7eb-82f4-e978-28044d39f9dc}\L\[email protected] - copied to quarantine
20:26:32.0650 2436 C:\windows\installer\{1124a725-e7eb-82f4-e978-28044d39f9dc}\L\201d3dde - copied to quarantine
20:26:32.0654 2436 C:\windows\installer\{1124a725-e7eb-82f4-e978-28044d39f9dc}\U\[email protected] - copied to quarantine
20:26:32.0659 2436 C:\windows\installer\{1124a725-e7eb-82f4-e978-28044d39f9dc}\U\[email protected] - copied to quarantine
20:26:32.0665 2436 C:\windows\installer\{1124a725-e7eb-82f4-e978-28044d39f9dc}\U\[email protected] - copied to quarantine
20:26:32.0668 2436 C:\windows\installer\{1124a725-e7eb-82f4-e978-28044d39f9dc}\U\[email protected] - copied to quarantine
20:26:32.0674 2436 C:\windows\installer\{1124a725-e7eb-82f4-e978-28044d39f9dc}\U\[email protected] - copied to quarantine
20:26:32.0677 2436 C:\windows\installer\{1124a725-e7eb-82f4-e978-28044d39f9dc}\U\[email protected] - copied to quarantine
20:27:54.0173 2436 Backup copy not found, trying to cure infected file..
20:27:54.0174 2436 C:\windows\system32\services.exe - Cure failed (FFFFFFFF)
20:27:54.0174 2436 C:\windows\system32\services.exe - processing error
20:27:54.0174 2436 C:\windows\system32\services.exe ( Virus.Win64.ZAccess.a ) - User select action: Cure
20:29:10.0259 3036 ============================================================
20:29:10.0259 3036 Scan started
20:29:10.0259 3036 Mode: Manual;
20:29:10.0259 3036 ============================================================
20:29:11.0527 3036 ================ Scan system memory ========================
20:29:11.0527 3036 System memory - ok
20:29:11.0528 3036 ================ Scan services =============================
20:29:12.0023 3036 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
20:29:12.0027 3036 1394ohci - ok
20:29:12.0070 3036 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
20:29:12.0076 3036 ACPI - ok
20:29:12.0127 3036 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
20:29:12.0128 3036 AcpiPmi - ok
20:29:12.0176 3036 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
20:29:12.0183 3036 adp94xx - ok
20:29:12.0217 3036 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\drivers\adpahci.sys
20:29:12.0222 3036 adpahci - ok
20:29:12.0240 3036 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\drivers\adpu320.sys
20:29:12.0246 3036 adpu320 - ok
20:29:12.0291 3036 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
20:29:12.0292 3036 AeLookupSvc - ok
20:29:12.0325 3036 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
20:29:12.0332 3036 AFD - ok
20:29:12.0375 3036 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
20:29:12.0377 3036 agp440 - ok
20:29:12.0403 3036 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
20:29:12.0405 3036 ALG - ok
20:29:12.0424 3036 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
20:29:12.0424 3036 aliide - ok
20:29:12.0486 3036 [ 2F2E91FD092811353C3BC968BEC274D8 ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
20:29:12.0489 3036 AMD External Events Utility - ok
20:29:12.0503 3036 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
20:29:12.0504 3036 amdide - ok
20:29:12.0550 3036 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
20:29:12.0552 3036 AmdK8 - ok
20:29:12.0808 3036 [ 194D76D2083318A2E7071A988E02ECF4 ] amdkmdag C:\windows\system32\DRIVERS\atikmdag.sys
20:29:12.0932 3036 amdkmdag - ok
20:29:12.0970 3036 [ 1EEFFCE9A3A65A56A28793EAA3F57026 ] amdkmdap C:\windows\system32\DRIVERS\atikmpag.sys
20:29:12.0975 3036 amdkmdap - ok
20:29:13.0017 3036 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
20:29:13.0020 3036 AmdPPM - ok
20:29:13.0059 3036 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
20:29:13.0060 3036 amdsata - ok
20:29:13.0075 3036 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\drivers\amdsbs.sys
20:29:13.0081 3036 amdsbs - ok
20:29:13.0127 3036 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
20:29:13.0128 3036 amdxata - ok
20:29:13.0166 3036 [ CAEE7C1AFC9F1C9EE8DD11ACD18D22E7 ] amd_sata C:\windows\system32\DRIVERS\amd_sata.sys
20:29:13.0168 3036 amd_sata - ok
20:29:13.0194 3036 [ 23726116B4FBCC84FC45B95157C08F5F ] amd_xata C:\windows\system32\DRIVERS\amd_xata.sys
20:29:13.0196 3036 amd_xata - ok
20:29:13.0213 3036 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
20:29:13.0214 3036 AppID - ok
20:29:13.0247 3036 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
20:29:13.0249 3036 AppIDSvc - ok
20:29:13.0273 3036 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
20:29:13.0275 3036 Appinfo - ok
20:29:13.0349 3036 [ 70968A726D9DE0F0259D4AEB965FAD61 ] Application Updater C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
20:29:13.0359 3036 Application Updater - ok
20:29:13.0390 3036 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\drivers\arc.sys
20:29:13.0391 3036 arc - ok
20:29:13.0425 3036 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\drivers\arcsas.sys
20:29:13.0427 3036 arcsas - ok
20:29:13.0439 3036 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
20:29:13.0440 3036 AsyncMac - ok
20:29:13.0468 3036 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
20:29:13.0469 3036 atapi - ok
20:29:13.0524 3036 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
20:29:13.0534 3036 AudioEndpointBuilder - ok
20:29:13.0560 3036 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
20:29:13.0570 3036 AudioSrv - ok
20:29:13.0598 3036 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
20:29:13.0600 3036 AxInstSV - ok
20:29:13.0667 3036 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
20:29:13.0673 3036 b06bdrv - ok
20:29:13.0728 3036 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
20:29:13.0731 3036 b57nd60a - ok
20:29:13.0823 3036 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
20:29:13.0825 3036 BDESVC - ok
20:29:13.0845 3036 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
20:29:13.0847 3036 Beep - ok
20:29:13.0876 3036 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
20:29:13.0878 3036 blbdrive - ok
20:29:13.0910 3036 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
20:29:13.0912 3036 bowser - ok
20:29:13.0950 3036 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
20:29:13.0952 3036 BrFiltLo - ok
20:29:13.0967 3036 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
20:29:13.0968 3036 BrFiltUp - ok
20:29:14.0057 3036 [ A794840F36B2BD54FCCFDE0CA5E75E9B ] BroadCamService C:\Program Files (x86)\NCH Software\BroadCam\broadcam.exe
20:29:14.0090 3036 BroadCamService - ok
20:29:14.0130 3036 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
20:29:14.0136 3036 Browser - ok
20:29:14.0184 3036 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
20:29:14.0189 3036 Brserid - ok
20:29:14.0206 3036 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
20:29:14.0207 3036 BrSerWdm - ok
20:29:14.0226 3036 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
20:29:14.0227 3036 BrUsbMdm - ok
20:29:14.0241 3036 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
20:29:14.0242 3036 BrUsbSer - ok
20:29:14.0270 3036 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
20:29:14.0272 3036 BTHMODEM - ok
20:29:14.0326 3036 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
20:29:14.0328 3036 bthserv - ok
20:29:14.0355 3036 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
20:29:14.0357 3036 cdfs - ok
20:29:14.0383 3036 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
20:29:14.0386 3036 cdrom - ok
20:29:14.0424 3036 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
20:29:14.0426 3036 CertPropSvc - ok
20:29:14.0458 3036 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\drivers\circlass.sys
20:29:14.0460 3036 circlass - ok
20:29:14.0499 3036 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
20:29:14.0505 3036 CLFS - ok
20:29:14.0572 3036 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:29:14.0574 3036 clr_optimization_v2.0.50727_32 - ok
20:29:14.0626 3036 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:29:14.0628 3036 clr_optimization_v2.0.50727_64 - ok
20:29:14.0694 3036 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:29:14.0696 3036 clr_optimization_v4.0.30319_32 - ok
20:29:14.0759 3036 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:29:14.0762 3036 clr_optimization_v4.0.30319_64 - ok
20:29:14.0797 3036 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
20:29:14.0801 3036 CmBatt - ok
20:29:14.0827 3036 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
20:29:14.0829 3036 cmdide - ok
20:29:14.0885 3036 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys
20:29:14.0892 3036 CNG - ok
20:29:15.0026 3036 [ 99B1B888B793DE320C5479B3C953781F ] CnxtHdAudService C:\windows\system32\drivers\CHDRT64.sys
20:29:15.0052 3036 CnxtHdAudService - ok
20:29:15.0136 3036 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\drivers\compbatt.sys
20:29:15.0139 3036 Compbatt - ok
20:29:15.0171 3036 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
20:29:15.0173 3036 CompositeBus - ok
20:29:15.0204 3036 COMSysApp - ok
20:29:15.0243 3036 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
20:29:15.0244 3036 crcdisk - ok
20:29:15.0320 3036 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\windows\system32\cryptsvc.dll
20:29:15.0324 3036 CryptSvc - ok
20:29:15.0481 3036 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
20:29:15.0493 3036 cvhsvc - ok
20:29:15.0558 3036 [ B1C55A95006D621D04FE4A23F86C0A54 ] DCamUSBEMPIA C:\windows\system32\DRIVERS\emDevice64.sys
20:29:15.0561 3036 DCamUSBEMPIA - ok
20:29:15.0698 3036 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
20:29:15.0709 3036 DcomLaunch - ok
20:29:15.0752 3036 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
20:29:15.0757 3036 defragsvc - ok
20:29:15.0807 3036 [ 2B9A817DC1BDAD9CE5495099B6A7136A ] Desura Install Service C:\Program Files (x86)\Common Files\Desura\desura_service.exe
20:29:15.0809 3036 Desura Install Service - ok
20:29:15.0844 3036 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
20:29:15.0846 3036 DfsC - ok
20:29:15.0909 3036 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
20:29:15.0916 3036 Dhcp - ok
20:29:15.0957 3036 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
20:29:15.0958 3036 discache - ok
20:29:15.0987 3036 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\drivers\disk.sys
20:29:15.0989 3036 Disk - ok
20:29:16.0042 3036 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
20:29:16.0048 3036 Dnscache - ok
20:29:16.0141 3036 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
20:29:16.0149 3036 dot3svc - ok
20:29:16.0197 3036 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
20:29:16.0203 3036 DPS - ok
20:29:16.0270 3036 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
20:29:16.0272 3036 drmkaud - ok
20:29:16.0318 3036 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\windows\system32\DRIVERS\dtsoftbus01.sys
20:29:16.0324 3036 dtsoftbus01 - ok
20:29:16.0404 3036 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
20:29:16.0419 3036 DXGKrnl - ok
20:29:16.0495 3036 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
20:29:16.0498 3036 EapHost - ok
20:29:16.0653 3036 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\drivers\evbda.sys
20:29:16.0704 3036 ebdrv - ok
20:29:16.0738 3036 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
20:29:16.0740 3036 EFS - ok
20:29:16.0867 3036 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
20:29:16.0876 3036 ehRecvr - ok
20:29:16.0921 3036 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
20:29:16.0929 3036 ehSched - ok
20:29:17.0002 3036 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\drivers\elxstor.sys
20:29:17.0010 3036 elxstor - ok
20:29:17.0091 3036 [ 8543BB84CD5872CD1619183F5CBBE3F9 ] emAudio C:\windows\system32\drivers\emAudio64.sys
20:29:17.0093 3036 emAudio - ok
20:29:17.0126 3036 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
20:29:17.0127 3036 ErrDev - ok
20:29:17.0192 3036 [ 5D82D501D2FEE413B1F45F0302B5802C ] ETD C:\windows\system32\DRIVERS\ETD.sys
20:29:17.0195 3036 ETD - ok
20:29:17.0275 3036 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
20:29:17.0281 3036 EventSystem - ok
20:29:17.0329 3036 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
20:29:17.0333 3036 exfat - ok
20:29:17.0378 3036 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
20:29:17.0381 3036 fastfat - ok
20:29:17.0428 3036 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
20:29:17.0440 3036 Fax - ok
20:29:17.0460 3036 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\drivers\fdc.sys
20:29:17.0461 3036 fdc - ok
20:29:17.0506 3036 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
20:29:17.0508 3036 fdPHost - ok
20:29:17.0537 3036 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
20:29:17.0541 3036 FDResPub - ok
20:29:17.0572 3036 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
20:29:17.0575 3036 FileInfo - ok
20:29:17.0605 3036 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
20:29:17.0607 3036 Filetrace - ok
20:29:17.0654 3036 [ 73FBB50C4D92ADC30A9D57A269489A0B ] FiltUSBEMPIA C:\windows\system32\DRIVERS\emFilter64.sys
20:29:17.0656 3036 FiltUSBEMPIA - ok
20:29:17.0710 3036 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\drivers\flpydisk.sys
20:29:17.0711 3036 flpydisk - ok
20:29:17.0756 3036 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
20:29:17.0763 3036 FltMgr - ok
20:29:17.0901 3036 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll
20:29:17.0920 3036 FontCache - ok
20:29:18.0018 3036 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:29:18.0019 3036 FontCache3.0.0.0 - ok
20:29:18.0070 3036 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
20:29:18.0071 3036 FsDepends - ok
20:29:18.0143 3036 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
20:29:18.0144 3036 Fs_Rec - ok
20:29:18.0205 3036 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
20:29:18.0210 3036 fvevol - ok
20:29:18.0280 3036 [ 60ACB128E64C35C2B4E4AAB1B0A5C293 ] FwLnk C:\windows\system32\DRIVERS\FwLnk.sys
20:29:18.0281 3036 FwLnk - ok
20:29:18.0331 3036 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
20:29:18.0334 3036 gagp30kx - ok
20:29:18.0406 3036 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
20:29:18.0409 3036 GamesAppService - ok
20:29:18.0479 3036 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
20:29:18.0494 3036 gpsvc - ok
20:29:18.0647 3036 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:29:18.0662 3036 gupdate - ok
20:29:18.0678 3036 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:29:18.0681 3036 gupdatem - ok
20:29:18.0800 3036 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
20:29:18.0803 3036 gusvc - ok
20:29:19.0348 3036 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\windows\system32\DRIVERS\hamachi.sys
20:29:19.0349 3036 hamachi - ok
20:29:19.0491 3036 [ F10C3F2E002100BF8B797DCF283FEA7D ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
20:29:19.0543 3036 Hamachi2Svc - ok
20:29:19.0610 3036 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
20:29:19.0613 3036 hcw85cir - ok
20:29:20.0144 3036 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
20:29:20.0151 3036 HdAudAddService - ok
20:29:20.0286 3036 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
20:29:20.0289 3036 HDAudBus - ok
20:29:20.0348 3036 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\drivers\HidBatt.sys
20:29:20.0351 3036 HidBatt - ok
20:29:20.0435 3036 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\drivers\hidbth.sys
20:29:20.0437 3036 HidBth - ok
20:29:20.0535 3036 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\drivers\hidir.sys
20:29:20.0538 3036 HidIr - ok
20:29:20.0600 3036 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll
20:29:20.0602 3036 hidserv - ok
20:29:20.0634 3036 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
20:29:20.0635 3036 HidUsb - ok
20:29:20.0660 3036 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
20:29:20.0671 3036 hkmsvc - ok
20:29:20.0735 3036 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
20:29:20.0744 3036 HomeGroupListener - ok
20:29:20.0794 3036 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
20:29:20.0803 3036 HomeGroupProvider - ok
20:29:20.0851 3036 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
20:29:20.0854 3036 HpSAMD - ok
20:29:20.0915 3036 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
20:29:20.0935 3036 HTTP - ok
20:29:20.0975 3036 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
20:29:20.0976 3036 hwpolicy - ok
20:29:21.0005 3036 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
20:29:21.0007 3036 i8042prt - ok
20:29:21.0055 3036 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
20:29:21.0063 3036 iaStorV - ok
20:29:21.0262 3036 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:29:21.0281 3036 idsvc - ok
20:29:21.0298 3036 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\drivers\iirsp.sys
20:29:21.0301 3036 iirsp - ok
20:29:21.0412 3036 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
20:29:21.0426 3036 IKEEXT - ok
20:29:21.0461 3036 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
20:29:21.0462 3036 intelide - ok
20:29:21.0510 3036 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\drivers\intelppm.sys
20:29:21.0512 3036 intelppm - ok
20:29:21.0538 3036 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
20:29:21.0545 3036 IPBusEnum - ok
20:29:21.0563 3036 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
20:29:21.0565 3036 IpFilterDriver - ok
20:29:21.0588 3036 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
20:29:21.0592 3036 IPMIDRV - ok
20:29:21.0639 3036 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
20:29:21.0644 3036 IPNAT - ok
20:29:21.0704 3036 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
20:29:21.0706 3036 IRENUM - ok
20:29:21.0745 3036 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
20:29:21.0746 3036 isapnp - ok
20:29:21.0809 3036 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
20:29:21.0817 3036 iScsiPrt - ok
20:29:21.0854 3036 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
20:29:21.0856 3036 kbdclass - ok
20:29:21.0887 3036 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys
20:29:21.0890 3036 kbdhid - ok
20:29:21.0926 3036 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
20:29:21.0934 3036 KeyIso - ok
20:29:21.0979 3036 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
20:29:21.0981 3036 KSecDD - ok
20:29:22.0035 3036 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
20:29:22.0041 3036 KSecPkg - ok
20:29:22.0073 3036 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
20:29:22.0075 3036 ksthunk - ok
20:29:22.0128 3036 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
20:29:22.0136 3036 KtmRm - ok
20:29:22.0185 3036 [ 0E154DA6CA9105354A07D0C576804037 ] L1C C:\windows\system32\DRIVERS\L1C62x64.sys
20:29:22.0187 3036 L1C - ok
20:29:22.0250 3036 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\system32\srvsvc.dll
20:29:22.0259 3036 LanmanServer - ok
20:29:22.0317 3036 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
20:29:22.0323 3036 LanmanWorkstation - ok
20:29:22.0374 3036 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
20:29:22.0376 3036 lltdio - ok
20:29:22.0429 3036 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
20:29:22.0440 3036 lltdsvc - ok
20:29:22.0469 3036 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
20:29:22.0474 3036 lmhosts - ok
20:29:22.0520 3036 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
20:29:22.0522 3036 LSI_FC - ok
20:29:22.0539 3036 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
20:29:22.0542 3036 LSI_SAS - ok
20:29:22.0588 3036 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
20:29:22.0590 3036 LSI_SAS2 - ok
20:29:22.0610 3036 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
20:29:22.0613 3036 LSI_SCSI - ok
20:29:22.0648 3036 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
20:29:22.0651 3036 luafv - ok
20:29:22.0702 3036 [ 024DA28053D57E9E32BEE52600576BBB ] MarvinBus C:\windows\system32\DRIVERS\MarvinBus64.sys
20:29:22.0706 3036 MarvinBus - ok
20:29:22.0755 3036 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
20:29:22.0758 3036 Mcx2Svc - ok
20:29:22.0772 3036 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\drivers\megasas.sys
20:29:22.0774 3036 megasas - ok
20:29:22.0826 3036 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
20:29:22.0831 3036 MegaSR - ok
20:29:22.0866 3036 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
20:29:22.0870 3036 MMCSS - ok
20:29:22.0910 3036 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
20:29:22.0913 3036 Modem - ok
20:29:22.0956 3036 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
20:29:22.0957 3036 monitor - ok
20:29:23.0003 3036 [ 5FEC1FF5BB9A1FA5C9CF4544D19D6D5D ] MotioninJoyXFilter C:\windows\system32\DRIVERS\MijXfilt.sys
20:29:23.0007 3036 MotioninJoyXFilter - ok
20:29:23.0033 3036 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
20:29:23.0035 3036 mouclass - ok
20:29:23.0073 3036 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
20:29:23.0074 3036 mouhid - ok
20:29:23.0103 3036 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
20:29:23.0108 3036 mountmgr - ok
20:29:23.0170 3036 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:29:23.0172 3036 MozillaMaintenance - ok
20:29:23.0213 3036 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
20:29:23.0219 3036 mpio - ok
20:29:23.0269 3036 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
20:29:23.0273 3036 mpsdrv - ok
20:29:23.0323 3036 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
20:29:23.0325 3036 MRxDAV - ok
20:29:23.0360 3036 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
20:29:23.0363 3036 mrxsmb - ok
20:29:23.0388 3036 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
20:29:23.0392 3036 mrxsmb10 - ok
20:29:23.0422 3036 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
20:29:23.0424 3036 mrxsmb20 - ok
20:29:23.0451 3036 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\drivers\msahci.sys
20:29:23.0453 3036 msahci - ok
20:29:23.0495 3036 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
20:29:23.0497 3036 msdsm - ok
20:29:23.0527 3036 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
20:29:23.0533 3036 MSDTC - ok
20:29:23.0585 3036 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
20:29:23.0586 3036 Msfs - ok
20:29:23.0636 3036 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
20:29:23.0637 3036 mshidkmdf - ok
20:29:23.0684 3036 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
20:29:23.0686 3036 msisadrv - ok
20:29:23.0790 3036 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
20:29:23.0794 3036 MSiSCSI - ok
20:29:23.0806 3036 msiserver - ok
20:29:23.0858 3036 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
20:29:23.0859 3036 MSKSSRV - ok
20:29:23.0878 3036 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
20:29:23.0879 3036 MSPCLOCK - ok
20:29:23.0952 3036 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
20:29:23.0953 3036 MSPQM - ok
20:29:24.0022 3036 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
20:29:24.0027 3036 MsRPC - ok
20:29:24.0069 3036 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
20:29:24.0070 3036 mssmbios - ok
20:29:24.0122 3036 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
20:29:24.0123 3036 MSTEE - ok
20:29:24.0142 3036 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\drivers\MTConfig.sys
20:29:24.0144 3036 MTConfig - ok
20:29:24.0175 3036 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
20:29:24.0177 3036 Mup - ok
20:29:24.0227 3036 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
20:29:24.0244 3036 napagent - ok
20:29:24.0297 3036 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
20:29:24.0307 3036 NativeWifiP - ok
20:29:24.0447 3036 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\windows\system32\drivers\ndis.sys
20:29:24.0460 3036 NDIS - ok
20:29:24.0512 3036 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
20:29:24.0514 3036 NdisCap - ok
20:29:24.0548 3036 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
20:29:24.0552 3036 NdisTapi - ok
20:29:24.0579 3036 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
20:29:24.0581 3036 Ndisuio - ok
20:29:24.0622 3036 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
20:29:24.0625 3036 NdisWan - ok
20:29:24.0662 3036 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
20:29:24.0664 3036 NDProxy - ok
20:29:24.0685 3036 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
20:29:24.0689 3036 NetBIOS - ok
20:29:24.0724 3036 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
20:29:24.0729 3036 NetBT - ok
20:29:24.0761 3036 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
20:29:24.0764 3036 Netlogon - ok
20:29:24.0815 3036 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
20:29:24.0826 3036 Netman - ok
20:29:24.0897 3036 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
20:29:24.0907 3036 netprofm - ok
20:29:24.0967 3036 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:29:24.0970 3036 NetTcpPortSharing - ok
20:29:25.0029 3036 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
20:29:25.0031 3036 nfrd960 - ok
20:29:25.0122 3036 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\windows\System32\nlasvc.dll
20:29:25.0131 3036 NlaSvc - ok
20:29:25.0190 3036 Norton PC Checkup Application Launcher - ok
20:29:25.0221 3036 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
20:29:25.0223 3036 Npfs - ok
20:29:25.0242 3036 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
20:29:25.0245 3036 nsi - ok
20:29:25.0433 3036 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
20:29:25.0435 3036 nsiproxy - ok
20:29:25.0804 3036 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
20:29:25.0853 3036 Ntfs - ok
20:29:25.0922 3036 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
20:29:25.0923 3036 Null - ok
20:29:25.0976 3036 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
20:29:25.0986 3036 nvraid - ok
20:29:26.0031 3036 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
20:29:26.0036 3036 nvstor - ok
20:29:26.0069 3036 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
20:29:26.0073 3036 nv_agp - ok
20:29:26.0118 3036 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
20:29:26.0123 3036 ohci1394 - ok
20:29:26.0191 3036 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:29:26.0194 3036 ose - ok
20:29:26.0481 3036 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:29:26.0585 3036 osppsvc - ok
20:29:26.0855 3036 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
20:29:26.0865 3036 p2pimsvc - ok
20:29:27.0041 3036 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
20:29:27.0052 3036 p2psvc - ok
20:29:27.0135 3036 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\drivers\parport.sys
20:29:27.0140 3036 Parport - ok
20:29:27.0370 3036 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
20:29:27.0372 3036 partmgr - ok
20:29:27.0431 3036 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
20:29:27.0439 3036 PcaSvc - ok
20:29:27.0506 3036 [ 2F86BE1818C2D7AC90478E3323EE7FCB ] PCCUJobMgr C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe
20:29:27.0509 3036 PCCUJobMgr - ok
20:29:28.0207 3036 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
20:29:28.0210 3036 pci - ok
20:29:28.0262 3036 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\DRIVERS\pciide.sys
20:29:28.0264 3036 pciide - ok
20:29:28.0307 3036 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\drivers\pcmcia.sys
20:29:28.0354 3036 pcmcia - ok
20:29:28.0372 3036 PCTBD - ok
20:29:28.0428 3036 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
20:29:28.0430 3036 pcw - ok
20:29:28.0469 3036 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
20:29:28.0481 3036 PEAUTH - ok
20:29:28.0605 3036 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
20:29:28.0610 3036 PerfHost - ok
20:29:28.0692 3036 [ 91111CEBBDE8015E822C46120ED9537C ] PGEffect C:\windows\system32\DRIVERS\pgeffect.sys
20:29:28.0693 3036 PGEffect - ok
20:29:28.0832 3036 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
20:29:28.0853 3036 pla - ok
20:29:28.0922 3036 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
20:29:28.0941 3036 PlugPlay - ok
20:29:28.0988 3036 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
20:29:28.0992 3036 PNRPAutoReg - ok
20:29:29.0047 3036 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
20:29:29.0060 3036 PNRPsvc - ok
20:29:29.0110 3036 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
20:29:29.0127 3036 PolicyAgent - ok
20:29:29.0194 3036 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
20:29:29.0205 3036 Power - ok
20:29:29.0286 3036 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
20:29:29.0288 3036 PptpMiniport - ok
20:29:29.0318 3036 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\drivers\processr.sys
20:29:29.0320 3036 Processor - ok
20:29:29.0384 3036 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
20:29:29.0389 3036 ProfSvc - ok
20:29:29.0418 3036 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
20:29:29.0423 3036 ProtectedStorage - ok
20:29:29.0454 3036 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
20:29:29.0457 3036 Psched - ok
20:29:29.0494 3036 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\windows\system32\Drivers\PxHlpa64.sys
20:29:29.0496 3036 PxHlpa64 - ok
20:29:29.0641 3036 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\drivers\ql2300.sys
20:29:29.0680 3036 ql2300 - ok
20:29:29.0750 3036 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\drivers\ql40xx.sys
20:29:29.0753 3036 ql40xx - ok
20:29:29.0855 3036 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
20:29:29.0863 3036 QWAVE - ok
20:29:29.0898 3036 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
20:29:29.0905 3036 QWAVEdrv - ok
20:29:29.0952 3036 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
20:29:29.0953 3036 RasAcd - ok
20:29:30.0027 3036 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
20:29:30.0029 3036 RasAgileVpn - ok
20:29:30.0171 3036 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
20:29:30.0176 3036 RasAuto - ok
20:29:30.0213 3036 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
20:29:30.0223 3036 Rasl2tp - ok
20:29:30.0280 3036 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
20:29:30.0298 3036 RasMan - ok
20:29:30.0381 3036 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
20:29:30.0406 3036 RasPppoe - ok
20:29:30.0563 3036 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
20:29:30.0575 3036 RasSstp - ok
20:29:30.0710 3036 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
20:29:30.0717 3036 rdbss - ok
20:29:30.0775 3036 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\drivers\rdpbus.sys
20:29:30.0777 3036 rdpbus - ok
20:29:30.0908 3036 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
20:29:30.0909 3036 RDPCDD - ok
20:29:30.0948 3036 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
20:29:30.0951 3036 RDPENCDD - ok
20:29:30.0978 3036 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
20:29:30.0980 3036 RDPREFMP - ok
20:29:31.0030 3036 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
20:29:31.0039 3036 RDPWD - ok
20:29:31.0075 3036 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
20:29:31.0085 3036 rdyboost - ok
20:29:31.0121 3036 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
20:29:31.0124 3036 RemoteAccess - ok
20:29:31.0191 3036 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
20:29:31.0196 3036 RemoteRegistry - ok
20:29:31.0243 3036 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
20:29:31.0247 3036 RpcEptMapper - ok
20:29:31.0274 3036 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
20:29:31.0279 3036 RpcLocator - ok
20:29:31.0329 3036 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
20:29:31.0347 3036 RpcSs - ok
20:29:31.0394 3036 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
20:29:31.0398 3036 rspndr - ok
20:29:31.0457 3036 [ 0E3DCF76F11DC431B088A2DFD7265CDA ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys
20:29:31.0461 3036 RSUSBSTOR - ok
20:29:31.0543 3036 [ 64FDF4FE366CA42DA2B7D9D424B6E39B ] RTL8192Ce C:\windows\system32\DRIVERS\rtl8192Ce.sys
20:29:31.0570 3036 RTL8192Ce - ok
20:29:31.0604 3036 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
20:29:31.0611 3036 SamSs - ok
20:29:31.0663 3036 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
20:29:31.0669 3036 sbp2port - ok
20:29:31.0739 3036 [ EECBBF7D76300E5558D316983961FFC1 ] ScanUSBEMPIA C:\windows\system32\DRIVERS\emScan64.sys
20:29:31.0740 3036 ScanUSBEMPIA - ok
20:29:31.0814 3036 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
20:29:31.0825 3036 SCardSvr - ok
20:29:31.0909 3036 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
20:29:31.0911 3036 scfilter - ok
20:29:32.0031 3036 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
20:29:32.0059 3036 Schedule - ok
20:29:32.0114 3036 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
20:29:32.0118 3036 SCPolicySvc - ok
20:29:32.0191 3036 [ 8B56BDCE6A303DDE63D63440D1CF9AD1 ] ScreamBAudioSvc C:\windows\system32\drivers\ScreamingBAudio64.sys
20:29:32.0192 3036 ScreamBAudioSvc - ok
20:29:32.0335 3036 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
20:29:32.0344 3036 SDRSVC - ok
20:29:32.0461 3036 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
20:29:32.0462 3036 secdrv - ok
20:29:32.0522 3036 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
20:29:32.0529 3036 seclogon - ok
20:29:32.0593 3036 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll
20:29:32.0613 3036 SENS - ok
20:29:32.0770 3036 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
20:29:32.0796 3036 SensrSvc - ok
20:29:32.0831 3036 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\drivers\serenum.sys
20:29:32.0832 3036 Serenum - ok
20:29:32.0872 3036 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\drivers\serial.sys
20:29:32.0874 3036 Serial - ok
20:29:32.0903 3036 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\drivers\sermouse.sys
20:29:32.0905 3036 sermouse - ok
20:29:32.0991 3036 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
20:29:32.0995 3036 SessionEnv - ok
20:29:33.0032 3036 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
20:29:33.0037 3036 sffdisk - ok
20:29:33.0090 3036 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
20:29:33.0092 3036 sffp_mmc - ok
20:29:33.0142 3036 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
20:29:33.0144 3036 sffp_sd - ok
20:29:33.0173 3036 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
20:29:33.0174 3036 sfloppy - ok
20:29:33.0242 3036 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\windows\system32\DRIVERS\Sftfslh.sys
20:29:33.0256 3036 Sftfs - ok
20:29:33.0349 3036 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
20:29:33.0358 3036 sftlist - ok
20:29:33.0410 3036 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\windows\system32\DRIVERS\Sftplaylh.sys
20:29:33.0418 3036 Sftplay - ok
20:29:33.0449 3036 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\windows\system32\DRIVERS\Sftredirlh.sys
20:29:33.0453 3036 Sftredir - ok
20:29:33.0478 3036 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\windows\system32\DRIVERS\Sftvollh.sys
20:29:33.0479 3036 Sftvol - ok
20:29:33.0546 3036 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
20:29:33.0552 3036 sftvsa - ok
20:29:33.0736 3036 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
20:29:33.0747 3036 ShellHWDetection - ok
20:29:33.0877 3036 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
20:29:33.0880 3036 SiSRaid2 - ok
20:29:33.0979 3036 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
20:29:33.0981 3036 SiSRaid4 - ok
20:29:34.0070 3036 [ EA396139541706B4B433641D62EA53CE ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
20:29:34.0073 3036 SkypeUpdate - ok
20:29:34.0261 3036 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
20:29:34.0264 3036 Smb - ok
20:29:34.0434 3036 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
20:29:34.0438 3036 SNMPTRAP - ok
20:29:34.0489 3036 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
20:29:34.0491 3036 spldr - ok
20:29:34.0545 3036 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe
20:29:34.0561 3036 Spooler - ok
20:29:34.0757 3036 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
20:29:34.0855 3036 sppsvc - ok
20:29:34.0927 3036 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
20:29:34.0932 3036 sppuinotify - ok
20:29:34.0974 3036 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
20:29:34.0986 3036 srv - ok
20:29:35.0203 3036 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
20:29:35.0212 3036 srv2 - ok
20:29:35.0438 3036 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
20:29:35.0442 3036 srvnet - ok
20:29:35.0607 3036 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
20:29:35.0614 3036 SSDPSRV - ok
20:29:35.0704 3036 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
20:29:35.0709 3036 SstpSvc - ok
20:29:36.0010 3036 Steam Client Service - ok
20:29:36.0053 3036 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\drivers\stexstor.sys
20:29:36.0054 3036 stexstor - ok
20:29:36.0648 3036 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
20:29:36.0662 3036 stisvc - ok
20:29:36.0869 3036 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\DRIVERS\swenum.sys
20:29:36.0871 3036 swenum - ok
20:29:37.0276 3036 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
20:29:37.0289 3036 swprv - ok
20:29:37.0737 3036 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
20:29:37.0776 3036 SysMain - ok
20:29:38.0175 3036 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
20:29:38.0186 3036 TabletInputService - ok
20:29:38.0246 3036 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
20:29:38.0255 3036 TapiSrv - ok
20:29:38.0353 3036 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
20:29:38.0357 3036 TBS - ok
20:29:38.0458 3036 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\windows\system32\drivers\tcpip.sys
20:29:38.0503 3036 Tcpip - ok
20:29:38.0579 3036 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
20:29:38.0618 3036 TCPIP6 - ok
20:29:38.0675 3036 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
20:29:38.0679 3036 tcpipreg - ok
20:29:38.0770 3036 [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys
20:29:38.0772 3036 tdcmdpst - ok
20:29:38.0908 3036 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
20:29:38.0909 3036 TDPIPE - ok
20:29:38.0953 3036 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
20:29:38.0955 3036 TDTCP - ok
20:29:39.0007 3036 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
20:29:39.0012 3036 tdx - ok
20:29:39.0437 3036 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\DRIVERS\termdd.sys
20:29:39.0439 3036 TermDD - ok
20:29:39.0546 3036 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
20:29:39.0558 3036 TermService - ok
20:29:39.0605 3036 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
20:29:39.0609 3036 Themes - ok
20:29:39.0635 3036 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
20:29:39.0639 3036 THREADORDER - ok
20:29:39.0911 3036 [ 71C321649B28638EE80A2EEB164C1DC8 ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
20:29:39.0913 3036 TMachInfo - ok
20:29:39.0959 3036 [ 8E2C799D3476EAC32C3BA0DF7CE6AF19 ] TODDSrv C:\windows\system32\TODDSrv.exe
20:29:39.0965 3036 TODDSrv - ok
20:29:40.0035 3036 [ 1C73689B900428C7D054A41C4687F55C ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
20:29:40.0045 3036 TosCoSrv - ok
20:29:40.0320 3036 [ 29D0886CF250FCEF1BF9E65AB8D2C0C8 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
20:29:40.0326 3036 TOSHIBA HDD SSD Alert Service - ok
20:29:40.0386 3036 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
20:29:40.0392 3036 TrkWks - ok
20:29:40.0752 3036 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
20:29:40.0755 3036 TrustedInstaller - ok
20:29:40.0796 3036 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
20:29:40.0798 3036 tssecsrv - ok
20:29:40.0854 3036 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
20:29:40.0856 3036 TsUsbFlt - ok
20:29:40.0896 3036 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
20:29:40.0898 3036 TsUsbGD - ok
20:29:40.0946 3036 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
20:29:40.0949 3036 tunnel - ok
20:29:40.0991 3036 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS
20:29:40.0994 3036 TVALZ - ok
20:29:41.0025 3036 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\drivers\uagp35.sys
20:29:41.0028 3036 uagp35 - ok
20:29:41.0212 3036 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
20:29:41.0225 3036 udfs - ok
20:29:41.0285 3036 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
20:29:41.0291 3036 UI0Detect - ok
20:29:41.0332 3036 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
20:29:41.0334 3036 uliagpkx - ok
20:29:41.0371 3036 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys
20:29:41.0373 3036 umbus - ok
20:29:41.0409 3036 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\drivers\umpass.sys
20:29:41.0412 3036 UmPass - ok
20:29:41.0491 3036 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
20:29:41.0504 3036 upnphost - ok
20:29:41.0692 3036 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\windows\system32\drivers\usbaudio.sys
20:29:41.0696 3036 usbaudio - ok
20:29:41.0749 3036 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
20:29:41.0755 3036 usbccgp - ok
20:29:41.0798 3036 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
20:29:41.0809 3036 usbcir - ok
20:29:41.0852 3036 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
20:29:41.0855 3036 usbehci - ok
20:29:41.0904 3036 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
20:29:41.0912 3036 usbhub - ok
20:29:42.0006 3036 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\DRIVERS\usbohci.sys
20:29:42.0010 3036 usbohci - ok
20:29:42.0044 3036 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\drivers\usbprint.sys
20:29:42.0046 3036 usbprint - ok
20:29:42.0103 3036 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
20:29:42.0106 3036 USBSTOR - ok
20:29:42.0192 3036 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys
20:29:42.0194 3036 usbuhci - ok
20:29:42.0245 3036 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
20:29:42.0248 3036 usbvideo - ok
20:29:42.0299 3036 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
20:29:42.0310 3036 UxSms - ok
20:29:42.0388 3036 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
20:29:42.0392 3036 VaultSvc - ok
20:29:42.0449 3036 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
20:29:42.0451 3036 vdrvroot - ok
20:29:42.0508 3036 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
20:29:42.0523 3036 vds - ok
20:29:42.0578 3036 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
20:29:42.0579 3036 vga - ok
20:29:42.0634 3036 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
20:29:42.0635 3036 VgaSave - ok
20:29:42.0815 3036 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
20:29:42.0820 3036 vhdmp - ok
20:29:42.0873 3036 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
20:29:42.0875 3036 viaide - ok
20:29:42.0909 3036 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
20:29:42.0911 3036 volmgr - ok
20:29:42.0957 3036 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
20:29:42.0963 3036 volmgrx - ok
20:29:43.0019 3036 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\windows\system32\drivers\volsnap.sys
20:29:43.0027 3036 volsnap - ok
20:29:43.0069 3036 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\drivers\vsmraid.sys
20:29:43.0072 3036 vsmraid - ok
20:29:43.0178 3036 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
20:29:43.0211 3036 VSS - ok
20:29:43.0228 3036 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
20:29:43.0230 3036 vwifibus - ok
20:29:43.0274 3036 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
20:29:43.0276 3036 vwififlt - ok
20:29:43.0325 3036 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
20:29:43.0337 3036 W32Time - ok
20:29:43.0385 3036 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\drivers\wacompen.sys
20:29:43.0387 3036 WacomPen - ok
20:29:43.0433 3036 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
20:29:43.0436 3036 WANARP - ok
20:29:43.0446 3036 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
20:29:43.0449 3036 Wanarpv6 - ok
20:29:43.0520 3036 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
20:29:43.0540 3036 WatAdminSvc - ok
20:29:43.0762 3036 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
20:29:43.0788 3036 wbengine - ok
20:29:43.0824 3036 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
20:29:43.0832 3036 WbioSrvc - ok
20:29:43.0863 3036 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
20:29:43.0875 3036 wcncsvc - ok
20:29:43.0926 3036 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
20:29:43.0932 3036 WcsPlugInService - ok
20:29:44.0018 3036 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\drivers\wd.sys
20:29:44.0019 3036 Wd - ok
20:29:44.0125 3036 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
20:29:44.0136 3036 Wdf01000 - ok
20:29:44.0176 3036 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
20:29:44.0181 3036 WdiServiceHost - ok
20:29:44.0237 3036 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
20:29:44.0245 3036 WdiSystemHost - ok
20:29:44.0402 3036 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
20:29:44.0466 3036 WebClient - ok
20:29:44.0552 3036 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
20:29:44.0595 3036 Wecsvc - ok
20:29:44.0691 3036 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
20:29:44.0697 3036 wercplsupport - ok
20:29:44.0725 3036 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
20:29:44.0730 3036 WerSvc - ok
20:29:44.0770 3036 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
20:29:44.0772 3036 WfpLwf - ok
20:29:44.0827 3036 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
20:29:44.0829 3036 WIMMount - ok
20:29:44.0861 3036 WinHttpAutoProxySvc - ok
20:29:44.0961 3036 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
20:29:44.0971 3036 Winmgmt - ok
20:29:45.0083 3036 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
20:29:45.0131 3036 WinRM - ok
20:29:45.0189 3036 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
20:29:45.0190 3036 WinUsb - ok
20:29:45.0264 3036 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
20:29:45.0285 3036 Wlansvc - ok
20:29:45.0365 3036 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
20:29:45.0367 3036 wlcrasvc - ok
20:29:45.0850 3036 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:29:45.0912 3036 wlidsvc - ok
20:29:46.0014 3036 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
20:29:46.0016 3036 WmiAcpi - ok
20:29:46.0077 3036 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
20:29:46.0081 3036 wmiApSrv - ok
20:29:46.0110 3036 WMPNetworkSvc - ok
20:29:46.0150 3036 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
20:29:46.0155 3036 WPCSvc - ok
20:29:46.0191 3036 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
20:29:46.0198 3036 WPDBusEnum - ok
20:29:46.0275 3036 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
20:29:46.0277 3036 ws2ifsl - ok
20:29:46.0292 3036 WSearch - ok
20:29:46.0332 3036 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\windows\system32\drivers\WudfPf.sys
20:29:46.0340 3036 WudfPf - ok
20:29:46.0372 3036 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
20:29:46.0378 3036 WUDFRd - ok
20:29:46.0423 3036 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\windows\System32\WUDFSvc.dll
20:29:46.0439 3036 wudfsvc - ok
20:29:46.0476 3036 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
20:29:46.0488 3036 WwanSvc - ok
20:29:46.0530 3036 [ 9176C0822FAA649E45121875BE32F5D2 ] xusb21 C:\windows\system32\DRIVERS\xusb21.sys
20:29:46.0532 3036 xusb21 - ok
20:29:46.0620 3036 ================ Scan global ===============================
20:29:46.0720 3036 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
20:29:46.0913 3036 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\windows\system32\winsrv.dll
20:29:46.0970 3036 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\windows\system32\winsrv.dll
20:29:47.0030 3036 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
20:29:47.0083 3036 [ 50BEA589F7D7958BDD2528A8F69D05CC ] C:\windows\system32\services.exe
20:29:47.0092 3036 C:\windows\system32\services.exe ( Virus.Win64.ZAccess.a ) - infected
20:29:47.0092 3036 C:\windows\system32\services.exe - detected Virus.Win64.ZAccess.a (0)
20:29:47.0095 3036 ================ Scan MBR ==================================
20:29:47.0126 3036 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
20:29:47.0414 3036 \Device\Harddisk0\DR0 - ok
20:29:47.0425 3036 ================ Scan VBR ==================================
20:29:47.0454 3036 [ 0E8181833307AF9717CE06CA6178D97C ] \Device\Harddisk0\DR0\Partition1
20:29:47.0459 3036 \Device\Harddisk0\DR0\Partition1 - ok
20:29:47.0460 3036 ============================================================
20:29:47.0461 3036 Scan finished
20:29:47.0461 3036 ============================================================
20:29:47.0518 6044 Detected object count: 1
20:29:47.0518 6044 Actual detected object count: 1
20:29:57.0672 6044 C:\windows\system32\services.exe - copied to quarantine
20:29:57.0875 6044 C:\windows\assembly\GAC_32\desktop.ini - copied to quarantine
20:29:57.0877 6044 C:\windows\assembly\GAC_64\desktop.ini - copied to quarantine
20:29:57.0898 6044 C:\windows\installer\{1124a725-e7eb-82f4-e978-28044d39f9dc}\@ - copied to quarantine
20:29:57.0996 6044 C:\windows\installer\{1124a725-e7eb-82f4-e978-28044d39f9dc}\L\[email protected] - copied to quarantine
20:29:57.0999 6044 C:\windows\installer\{1124a725-e7eb-82f4-e978-28044d39f9dc}\L\201d3dde - copied to quarantine
20:29:58.0003 6044 C:\windows\installer\{1124a725-e7eb-82f4-e978-28044d39f9dc}\U\[email protected] - copied to quarantine
20:29:58.0009 6044 C:\windows\installer\{1124a725-e7eb-82f4-e978-28044d39f9dc}\U\[email protected] - copied to quarantine
20:29:58.0012 6044 C:\windows\installer\{1124a725-e7eb-82f4-e978-28044d39f9dc}\U\[email protected] - copied to quarantine
20:29:58.0017 6044 C:\windows\installer\{1124a725-e7eb-82f4-e978-28044d39f9dc}\U\[email protected] - copied to quarantine
20:29:58.0021 6044 C:\windows\installer\{1124a725-e7eb-82f4-e978-28044d39f9dc}\U\[email protected] - copied to quarantine
20:29:58.0026 6044 C:\windows\installer\{1124a725-e7eb-82f4-e978-28044d39f9dc}\U\[email protected] - copied to quarantine
20:30:07.0371 6044 Backup copy not found, trying to cure infected file..
20:30:07.0371 6044 C:\windows\system32\services.exe - Cure failed (FFFFFFFF)
20:30:07.0372 6044 C:\windows\system32\services.exe - processing error
20:30:07.0372 6044 C:\windows\system32\services.exe ( Virus.Win64.ZAccess.a ) - User select action: Cure
20:30:58.0192 4100 ============================================================
20:30:58.0193 4100 Scan started
20:30:58.0193 4100 Mode: Manual;
20:30:58.0193 4100 ============================================================
20:31:00.0212 4100 ================ Scan system memory ========================
20:31:00.0212 4100 System memory - ok
20:31:00.0214 4100 ================ Scan services =============================
20:31:00.0410 4100 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
20:31:00.0416 4100 1394ohci - ok
20:31:00.0461 4100 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
20:31:00.0476 4100 ACPI - ok
20:31:00.0547 4100 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
20:31:00.0548 4100 AcpiPmi - ok
20:31:00.0632 4100 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
20:31:00.0651 4100 adp94xx - ok
20:31:00.0760 4100 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\drivers\adpahci.sys
20:31:00.0768 4100 adpahci - ok
20:31:00.0800 4100 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\drivers\adpu320.sys
20:31:00.0814 4100 adpu320 - ok
20:31:00.0966 4100 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
20:31:00.0968 4100 AeLookupSvc - ok
20:31:01.0017 4100 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
20:31:01.0030 4100 AFD - ok
20:31:01.0116 4100 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
20:31:01.0118 4100 agp440 - ok
20:31:01.0310 4100 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
20:31:01.0312 4100 ALG - ok
20:31:01.0393 4100 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
20:31:01.0394 4100 aliide - ok
20:31:01.0460 4100 [ 2F2E91FD092811353C3BC968BEC274D8 ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
20:31:01.0466 4100 AMD External Events Utility - ok
20:31:01.0516 4100 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
20:31:01.0517 4100 amdide - ok
20:31:01.0546 4100 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
20:31:01.0548 4100 AmdK8 - ok
20:31:02.0144 4100 [ 194D76D2083318A2E7071A988E02ECF4 ] amdkmdag C:\windows\system32\DRIVERS\atikmdag.sys
20:31:02.0396 4100 amdkmdag - ok
20:31:02.0497 4100 [ 1EEFFCE9A3A65A56A28793EAA3F57026 ] amdkmdap C:\windows\system32\DRIVERS\atikmpag.sys
20:31:02.0508 4100 amdkmdap - ok
20:31:02.0557 4100 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
20:31:02.0561 4100 AmdPPM - ok
20:31:02.0605 4100 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
20:31:02.0607 4100 amdsata - ok
20:31:02.0662 4100 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\drivers\amdsbs.sys
20:31:02.0665 4100 amdsbs - ok
20:31:02.0701 4100 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
20:31:02.0707 4100 amdxata - ok
20:31:02.0751 4100 [ CAEE7C1AFC9F1C9EE8DD11ACD18D22E7 ] amd_sata C:\windows\system32\DRIVERS\amd_sata.sys
20:31:02.0778 4100 amd_sata - ok
20:31:02.0835 4100 [ 23726116B4FBCC84FC45B95157C08F5F ] amd_xata C:\windows\system32\DRIVERS\amd_xata.sys
20:31:02.0837 4100 amd_xata - ok
20:31:02.0866 4100 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
20:31:02.0868 4100 AppID - ok
20:31:02.0909 4100 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
20:31:02.0911 4100 AppIDSvc - ok
20:31:02.0941 4100 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
20:31:02.0946 4100 Appinfo - ok
20:31:03.0027 4100 [ 70968A726D9DE0F0259D4AEB965FAD61 ] Application Updater C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
20:31:03.0039 4100 Application Updater - ok
20:31:03.0064 4100 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\drivers\arc.sys
20:31:03.0098 4100 arc - ok
20:31:03.0144 4100 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\drivers\arcsas.sys
20:31:03.0147 4100 arcsas - ok
20:31:03.0165 4100 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
20:31:03.0168 4100 AsyncMac - ok
20:31:03.0198 4100 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
20:31:03.0201 4100 atapi - ok
20:31:03.0307 4100 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
20:31:03.0318 4100 AudioEndpointBuilder - ok
20:31:03.0350 4100 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
20:31:03.0365 4100 AudioSrv - ok
20:31:03.0393 4100 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
20:31:03.0396 4100 AxInstSV - ok
20:31:03.0447 4100 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
20:31:03.0458 4100 b06bdrv - ok
20:31:03.0712 4100 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
20:31:03.0723 4100 b57nd60a - ok
20:31:03.0797 4100 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
20:31:03.0800 4100 BDESVC - ok
20:31:03.0819 4100 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
20:31:03.0820 4100 Beep - ok
20:31:03.0850 4100 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
20:31:03.0851 4100 blbdrive - ok
20:31:03.0896 4100 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
20:31:03.0898 4100 bowser - ok
20:31:03.0957 4100 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
20:31:03.0958 4100 BrFiltLo - ok
20:31:03.0975 4100 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
20:31:03.0976 4100 BrFiltUp - ok
20:31:04.0097 4100 [ A794840F36B2BD54FCCFDE0CA5E75E9B ] BroadCamService C:\Program Files (x86)\NCH Software\BroadCam\broadcam.exe
20:31:04.0258 4100 BroadCamService - ok
20:31:04.0311 4100 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
20:31:04.0313 4100 Browser - ok
20:31:04.0392 4100 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
20:31:04.0398 4100 Brserid - ok
20:31:04.0412 4100 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
20:31:04.0414 4100 BrSerWdm - ok
20:31:04.0478 4100 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
20:31:04.0479 4100 BrUsbMdm - ok
20:31:04.0506 4100 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
20:31:04.0509 4100 BrUsbSer - ok
20:31:04.0712 4100 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
20:31:04.0714 4100 BTHMODEM - ok
20:31:04.0857 4100 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
20:31:04.0860 4100 bthserv - ok
20:31:04.0918 4100 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
20:31:04.0920 4100 cdfs - ok
20:31:04.0957 4100 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
20:31:04.0960 4100 cdrom - ok
20:31:04.0990 4100 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
20:31:04.0993 4100 CertPropSvc - ok
20:31:05.0022 4100 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\drivers\circlass.sys
20:31:05.0023 4100 circlass - ok
20:31:05.0063 4100 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
20:31:05.0072 4100 CLFS - ok
20:31:05.0134 4100 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:31:05.0143 4100 clr_optimization_v2.0.50727_32 - ok
20:31:05.0183 4100 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:31:05.0189 4100 clr_optimization_v2.0.50727_64 - ok
20:31:05.0306 4100 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:31:05.0309 4100 clr_optimization_v4.0.30319_32 - ok
20:31:05.0823 4100 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:31:05.0826 4100 clr_optimization_v4.0.30319_64 - ok
20:31:05.0883 4100 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
20:31:05.0884 4100 CmBatt - ok
20:31:05.0924 4100 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
20:31:05.0925 4100 cmdide - ok
20:31:05.0974 4100 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys
20:31:05.0984 4100 CNG - ok
20:31:06.0100 4100 [ 99B1B888B793DE320C5479B3C953781F ] CnxtHdAudService C:\windows\system32\drivers\CHDRT64.sys
20:31:06.0145 4100 CnxtHdAudService - ok
20:31:06.0209 4100 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\drivers\compbatt.sys
20:31:06.0211 4100 Compbatt - ok
20:31:06.0239 4100 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
20:31:06.0241 4100 CompositeBus - ok
20:31:06.0259 4100 COMSysApp - ok
20:31:06.0292 4100 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
20:31:06.0294 4100 crcdisk - ok
20:31:06.0363 4100 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\windows\system32\cryptsvc.dll
20:31:06.0369 4100 CryptSvc - ok
20:31:06.0536 4100 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
20:31:06.0568 4100 cvhsvc - ok
20:31:06.0626 4100 [ B1C55A95006D621D04FE4A23F86C0A54 ] DCamUSBEMPIA C:\windows\system32\DRIVERS\emDevice64.sys
20:31:06.0630 4100 DCamUSBEMPIA - ok
20:31:06.0696 4100 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
20:31:06.0714 4100 DcomLaunch - ok
20:31:06.0765 4100 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
20:31:06.0796 4100 defragsvc - ok
20:31:06.0847 4100 [ 2B9A817DC1BDAD9CE5495099B6A7136A ] Desura Install Service C:\Program Files (x86)\Common Files\Desura\desura_service.exe
20:31:06.0850 4100 Desura Install Service - ok
20:31:06.0883 4100 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
20:31:06.0896 4100 DfsC - ok
20:31:06.0941 4100 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
20:31:06.0947 4100 Dhcp - ok
20:31:06.0989 4100 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
20:31:06.0990 4100 discache - ok
20:31:07.0013 4100 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\drivers\disk.sys
20:31:07.0014 4100 Disk - ok
20:31:07.0059 4100 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
20:31:07.0063 4100 Dnscache - ok
20:31:07.0168 4100 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
20:31:07.0200 4100 dot3svc - ok
20:31:07.0250 4100 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
20:31:07.0264 4100 DPS - ok
20:31:07.0310 4100 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
20:31:07.0313 4100 drmkaud - ok
20:31:07.0360 4100 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\windows\system32\DRIVERS\dtsoftbus01.sys
20:31:07.0368 4100 dtsoftbus01 - ok
20:31:07.0431 4100 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
20:31:07.0448 4100 DXGKrnl - ok
20:31:07.0490 4100 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
20:31:07.0496 4100 EapHost - ok
20:31:07.0709 4100 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\drivers\evbda.sys
20:31:07.0867 4100 ebdrv - ok
20:31:07.0933 4100 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
20:31:07.0935 4100 EFS - ok
20:31:08.0072 4100 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
20:31:08.0088 4100 ehRecvr - ok
20:31:08.0140 4100 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
20:31:08.0142 4100 ehSched - ok
20:31:08.0244 4100 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\drivers\elxstor.sys
20:31:08.0252 4100 elxstor - ok
20:31:08.0299 4100 [ 8543BB84CD5872CD1619183F5CBBE3F9 ] emAudio C:\windows\system32\drivers\emAudio64.sys
20:31:08.0301 4100 emAudio - ok
20:31:08.0321 4100 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
20:31:08.0322 4100 ErrDev - ok
20:31:08.0373 4100 [ 5D82D501D2FEE413B1F45F0302B5802C ] ETD C:\windows\system32\DRIVERS\ETD.sys
20:31:08.0376 4100 ETD - ok
20:31:08.0449 4100 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
20:31:08.0456 4100 EventSystem - ok
20:31:08.0510 4100 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
20:31:08.0515 4100 exfat - ok
20:31:08.0540 4100 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
20:31:08.0546 4100 fastfat - ok
20:31:08.0595 4100 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
20:31:08.0618 4100 Fax - ok
20:31:08.0647 4100 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\drivers\fdc.sys
20:31:08.0649 4100 fdc - ok
20:31:08.0689 4100 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
20:31:08.0692 4100 fdPHost - ok
20:31:08.0721 4100 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
20:31:08.0732 4100 FDResPub - ok
20:31:08.0757 4100 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
20:31:08.0760 4100 FileInfo - ok
20:31:08.0790 4100 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
20:31:08.0791 4100 Filetrace - ok
20:31:08.0841 4100 [ 73FBB50C4D92ADC30A9D57A269489A0B ] FiltUSBEMPIA C:\windows\system32\DRIVERS\emFilter64.sys
20:31:08.0842 4100 FiltUSBEMPIA - ok
20:31:08.0929 4100 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\drivers\flpydisk.sys
20:31:08.0931 4100 flpydisk - ok
20:31:08.0981 4100 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
20:31:08.0986 4100 FltMgr - ok
20:31:09.0185 4100 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll
20:31:09.0219 4100 FontCache - ok
20:31:09.0290 4100 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:31:09.0293 4100 FontCache3.0.0.0 - ok
20:31:09.0340 4100 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
20:31:09.0341 4100 FsDepends - ok
20:31:09.0372 4100 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
20:31:09.0375 4100 Fs_Rec - ok
20:31:09.0411 4100 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
20:31:09.0415 4100 fvevol - ok
20:31:09.0463 4100 [ 60ACB128E64C35C2B4E4AAB1B0A5C293 ] FwLnk C:\windows\system32\DRIVERS\FwLnk.sys
20:31:09.0467 4100 FwLnk - ok
20:31:09.0506 4100 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
20:31:09.0508 4100 gagp30kx - ok
20:31:09.0581 4100 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
20:31:09.0591 4100 GamesAppService - ok
20:31:09.0735 4100 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
20:31:09.0753 4100 gpsvc - ok
20:31:09.0810 4100 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:31:09.0813 4100 gupdate - ok
20:31:09.0847 4100 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:31:09.0849 4100 gupdatem - ok
20:31:09.0930 4100 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
20:31:09.0936 4100 gusvc - ok
20:31:09.0990 4100 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\windows\system32\DRIVERS\hamachi.sys
20:31:09.0991 4100 hamachi - ok
20:31:10.0152 4100 [ F10C3F2E002100BF8B797DCF283FEA7D ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
20:31:10.0215 4100 Hamachi2Svc - ok
20:31:10.0294 4100 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
20:31:10.0295 4100 hcw85cir - ok
20:31:10.0329 4100 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
20:31:10.0334 4100 HdAudAddService - ok
20:31:10.0364 4100 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
20:31:10.0367 4100 HDAudBus - ok
20:31:10.0385 4100 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\drivers\HidBatt.sys
20:31:10.0390 4100 HidBatt - ok
20:31:10.0430 4100 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\drivers\hidbth.sys
20:31:10.0434 4100 HidBth - ok
20:31:10.0518 4100 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\drivers\hidir.sys
20:31:10.0526 4100 HidIr - ok
20:31:10.0589 4100 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll
20:31:10.0595 4100 hidserv - ok
20:31:10.0762 4100 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
20:31:10.0763 4100 HidUsb - ok
20:31:10.0824 4100 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
20:31:10.0829 4100 hkmsvc - ok
20:31:10.0964 4100 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
20:31:10.0970 4100 HomeGroupListener - ok
20:31:11.0027 4100 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
20:31:11.0035 4100 HomeGroupProvider - ok
20:31:11.0078 4100 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
20:31:11.0081 4100 HpSAMD - ok
20:31:11.0147 4100 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
20:31:11.0158 4100 HTTP - ok
20:31:11.0182 4100 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
20:31:11.0185 4100 hwpolicy - ok
20:31:11.0208 4100 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
20:31:11.0210 4100 i8042prt - ok
20:31:11.0248 4100 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
20:31:11.0258 4100 iaStorV - ok
20:31:11.0350 4100 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:31:11.0362 4100 idsvc - ok
20:31:11.0391 4100 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\drivers\iirsp.sys
20:31:11.0393 4100 iirsp - ok
20:31:11.0467 4100 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
20:31:11.0484 4100 IKEEXT - ok
20:31:11.0544 4100 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
20:31:11.0546 4100 intelide - ok
20:31:11.0830 4100 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\drivers\intelppm.sys
20:31:11.0834 4100 intelppm - ok
20:31:11.0947 4100 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
20:31:11.0950 4100 IPBusEnum - ok
20:31:12.0028 4100 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
20:31:12.0030 4100 IpFilterDriver - ok
20:31:12.0072 4100 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
20:31:12.0074 4100 IPMIDRV - ok
20:31:12.0092 4100 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
20:31:12.0094 4100 IPNAT - ok
20:31:12.0119 4100 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
20:31:12.0121 4100 IRENUM - ok
20:31:12.0175 4100 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
20:31:12.0180 4100 isapnp - ok
20:31:12.0260 4100 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
20:31:12.0265 4100 iScsiPrt - ok
20:31:12.0294 4100 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
20:31:12.0296 4100 kbdclass - ok
20:31:12.0311 4100 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys
20:31:12.0312 4100 kbdhid - ok
20:31:12.0356 4100 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
20:31:12.0366 4100 KeyIso - ok
20:31:12.0431 4100 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
20:31:12.0434 4100 KSecDD - ok
20:31:12.0474 4100 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
20:31:12.0477 4100 KSecPkg - ok
20:31:12.0537 4100 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
20:31:12.0539 4100 ksthunk - ok
20:31:12.0588 4100 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
20:31:12.0596 4100 KtmRm - ok
20:31:12.0647 4100 [ 0E154DA6CA9105354A07D0C576804037 ] L1C C:\windows\system32\DRIVERS\L1C62x64.sys
20:31:12.0649 4100 L1C - ok
20:31:12.0708 4100 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\system32\srvsvc.dll
20:31:12.0717 4100 LanmanServer - ok
20:31:12.0762 4100 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
20:31:12.0768 4100 LanmanWorkstation - ok
20:31:12.0802 4100 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
20:31:12.0809 4100 lltdio - ok
20:31:12.0869 4100 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
20:31:12.0875 4100 lltdsvc - ok
20:31:12.0923 4100 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
20:31:12.0926 4100 lmhosts - ok
20:31:12.0973 4100 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
20:31:12.0976 4100 LSI_FC - ok
20:31:12.0991 4100 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
20:31:12.0994 4100 LSI_SAS - ok
20:31:13.0015 4100 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
20:31:13.0017 4100 LSI_SAS2 - ok
20:31:13.0039 4100 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
20:31:13.0045 4100 LSI_SCSI - ok
20:31:13.0077 4100 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
20:31:13.0079 4100 luafv - ok
20:31:13.0131 4100 [ 024DA28053D57E9E32BEE52600576BBB ] MarvinBus C:\windows\system32\DRIVERS\MarvinBus64.sys
20:31:13.0140 4100 MarvinBus - ok
20:31:13.0194 4100 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
20:31:13.0198 4100 Mcx2Svc - ok
20:31:13.0239 4100 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\drivers\megasas.sys
20:31:13.0241 4100 megasas - ok
20:31:13.0299 4100 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
20:31:13.0307 4100 MegaSR - ok
20:31:13.0350 4100 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
20:31:13.0361 4100 MMCSS - ok
20:31:13.0374 4100 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
20:31:13.0379 4100 Modem - ok
20:31:13.0411 4100 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
20:31:13.0413 4100 monitor - ok
20:31:13.0474 4100 [ 5FEC1FF5BB9A1FA5C9CF4544D19D6D5D ] MotioninJoyXFilter C:\windows\system32\DRIVERS\MijXfilt.sys
20:31:13.0480 4100 MotioninJoyXFilter - ok
20:31:13.0523 4100 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
20:31:13.0525 4100 mouclass - ok
20:31:13.0567 4100 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
20:31:13.0574 4100 mouhid - ok
20:31:13.0616 4100 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
20:31:13.0630 4100 mountmgr - ok
20:31:13.0709 4100 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:31:13.0731 4100 MozillaMaintenance - ok
20:31:13.0767 4100 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
20:31:13.0777 4100 mpio - ok
20:31:13.0818 4100 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
20:31:13.0827 4100 mpsdrv - ok
20:31:13.0900 4100 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
20:31:13.0908 4100 MRxDAV - ok
20:31:13.0979 4100 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
20:31:13.0983 4100 mrxsmb - ok
20:31:14.0051 4100 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
20:31:14.0060 4100 mrxsmb10 - ok
20:31:14.0108 4100 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
20:31:14.0110 4100 mrxsmb20 - ok
20:31:14.0134 4100 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\drivers\msahci.sys
20:31:14.0143 4100 msahci - ok
20:31:14.0181 4100 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
20:31:14.0184 4100 msdsm - ok
20:31:14.0227 4100 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
20:31:14.0233 4100 MSDTC - ok
20:31:14.0290 4100 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
20:31:14.0291 4100 Msfs - ok
20:31:14.0328 4100 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
20:31:14.0330 4100 mshidkmdf - ok
20:31:14.0357 4100 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
20:31:14.0358 4100 msisadrv - ok
20:31:14.0430 4100 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
20:31:14.0440 4100 MSiSCSI - ok
20:31:14.0457 4100 msiserver - ok
20:31:14.0497 4100 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
20:31:14.0498 4100 MSKSSRV - ok
20:31:14.0530 4100 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
20:31:14.0531 4100 MSPCLOCK - ok
20:31:14.0572 4100 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
20:31:14.0576 4100 MSPQM - ok
20:31:14.0638 4100 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
20:31:14.0643 4100 MsRPC - ok
20:31:14.0683 4100 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
20:31:14.0684 4100 mssmbios - ok
20:31:14.0707 4100 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
20:31:14.0708 4100 MSTEE - ok
20:31:14.0724 4100 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\drivers\MTConfig.sys
20:31:14.0726 4100 MTConfig - ok
20:31:14.0760 4100 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
20:31:14.0762 4100 Mup - ok
20:31:14.0811 4100 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
20:31:14.0830 4100 napagent - ok
20:31:14.0925 4100 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
20:31:14.0931 4100 NativeWifiP - ok
20:31:15.0027 4100 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\windows\system32\drivers\ndis.sys
20:31:15.0045 4100 NDIS - ok
20:31:15.0074 4100 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
20:31:15.0076 4100 NdisCap - ok
20:31:15.0190 4100 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
20:31:15.0192 4100 NdisTapi - ok
20:31:15.0222 4100 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
20:31:15.0228 4100 Ndisuio - ok
20:31:15.0274 4100 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
20:31:15.0281 4100 NdisWan - ok
20:31:15.0324 4100 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
20:31:15.0328 4100 NDProxy - ok
20:31:15.0369 4100 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
20:31:15.0371 4100 NetBIOS - ok
20:31:15.0428 4100 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
20:31:15.0433 4100 NetBT - ok
20:31:15.0473 4100 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
20:31:15.0476 4100 Netlogon - ok
20:31:15.0760 4100 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
20:31:15.0775 4100 Netman - ok
20:31:15.0931 4100 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
20:31:15.0943 4100 netprofm - ok
20:31:15.0984 4100 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:31:15.0993 4100 NetTcpPortSharing - ok
20:31:16.0035 4100 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
20:31:16.0044 4100 nfrd960 - ok
20:31:16.0114 4100 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\windows\System32\nlasvc.dll
20:31:16.0127 4100 NlaSvc - ok
20:31:16.0218 4100 Norton PC Checkup Application Launcher - ok
20:31:16.0247 4100 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
20:31:16.0249 4100 Npfs - ok
20:31:16.0264 4100 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
20:31:16.0268 4100 nsi - ok
20:31:16.0300 4100 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
20:31:16.0301 4100 nsiproxy - ok
20:31:16.0406 4100 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
20:31:16.0432 4100 Ntfs - ok
20:31:16.0462 4100 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
20:31:16.0463 4100 Null - ok
20:31:16.0490 4100 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
20:31:16.0493 4100 nvraid - ok
20:31:16.0533 4100 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
20:31:16.0541 4100 nvstor - ok
20:31:16.0581 4100 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
20:31:16.0583 4100 nv_agp - ok
20:31:16.0623 4100 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
20:31:16.0628 4100 ohci1394 - ok
20:31:16.0663 4100 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:31:16.0666 4100 ose - ok
20:31:16.0960 4100 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:31:17.0100 4100 osppsvc - ok
20:31:17.0159 4100 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
20:31:17.0169 4100 p2pimsvc - ok
20:31:17.0208 4100 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
20:31:17.0221 4100 p2psvc - ok
20:31:17.0285 4100 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\drivers\parport.sys
20:31:17.0289 4100 Parport - ok
20:31:17.0329 4100 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
20:31:17.0332 4100 partmgr - ok
20:31:17.0380 4100 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
20:31:17.0390 4100 PcaSvc - ok
20:31:17.0452 4100 [ 2F86BE1818C2D7AC90478E3323EE7FCB ] PCCUJobMgr C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe
20:31:17.0457 4100 PCCUJobMgr - ok
20:31:17.0502 4100 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
20:31:17.0512 4100 pci - ok
20:31:17.0560 4100 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\DRIVERS\pciide.sys
20:31:17.0562 4100 pciide - ok
20:31:17.0614 4100 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\drivers\pcmcia.sys
20:31:17.0617 4100 pcmcia - ok
20:31:17.0641 4100 PCTBD - ok
20:31:17.0702 4100 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
20:31:17.0711 4100 pcw - ok
20:31:17.0759 4100 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
20:31:17.0773 4100 PEAUTH - ok
20:31:18.0134 4100 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
20:31:18.0138 4100 PerfHost - ok
20:31:18.0279 4100 [ 91111CEBBDE8015E822C46120ED9537C ] PGEffect C:\windows\system32\DRIVERS\pgeffect.sys
20:31:18.0283 4100 PGEffect - ok
20:31:18.0484 4100 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
20:31:18.0525 4100 pla - ok
20:31:18.0584 4100 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
20:31:18.0593 4100 PlugPlay - ok
20:31:18.0651 4100 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
20:31:18.0656 4100 PNRPAutoReg - ok
20:31:18.0706 4100 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
20:31:18.0715 4100 PNRPsvc - ok
20:31:18.0763 4100 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
20:31:18.0774 4100 PolicyAgent - ok
20:31:18.0832 4100 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
20:31:18.0846 4100 Power - ok
20:31:18.0892 4100 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
20:31:18.0896 4100 PptpMiniport - ok
20:31:18.0928 4100 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\drivers\processr.sys
20:31:18.0932 4100 Processor - ok
20:31:18.0992 4100 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
20:31:19.0000 4100 ProfSvc - ok
20:31:19.0068 4100 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
20:31:19.0074 4100 ProtectedStorage - ok
20:31:19.0108 4100 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
20:31:19.0110 4100 Psched - ok
20:31:19.0190 4100 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\windows\system32\Drivers\PxHlpa64.sys
20:31:19.0191 4100 PxHlpa64 - ok
20:31:19.0294 4100 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\drivers\ql2300.sys
20:31:19.0316 4100 ql2300 - ok
20:31:19.0383 4100 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\drivers\ql40xx.sys
20:31:19.0386 4100 ql40xx - ok
20:31:19.0447 4100 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
20:31:19.0454 4100 QWAVE - ok
20:31:19.0483 4100 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
20:31:19.0489 4100 QWAVEdrv - ok
20:31:19.0512 4100 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
20:31:19.0513 4100 RasAcd - ok
20:31:19.0558 4100 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
20:31:19.0561 4100 RasAgileVpn - ok
20:31:19.0590 4100 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
20:31:19.0595 4100 RasAuto - ok
20:31:19.0676 4100 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
20:31:19.0679 4100 Rasl2tp - ok
20:31:19.0750 4100 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
20:31:19.0764 4100 RasMan - ok
20:31:19.0809 4100 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
20:31:19.0813 4100 RasPppoe - ok
20:31:19.0860 4100 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
20:31:19.0862 4100 RasSstp - ok
20:31:19.0930 4100 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
20:31:19.0935 4100 rdbss - ok
20:31:19.0994 4100 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\drivers\rdpbus.sys
20:31:19.0995 4100 rdpbus - ok
20:31:20.0024 4100 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
20:31:20.0026 4100 RDPCDD - ok
20:31:20.0068 4100 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
20:31:20.0074 4100 RDPENCDD - ok
20:31:20.0115 4100 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
20:31:20.0116 4100 RDPREFMP - ok
20:31:20.0161 4100 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
20:31:20.0169 4100 RDPWD - ok
20:31:20.0210 4100 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
20:31:20.0216 4100 rdyboost - ok
20:31:20.0248 4100 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
20:31:20.0252 4100 RemoteAccess - ok
20:31:20.0299 4100 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
20:31:20.0311 4100 RemoteRegistry - ok
20:31:20.0350 4100 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
20:31:20.0358 4100 RpcEptMapper - ok
20:31:20.0382 4100 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
20:31:20.0384 4100 RpcLocator - ok
20:31:20.0451 4100 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
20:31:20.0470 4100 RpcSs - ok
20:31:20.0501 4100 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
20:31:20.0506 4100 rspndr - ok
20:31:20.0576 4100 [ 0E3DCF76F11DC431B088A2DFD7265CDA ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys
20:31:20.0584 4100 RSUSBSTOR - ok
20:31:20.0666 4100 [ 64FDF4FE366CA42DA2B7D9D424B6E39B ] RTL8192Ce C:\windows\system32\DRIVERS\rtl8192Ce.sys
20:31:20.0686 4100 RTL8192Ce - ok
20:31:20.0712 4100 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
20:31:20.0715 4100 SamSs - ok
20:31:20.0749 4100 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
20:31:20.0753 4100 sbp2port - ok
20:31:20.0801 4100 [ EECBBF7D76300E5558D316983961FFC1 ] ScanUSBEMPIA C:\windows\system32\DRIVERS\emScan64.sys
20:31:20.0803 4100 ScanUSBEMPIA - ok
20:31:20.0860 4100 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
20:31:20.0869 4100 SCardSvr - ok
20:31:20.0927 4100 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
20:31:20.0929 4100 scfilter - ok
20:31:21.0011 4100 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
20:31:21.0043 4100 Schedule - ok
20:31:21.0092 4100 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
20:31:21.0095 4100 SCPolicySvc - ok
20:31:21.0131 4100 [ 8B56BDCE6A303DDE63D63440D1CF9AD1 ] ScreamBAudioSvc C:\windows\system32\drivers\ScreamingBAudio64.sys
20:31:21.0133 4100 ScreamBAudioSvc - ok
20:31:21.0210 4100 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
20:31:21.0215 4100 SDRSVC - ok
20:31:21.0264 4100 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
20:31:21.0266 4100 secdrv - ok
20:31:21.0294 4100 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
20:31:21.0299 4100 seclogon - ok
20:31:21.0325 4100 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll
20:31:21.0330 4100 SENS - ok
20:31:21.0356 4100 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
20:31:21.0362 4100 SensrSvc - ok
20:31:21.0393 4100 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\drivers\serenum.sys
20:31:21.0395 4100 Serenum - ok
20:31:21.0435 4100 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\drivers\serial.sys
20:31:21.0439 4100 Serial - ok
20:31:21.0462 4100 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\drivers\sermouse.sys
20:31:21.0463 4100 sermouse - ok
20:31:21.0551 4100 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
20:31:21.0567 4100 SessionEnv - ok
20:31:21.0609 4100 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
20:31:21.0611 4100 sffdisk - ok
20:31:21.0652 4100 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
20:31:21.0659 4100 sffp_mmc - ok
20:31:21.0690 4100 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
20:31:21.0692 4100 sffp_sd - ok
20:31:21.0724 4100 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
20:31:21.0726 4100 sfloppy - ok
20:31:21.0845 4100 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\windows\system32\DRIVERS\Sftfslh.sys
20:31:21.0858 4100 Sftfs - ok
20:31:22.0027 4100 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
20:31:22.0036 4100 sftlist - ok
20:31:22.0096 4100 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\windows\system32\DRIVERS\Sftplaylh.sys
20:31:22.0101 4100 Sftplay - ok
20:31:22.0133 4100 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\windows\system32\DRIVERS\Sftredirlh.sys
20:31:22.0136 4100 Sftredir - ok
20:31:22.0162 4100 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\windows\system32\DRIVERS\Sftvollh.sys
20:31:22.0163 4100 Sftvol - ok
20:31:22.0232 4100 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
20:31:22.0239 4100 sftvsa - ok
20:31:22.0423 4100 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
20:31:22.0433 4100 ShellHWDetection - ok
20:31:22.0486 4100 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
20:31:22.0491 4100 SiSRaid2 - ok
20:31:22.0534 4100 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
20:31:22.0536 4100 SiSRaid4 - ok
20:31:22.0595 4100 [ EA396139541706B4B433641D62EA53CE ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
20:31:22.0607 4100 SkypeUpdate - ok
20:31:22.0667 4100 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
20:31:22.0669 4100 Smb - ok
20:31:22.0751 4100 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
20:31:22.0760 4100 SNMPTRAP - ok
20:31:22.0783 4100 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
20:31:22.0790 4100 spldr - ok
20:31:22.0851 4100 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe
20:31:22.0863 4100 Spooler - ok
20:31:23.0027 4100 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
20:31:23.0162 4100 sppsvc - ok
20:31:23.0191 4100 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
20:31:23.0195 4100 sppuinotify - ok
20:31:23.0233 4100 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
20:31:23.0247 4100 srv - ok
20:31:23.0318 4100 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
20:31:23.0327 4100 srv2 - ok
20:31:23.0357 4100 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
20:31:23.0360 4100 srvnet - ok
20:31:23.0447 4100 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
20:31:23.0455 4100 SSDPSRV - ok
20:31:23.0498 4100 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
20:31:23.0502 4100 SstpSvc - ok
20:31:23.0527 4100 Steam Client Service - ok
20:31:23.0572 4100 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\drivers\stexstor.sys
20:31:23.0574 4100 stexstor - ok
20:31:23.0624 4100 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
20:31:23.0639 4100 stisvc - ok
20:31:23.0691 4100 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\DRIVERS\swenum.sys
20:31:23.0693 4100 swenum - ok
20:31:23.0765 4100 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
20:31:23.0784 4100 swprv - ok
20:31:23.0873 4100 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
20:31:23.0906 4100 SysMain - ok
20:31:23.0981 4100 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
20:31:23.0992 4100 TabletInputService - ok
20:31:24.0090 4100 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
20:31:24.0099 4100 TapiSrv - ok
20:31:24.0148 4100 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
20:31:24.0158 4100 TBS - ok
20:31:24.0246 4100 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\windows\system32\drivers\tcpip.sys
20:31:24.0278 4100 Tcpip - ok
20:31:24.0333 4100 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
20:31:24.0358 4100 TCPIP6 - ok
20:31:24.0391 4100 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
20:31:24.0393 4100 tcpipreg - ok
20:31:24.0498 4100 [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys
20:31:24.0503 4100 tdcmdpst - ok
20:31:24.0614 4100 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
20:31:24.0616 4100 TDPIPE - ok
20:31:24.0658 4100 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
20:31:24.0659 4100 TDTCP - ok
20:31:24.0713 4100 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
20:31:24.0718 4100 tdx - ok
20:31:24.0775 4100 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\DRIVERS\termdd.sys
20:31:24.0777 4100 TermDD - ok
20:31:24.0901 4100 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
20:31:24.0919 4100 TermService - ok
20:31:24.0963 4100 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
20:31:24.0969 4100 Themes - ok
20:31:24.0996 4100 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
20:31:25.0007 4100 THREADORDER - ok
20:31:25.0067 4100 [ 71C321649B28638EE80A2EEB164C1DC8 ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
20:31:25.0078 4100 TMachInfo - ok
20:31:25.0146 4100 [ 8E2C799D3476EAC32C3BA0DF7CE6AF19 ] TODDSrv C:\windows\system32\TODDSrv.exe
20:31:25.0156 4100 TODDSrv - ok
20:31:25.0220 4100 [ 1C73689B900428C7D054A41C4687F55C ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
20:31:25.0232 4100 TosCoSrv - ok
20:31:25.0295 4100 [ 29D0886CF250FCEF1BF9E65AB8D2C0C8 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
20:31:25.0297 4100 TOSHIBA HDD SSD Alert Service - ok
20:31:25.0348 4100 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
20:31:25.0353 4100 TrkWks - ok
20:31:25.0432 4100 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
20:31:25.0439 4100 TrustedInstaller - ok
20:31:25.0491 4100 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
20:31:25.0494 4100 tssecsrv - ok
20:31:25.0573 4100 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
20:31:25.0576 4100 TsUsbFlt - ok
20:31:25.0631 4100 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
20:31:25.0634 4100 TsUsbGD - ok
20:31:25.0662 4100 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
20:31:25.0665 4100 tunnel - ok
20:31:25.0697 4100 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS
20:31:25.0701 4100 TVALZ - ok
20:31:25.0751 4100 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\drivers\uagp35.sys
20:31:25.0757 4100 uagp35 - ok
20:31:25.0816 4100 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
20:31:25.0827 4100 udfs - ok
20:31:25.0878 4100 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
20:31:25.0886 4100 UI0Detect - ok
20:31:25.0949 4100 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
20:31:25.0951 4100 uliagpkx - ok
20:31:25.0977 4100 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys
20:31:25.0979 4100 umbus - ok
20:31:26.0016 4100 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\drivers\umpass.sys
20:31:26.0018 4100 UmPass - ok
20:31:26.0096 4100 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
20:31:26.0111 4100 upnphost - ok
20:31:26.0188 4100 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\windows\system32\drivers\usbaudio.sys
20:31:26.0190 4100 usbaudio - ok
20:31:26.0233 4100 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
20:31:26.0236 4100 usbccgp - ok
20:31:26.0269 4100 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
20:31:26.0274 4100 usbcir - ok
20:31:26.0301 4100 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
20:31:26.0307 4100 usbehci - ok
20:31:26.0357 4100 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
20:31:26.0372 4100 usbhub - ok
20:31:26.0390 4100 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\DRIVERS\usbohci.sys
20:31:26.0392 4100 usbohci - ok
20:31:26.0460 4100 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\drivers\usbprint.sys
20:31:26.0464 4100 usbprint - ok
20:31:26.0519 4100 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
20:31:26.0526 4100 USBSTOR - ok
20:31:26.0566 4100 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys
20:31:26.0568 4100 usbuhci - ok
20:31:26.0593 4100 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
20:31:26.0599 4100 usbvideo - ok
20:31:26.0649 4100 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
20:31:26.0657 4100 UxSms - ok
20:31:26.0678 4100 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
20:31:26.0681 4100 VaultSvc - ok
20:31:26.0712 4100 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
20:31:26.0714 4100 vdrvroot - ok
20:31:26.0757 4100 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
20:31:26.0780 4100 vds - ok
20:31:26.0859 4100 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
20:31:26.0861 4100 vga - ok
20:31:26.0900 4100 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
20:31:26.0901 4100 VgaSave - ok
20:31:26.0947 4100 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
20:31:26.0956 4100 vhdmp - ok
20:31:26.0994 4100 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
20:31:26.0996 4100 viaide - ok
20:31:27.0027 4100 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
20:31:27.0030 4100 volmgr - ok
20:31:27.0187 4100 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
20:31:27.0204 4100 volmgrx - ok
20:31:27.0482 4100 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\windows\system32\drivers\volsnap.sys
20:31:27.0490 4100 volsnap - ok
20:31:27.0617 4100 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\drivers\vsmraid.sys
20:31:27.0629 4100 vsmraid - ok
20:31:27.0749 4100 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
20:31:27.0810 4100 VSS - ok
20:31:27.0857 4100 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
20:31:27.0859 4100 vwifibus - ok
20:31:27.0916 4100 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
20:31:27.0919 4100 vwififlt - ok
20:31:28.0018 4100 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
20:31:28.0032 4100 W32Time - ok
20:31:28.0078 4100 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\drivers\wacompen.sys
20:31:28.0105 4100 WacomPen - ok
20:31:28.0169 4100 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
20:31:28.0172 4100 WANARP - ok
20:31:28.0183 4100 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
20:31:28.0185 4100 Wanarpv6 - ok
20:31:28.0273 4100 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
20:31:28.0295 4100 WatAdminSvc - ok
20:31:28.0385 4100 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
20:31:28.0411 4100 wbengine - ok
20:31:28.0447 4100 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
20:31:28.0457 4100 WbioSrvc - ok
20:31:28.0493 4100 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
20:31:28.0501 4100 wcncsvc - ok
20:31:28.0543 4100 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
20:31:28.0550 4100 WcsPlugInService - ok
20:31:28.0591 4100 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\drivers\wd.sys
20:31:28.0592 4100 Wd - ok
20:31:28.0663 4100 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
20:31:28.0679 4100 Wdf01000 - ok
20:31:28.0706 4100 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
20:31:28.0711 4100 WdiServiceHost - ok
20:31:28.0723 4100 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
20:31:28.0730 4100 WdiSystemHost - ok
20:31:28.0763 4100 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
20:31:28.0778 4100 WebClient - ok
20:31:28.0812 4100 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
20:31:28.0824 4100 Wecsvc - ok
20:31:28.0860 4100 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
20:31:28.0865 4100 wercplsupport - ok
20:31:28.0909 4100 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
20:31:28.0914 4100 WerSvc - ok
20:31:28.0965 4100 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
20:31:28.0966 4100 WfpLwf - ok
20:31:29.0011 4100 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
20:31:29.0012 4100 WIMMount - ok
20:31:29.0033 4100 WinHttpAutoProxySvc - ok
20:31:29.0200 4100 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
20:31:29.0218 4100 Winmgmt - ok
20:31:29.0373 4100 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
20:31:29.0421 4100 WinRM - ok
20:31:29.0483 4100 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
20:31:29.0485 4100 WinUsb - ok
20:31:29.0584 4100 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
20:31:29.0622 4100 Wlansvc - ok
20:31:29.0728 4100 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
20:31:29.0730 4100 wlcrasvc - ok
20:31:29.0868 4100 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:31:29.0905 4100 wlidsvc - ok
20:31:29.0959 4100 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
20:31:29.0960 4100 WmiAcpi - ok
20:31:30.0064 4100 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
20:31:30.0075 4100 wmiApSrv - ok
20:31:30.0161 4100 WMPNetworkSvc - ok
20:31:30.0201 4100 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
20:31:30.0207 4100 WPCSvc - ok
20:31:30.0243 4100 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
20:31:30.0248 4100 WPDBusEnum - ok
20:31:30.0282 4100 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
20:31:30.0284 4100 ws2ifsl - ok
20:31:30.0297 4100 WSearch - ok
20:31:30.0360 4100 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\windows\system32\drivers\WudfPf.sys
20:31:30.0365 4100 WudfPf - ok
20:31:30.0396 4100 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
20:31:30.0400 4100 WUDFRd - ok
20:31:30.0433 4100 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\windows\System32\WUDFSvc.dll
20:31:30.0441 4100 wudfsvc - ok
20:31:30.0477 4100 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
20:31:30.0484 4100 WwanSvc - ok
20:31:30.0559 4100 [ 9176C0822FAA649E45121875BE32F5D2 ] xusb21 C:\windows\system32\DRIVERS\xusb21.sys
20:31:30.0561 4100 xusb21 - ok
20:31:30.0594 4100 ================ Scan global ===============================
20:31:30.0659 4100 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
20:31:30.0727 4100 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\windows\system32\winsrv.dll
20:31:30.0764 4100 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\windows\system32\winsrv.dll
20:31:30.0814 4100 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
20:31:30.0866 4100 [ 50BEA589F7D7958BDD2528A8F69D05CC ] C:\windows\system32\services.exe
20:31:30.0876 4100 C:\windows\system32\services.exe ( Virus.Win64.ZAccess.a ) - infected
20:31:30.0876 4100 C:\windows\system32\services.exe - detected Virus.Win64.ZAccess.a (0)
20:31:30.0877 4100 ================ Scan MBR ==================================
20:31:30.0908 4100 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
20:31:31.0299 4100 \Device\Harddisk0\DR0 - ok
20:31:31.0300 4100 ================ Scan VBR ==================================
20:31:31.0323 4100 [ 0E8181833307AF9717CE06CA6178D97C ] \Device\Harddisk0\DR0\Partition1
20:31:31.0327 4100 \Device\Harddisk0\DR0\Partition1 - ok
20:31:31.0328 4100 ============================================================
20:31:31.0329 4100 Scan finished
20:31:31.0329 4100 ============================================================
20:31:31.0376 4156 Detected object count: 1
20:31:31.0376 4156 Actual detected object count: 1
20:31:34.0525 4156 C:\windows\system32\services.exe - copied to quarantine
20:31:34.0673 4156 C:\windows\assembly\GAC_32\desktop.ini - copied to quarantine
20:31:34.0676 4156 C:\windows\assembly\GAC_64\desktop.ini - copied to quarantine
20:31:34.0685 4156 C:\windows\installer\{1124a725-e7eb-82f4-e978-28044d39f9dc}\@ - copied to quarantine
20:31:34.0693 4156 C:\windows\installer\{1124a725-e7eb-82f4-e978-28044d39f9dc}\L\[email protected] - copied to quarantine
20:31:34.0695 4156 C:\windows\installer\{1124a725-e7eb-82f4-e978-28044d39f9dc}\L\201d3dde - copied to quarantine
20:31:34.0698 4156 C:\windows\installer\{1124a725-e7eb-82f4-e978-28044d39f9dc}\U\[email protected] - copied to quarantine
20:31:34.0711 4156 C:\windows\installer\{1124a725-e7eb-82f4-e978-28044d39f9dc}\U\[email protected] - copied to quarantine
20:31:34.0715 4156 C:\windows\installer\{1124a725-e7eb-82f4-e978-28044d39f9dc}\U\[email protected] - copied to quarantine
20:31:34.0726 4156 C:\windows\installer\{1124a725-e7eb-82f4-e978-28044d39f9dc}\U\[email protected] - copied to quarantine
20:31:34.0734 4156 C:\windows\installer\{1124a725-e7eb-82f4-e978-28044d39f9dc}\U\[email protected] - copied to quarantine
20:31:34.0746 4156 C:\windows\installer\{1124a725-e7eb-82f4-e978-28044d39f9dc}\U\[email protected] - copied to quarantine
20:31:46.0193 4156 Backup copy not found, trying to cure infected file..
20:31:46.0193 4156 C:\windows\system32\services.exe - Cure failed (FFFFFFFF)
20:31:46.0193 4156 C:\windows\system32\services.exe - processing error
20:31:46.0194 4156 C:\windows\system32\services.exe ( Virus.Win64.ZAccess.a ) - User select action: Cure
20:32:54.0549 4896 Deinitialize success
  • 0

#6
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hi Troks,

Download and Install Combofix

Download ComboFix from one of the following locations:

Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop *

IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

  • Double click on ComboFix.exe & follow the prompts.
  • Accept the disclaimer and allow to update if it asks

    Posted Image

    Posted Image
  • When finished, it shall produce a log for you.
  • Please include the C:\ComboFix.txt in your next reply.

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.


Please make sure you include the combo fix log in your next reply
  • 0

#7
Troks

Troks

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
Ok so I ran combofix. I did not disturb it at all during the process, after it finished the log popped up and I went to copy and paste it here, but I couldn't. None of my programs were working when I clicked on them. So I restarted my computer, figuring it was a glitch of some sort, and now I can't find my combofix log anywhere on my computer.
  • 0

#8
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hi Troks,

OK. Restart your system once and try to do Combofix scan one more time. If all goes right we will have log.

Also, how is your system now? Your current problems?
  • 0

#9
Troks

Troks

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
My computer is no longer experiencing the symptoms, but I will do what you have instructed.
  • 0

#10
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Yes please. You system is not clean jet. Do you remember my NOTES from the first post:

Absence of symptoms does not always mean the computer is clean


  • 0

#11
Troks

Troks

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
ComboFix 12-11-09.02 - mattroks 11/10/2012 12:12:06.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3687.1699 [GMT -5:00]
Running from: c:\users\mattroks\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\mattroks\AppData\Local\Temp\_MEI33162\_ctypes.pyd
c:\users\mattroks\AppData\Local\Temp\_MEI33162\_elementtree.pyd
c:\users\mattroks\AppData\Local\Temp\_MEI33162\_hashlib.pyd
c:\users\mattroks\AppData\Local\Temp\_MEI33162\_socket.pyd
c:\users\mattroks\AppData\Local\Temp\_MEI33162\_ssl.pyd
c:\users\mattroks\AppData\Local\Temp\_MEI33162\pyexpat.pyd
c:\users\mattroks\AppData\Local\Temp\_MEI33162\pysqlite2._sqlite.pyd
c:\users\mattroks\AppData\Local\Temp\_MEI33162\python26.dll
c:\users\mattroks\AppData\Local\Temp\_MEI33162\pythoncom26.dll
c:\users\mattroks\AppData\Local\Temp\_MEI33162\PyWinTypes26.dll
c:\users\mattroks\AppData\Local\Temp\_MEI33162\select.pyd
c:\users\mattroks\AppData\Local\Temp\_MEI33162\unicodedata.pyd
c:\users\mattroks\AppData\Local\Temp\_MEI33162\win32api.pyd
c:\users\mattroks\AppData\Local\Temp\_MEI33162\win32com.shell.shell.pyd
c:\users\mattroks\AppData\Local\Temp\_MEI33162\win32crypt.pyd
c:\users\mattroks\AppData\Local\Temp\_MEI33162\win32event.pyd
c:\users\mattroks\AppData\Local\Temp\_MEI33162\win32file.pyd
c:\users\mattroks\AppData\Local\Temp\_MEI33162\win32inet.pyd
c:\users\mattroks\AppData\Local\Temp\_MEI33162\win32pdh.pyd
c:\users\mattroks\AppData\Local\Temp\_MEI33162\win32process.pyd
c:\users\mattroks\AppData\Local\Temp\_MEI33162\win32profile.pyd
c:\users\mattroks\AppData\Local\Temp\_MEI33162\win32security.pyd
c:\users\mattroks\AppData\Local\Temp\_MEI33162\win32ts.pyd
c:\users\mattroks\AppData\Local\Temp\_MEI33162\windows._cacheinvalidation.pyd
c:\users\mattroks\AppData\Local\Temp\_MEI33162\wx._controls_.pyd
c:\users\mattroks\AppData\Local\Temp\_MEI33162\wx._core_.pyd
c:\users\mattroks\AppData\Local\Temp\_MEI33162\wx._gdi_.pyd
c:\users\mattroks\AppData\Local\Temp\_MEI33162\wx._html2.pyd
c:\users\mattroks\AppData\Local\Temp\_MEI33162\wx._misc_.pyd
c:\users\mattroks\AppData\Local\Temp\_MEI33162\wx._windows_.pyd
c:\users\mattroks\AppData\Local\Temp\_MEI33162\wx._wizard.pyd
c:\users\mattroks\AppData\Local\Temp\_MEI33162\wxbase293u_net_vc.dll
c:\users\mattroks\AppData\Local\Temp\_MEI33162\wxbase293u_vc.dll
c:\users\mattroks\AppData\Local\Temp\_MEI33162\wxmsw293u_adv_vc.dll
c:\users\mattroks\AppData\Local\Temp\_MEI33162\wxmsw293u_core_vc.dll
c:\users\mattroks\AppData\Local\Temp\_MEI33162\wxmsw293u_html_vc.dll
c:\users\mattroks\AppData\Local\Temp\_MEI33162\wxmsw293u_webview_vc.dll
.
.
((((((((((((((((((((((((( Files Created from 2012-10-10 to 2012-11-10 )))))))))))))))))))))))))))))))
.
.
2012-11-10 17:31 . 2012-11-10 17:31 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-11-10 17:31 . 2012-11-10 17:31 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2012-11-08 22:10 . 2012-11-08 22:10 -------- d-----w- c:\users\mattroks\.merlot
2012-11-07 02:15 . 2012-11-07 02:18 -------- d-----w- c:\users\mattroks\AppData\Roaming\Xfire
2012-11-07 02:13 . 2012-11-07 02:18 -------- d-----w- c:\programdata\Xfire
2012-11-07 02:13 . 2012-11-07 02:13 -------- d-----w- c:\program files (x86)\Xfire
2012-11-06 17:56 . 2012-11-06 17:57 -------- d-----w- c:\users\mattroks\AppData\Roaming\Notepad++
2012-11-06 17:56 . 2012-11-06 17:56 -------- d-----w- c:\program files (x86)\Notepad++
2012-11-03 00:26 . 2012-11-07 22:26 -------- d-----w- C:\TDSSKiller_Quarantine
2012-11-02 22:56 . 2012-11-02 22:56 -------- d-----w- C:\AVGTemp
2012-11-01 20:13 . 2012-11-01 20:13 -------- d-----w- c:\program files\CCleaner
2012-11-01 19:30 . 2012-11-01 19:30 -------- d-----w- c:\users\mattroks\AppData\Roaming\Malwarebytes
2012-11-01 19:29 . 2012-11-01 19:29 -------- d-----w- c:\programdata\Malwarebytes
2012-11-01 19:29 . 2012-11-01 19:29 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-11-01 19:29 . 2012-09-29 23:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-11-01 15:50 . 2012-06-22 15:38 767960 ----a-w- c:\windows\BDTSupport.dll1152.old
2012-11-01 15:50 . 2012-06-22 15:39 149464 ----a-w- c:\windows\SGDetectionTool.dll1152.old
2012-11-01 15:50 . 2012-06-22 15:39 2267096 ----a-w- c:\windows\PCTBDCore.dll1152.old
2012-11-01 15:48 . 2012-11-01 15:48 -------- d-----w- c:\program files (x86)\PC Tools
2012-11-01 15:44 . 2012-06-22 19:35 251560 ----a-w- c:\windows\system32\drivers\PCTSD64.sys
2012-11-01 15:44 . 2012-11-01 19:10 -------- d-----w- c:\program files (x86)\Common Files\PC Tools
2012-11-01 15:44 . 2012-11-01 19:06 -------- d-----w- c:\programdata\PC Tools
2012-11-01 15:44 . 2012-11-01 15:44 -------- d-----w- c:\users\mattroks\AppData\Roaming\TestApp
2012-10-30 18:38 . 2012-10-30 18:38 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%
2012-10-30 18:13 . 2012-10-30 18:13 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-10-30 18:13 . 2012-10-30 18:13 -------- d-----w- c:\windows\system32\Macromed
2012-10-30 18:05 . 2012-10-30 18:05 -------- d-----w- c:\program files (x86)\MDickie
2012-10-30 03:33 . 2012-10-30 03:33 -------- d-----w- c:\users\Default\AppData\Local\Google
2012-10-28 15:26 . 2012-10-28 15:26 -------- d-----w- c:\program files (x86)\Eidos
2012-10-27 09:12 . 2012-10-27 09:12 42440 ----a-w- c:\windows\SysWow64\xfcodec.dll
2012-10-27 09:12 . 2012-10-27 09:12 28104 ----a-w- c:\windows\system32\xfcodec64.dll
2012-10-21 04:19 . 2001-04-11 08:47 80384 ----a-w- c:\windows\gamedelete.exe
2012-10-21 04:18 . 2012-10-21 04:18 -------- d-----w- c:\program files (x86)\ASCII
2012-10-20 02:33 . 2012-10-20 02:34 -------- d-----w- c:\program files (x86)\Application Updater
2012-10-20 02:33 . 2012-10-20 02:33 -------- d-----w- c:\program files (x86)\Common Files\Spigot
2012-10-16 00:28 . 2012-10-16 02:51 -------- d-----w- c:\program files (x86)\VirtualDJ
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-30 18:13 . 2011-10-31 03:37 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-09-14 19:19 . 2012-10-10 15:34 2048 ----a-w- c:\windows\system32\tzres.dll
2012-09-14 18:28 . 2012-10-10 15:34 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-09-01 21:25 . 2012-09-01 21:25 431104 ----a-w- c:\windows\system32\wrap_oal.dll
2012-09-01 21:25 . 2012-09-01 21:25 409600 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2012-09-01 21:25 . 2012-09-01 21:25 136192 ----a-w- c:\windows\system32\OpenAL32.dll
2012-09-01 21:25 . 2012-09-01 21:25 114688 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2012-08-31 18:19 . 2012-10-10 15:34 1659760 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-08-30 18:03 . 2012-10-10 15:35 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-08-30 17:12 . 2012-10-10 15:35 3914096 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-08-30 17:12 . 2012-10-10 15:35 3968880 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-08-24 18:05 . 2012-10-10 15:34 220160 ----a-w- c:\windows\system32\wintrust.dll
2012-08-24 16:57 . 2012-10-10 15:34 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-08-24 11:15 . 2012-09-22 17:06 17810944 ----a-w- c:\windows\system32\mshtml.dll
2012-08-24 10:39 . 2012-09-22 17:06 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-08-24 10:31 . 2012-09-22 17:06 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-08-24 10:22 . 2012-09-22 17:07 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-08-24 10:21 . 2012-09-22 17:06 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-08-24 10:20 . 2012-09-22 17:06 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-08-24 10:18 . 2012-09-22 17:07 237056 ----a-w- c:\windows\system32\url.dll
2012-08-24 10:17 . 2012-09-22 17:06 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-08-24 10:14 . 2012-09-22 17:07 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-08-24 10:14 . 2012-09-22 17:06 816640 ----a-w- c:\windows\system32\jscript.dll
2012-08-24 10:13 . 2012-09-22 17:06 599040 ----a-w- c:\windows\system32\vbscript.dll
2012-08-24 10:12 . 2012-09-22 17:06 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-08-24 10:11 . 2012-09-22 17:06 729088 ----a-w- c:\windows\system32\msfeeds.dll
2012-08-24 10:10 . 2012-09-22 17:07 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-08-24 10:09 . 2012-09-22 17:07 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-08-24 10:04 . 2012-09-22 17:07 248320 ----a-w- c:\windows\system32\ieui.dll
2012-08-24 06:59 . 2012-09-22 17:06 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-08-24 06:51 . 2012-09-22 17:06 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-08-24 06:51 . 2012-09-22 17:06 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-08-24 06:47 . 2012-09-22 17:07 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-08-24 06:47 . 2012-09-22 17:07 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-08-24 06:43 . 2012-09-22 17:07 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-08-22 18:12 . 2012-09-12 11:27 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-08-22 18:12 . 2012-09-12 11:27 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-08-22 18:12 . 2012-09-12 11:27 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2012-08-22 18:12 . 2012-09-12 11:27 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-08-21 21:01 . 2012-09-26 14:43 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-08-20 18:48 . 2012-10-10 15:36 243200 ----a-w- c:\windows\system32\wow64.dll
2012-08-20 18:48 . 2012-10-10 15:36 362496 ----a-w- c:\windows\system32\wow64win.dll
2012-08-20 18:48 . 2012-10-10 15:36 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2012-08-20 18:48 . 2012-10-10 15:36 215040 ----a-w- c:\windows\system32\winsrv.dll
2012-08-20 18:48 . 2012-10-10 15:36 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2012-08-20 18:48 . 2012-10-10 15:36 424448 ----a-w- c:\windows\system32\KernelBase.dll
2012-08-20 18:48 . 2012-10-10 15:36 1162240 ----a-w- c:\windows\system32\kernel32.dll
2012-08-20 18:46 . 2012-10-10 15:36 338432 ----a-w- c:\windows\system32\conhost.exe
2012-08-20 18:38 . 2012-10-10 15:36 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:36 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:36 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:36 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:36 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:36 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:36 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:36 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:36 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:36 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:36 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:36 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:36 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:36 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:36 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:36 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:36 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:36 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:36 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:36 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:36 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:36 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:36 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:36 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:36 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:36 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:36 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:36 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-08-20 17:40 . 2012-10-10 15:36 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2012-08-20 17:38 . 2012-10-10 15:36 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-08-20 17:38 . 2012-10-10 15:36 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2012-08-20 17:37 . 2012-10-10 15:36 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2012-08-20 17:37 . 2012-10-10 15:36 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll
2012-08-20 17:32 . 2012-10-10 15:36 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 15:36 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 15:36 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 15:36 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 15:36 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 15:36 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 15:36 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 15:36 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 15:36 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 15:36 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 15:36 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 15:36 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 15:36 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 15:36 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 15:36 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 15:36 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 15:36 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 15:36 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 15:36 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}]
c:\program files (x86)\Dealio Toolbar\IE\6.5\dealioToolbarIE.dll [BU]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2012-07-04 19:03 1310040 ----a-r- c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2012-07-04 1310040]
"{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}"= "c:\program files (x86)\Dealio Toolbar\IE\6.5\dealioToolbarIE.dll" [BU]
.
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
.
[HKEY_CLASSES_ROOT\clsid\{01398b87-61af-4ffb-9ab5-1a1c5fb39a9c}]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 15:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 15:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 15:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 15:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 15:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 15:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 15:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 15:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 15:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 94208 ----a-w- c:\users\mattroks\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 94208 ----a-w- c:\users\mattroks\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 94208 ----a-w- c:\users\mattroks\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 94208 ----a-w- c:\users\mattroks\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-07-13 17418928]
"BitTorrent"="c:\program files (x86)\BitTorrent\BitTorrent.exe" [2012-03-04 650104]
"F.lux"="c:\users\mattroks\Local Settings\Apps\F.lux\flux.exe" [2009-08-29 966656]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-02-13 3481408]
"MP3 Skype Recorder"="c:\program files (x86)\MP3 Skype Recorder\MP3 Skype Recorder.exe" [2011-11-18 1975296]
"Desura"="c:\program files (x86)\Desura\desura.exe" [2012-02-26 2529096]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-12-26 39408]
"Greenshot"="c:\program files (x86)\Greenshot\Greenshot.exe" [2010-07-12 548864]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2012-06-08 880528]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2012-08-14 1353080]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2012-10-25 16052192]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-06-08 336384]
"ToshibaServiceStation"="c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2011-07-12 1298816]
"NortonOnlineBackupReminder"="c:\program files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe" [2011-06-22 3218864]
"ToshibaAppPlace"="c:\program files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe" [2010-09-23 552960]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2008-05-27 413696]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
"SweetIM"="c:\program files (x86)\SweetIM\Messenger\SweetIM.exe" [2012-05-29 115032]
"Sweetpacks Communicator"="c:\program files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe" [2012-08-15 231768]
"WinampAgent"="c:\program files (x86)\Winamp\winampa.exe" [2012-06-28 74752]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-08-29 1996200]
"SearchSettings"="c:\program files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe" [2012-10-16 1111432]
.
c:\users\mattroks\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\mattroks\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-11-5 26619512]
OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux7"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-03 160944]
R3 Desura Install Service;Desura Install Service;c:\program files (x86)\Common Files\Desura\desura_service.exe [2012-02-26 131912]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys [2011-11-10 115272]
R3 PCTBD;PC Tools Browser Defender Driver;c:\windows\system32\Drivers\PCTBD64.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-10-08 243712]
R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2011-07-12 57216]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2011-06-10 138152]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-02-17 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys [2010-11-05 75904]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys [2010-11-05 38016]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2011-03-04 55856]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-06-08 204288]
S2 Application Updater;Application Updater;c:\program files (x86)\Application Updater\ApplicationUpdater.exe [2012-10-09 799112]
S2 BroadCamService;BroadCam Video Streaming Server;c:\program files (x86)\NCH Software\BroadCam\broadcam.exe [2012-05-03 2469380]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-08-29 2369960]
S2 Norton PC Checkup Application Launcher;Toshiba Laptop Checkup Application Launcher;c:\program files (x86)\Norton PC Checkup\Engine\2.0.13.11\SymcPCCULaunchSvc.exe [2011-07-19 123320]
S2 PCCUJobMgr;Common Client Job Manager Service;c:\program files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe [2011-07-19 126392]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-02-16 283200]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-11-11 137512]
S3 FwLnk;FwLnk Driver;c:\windows\system32\DRIVERS\FwLnk.sys [2009-07-07 9216]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2010-09-27 76912]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [2011-02-09 38096]
S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\DRIVERS\rtl8192Ce.sys [2011-01-05 1109096]
S3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys [2010-07-01 38992]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-11-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-26 08:16]
.
2012-11-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-26 08:16]
.
2012-11-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1948912164-410549572-1474110350-1001Core.job
- c:\users\mattroks\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-14 22:23]
.
2012-11-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1948912164-410549572-1474110350-1001UA.job
- c:\users\mattroks\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-14 22:23]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 15:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 15:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 15:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 15:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 15:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 15:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 15:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 15:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 15:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 97792 ----a-w- c:\users\mattroks\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 97792 ----a-w- c:\users\mattroks\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 97792 ----a-w- c:\users\mattroks\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 97792 ----a-w- c:\users\mattroks\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2012-10-25 19:45 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2012-10-25 19:45 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2012-10-25 19:45 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2012-10-25 19:45 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2010-12-14 316032]
"ETDCtrl"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"TPwrMain"="c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE" [BU]
"TCrdMain"="c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe" [BU]
"TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 24376]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2011-06-10 710560]
"TosNC"="c:\program files (x86)\Toshiba\BulletinBoard\TosNcCore.exe" [BU]
"TosReelTimeMonitor"="c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe" [BU]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-05-29 499608]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
FF - ProfilePath - c:\users\mattroks\AppData\Roaming\Mozilla\Firefox\Profiles\o9iyxwfv.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.ask.com/?l=dis&o=14676
FF - prefs.js: keyword.URL - hxxp://search.sweetim.com/search.asp?src=2&crg=3.1010000.10001&q=
FF - ExtSQL: 2012-09-25 19:12; [email protected]; c:\program files (x86)\Common Files\Spigot\wtxpcom
FF - ExtSQL: 2012-09-25 19:12; [email protected]; c:\program files (x86)\Dealio Toolbar\FF
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
AddRemove-Descent Manager Tools - c:\windows\system32\uninstdm.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCCUJobMgr]
"ImagePath"="\"c:\program files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe\" /s \"PCCUJobMgr\" /m \"c:\program files (x86)\Norton PC Checkup\Engine\2.0.13.11\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}"=hex:51,66,7a,6c,4c,1d,38,12,df,c1,0b,
27,57,07,ba,54,e4,0e,43,d0,22,fb,89,5b
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=hex:51,66,7a,6c,4c,1d,38,12,11,7f,11,
d0,78,5b,08,05,de,bb,01,03,dd,4c,30,54
"{BFC39E47-D643-4DC2-AA1D-61377501C844}"=hex:51,66,7a,6c,4c,1d,38,12,29,9d,d0,
bb,71,98,ac,08,d5,0b,22,77,70,5f,8c,50
"{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}"=hex:51,66,7a,6c,4c,1d,38,12,e9,88,2a,
05,9d,2f,95,0a,e5,a3,59,5c,5a,ed,de,88
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}"=hex:51,66,7a,6c,4c,1d,38,12,7c,f0,b1,
38,5c,21,3d,0e,d9,78,0d,25,e1,c9,8c,d4
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{AA58ED58-01DD-4D91-8333-CF10577473F7}"=hex:51,66,7a,6c,4c,1d,38,12,36,ee,4b,
ae,ef,4f,ff,08,fc,25,8c,50,52,2a,37,e3
"{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}"=hex:51,66,7a,6c,4c,1d,38,12,07,5b,93,
aa,6e,60,ba,0b,f0,6d,b2,b7,80,44,00,83
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:3f,da,c3,72,64,70,cd,01
.
[HKEY_USERS\S-1-5-21-1948912164-410549572-1474110350-1001\Software\SecuROM\License information*]
"datasecu"=hex:f7,09,99,6b,7a,ed,54,1e,ac,ed,8e,e3,d3,bc,40,0a,88,0d,4a,73,a7,
96,7b,ed,83,eb,64,24,3c,3d,08,87,f6,d1,e9,7a,80,46,32,72,e4,47,5c,0d,be,d4,\
"rkeysecu"=hex:37,56,83,d6,ff,0d,77,ec,21,b3,9b,7d,bb,45,09,08
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-11-10 12:41:19 - machine was rebooted
ComboFix-quarantined-files.txt 2012-11-10 17:41
ComboFix2.txt 2012-11-09 02:20
.
Pre-Run: 90,164,252,672 bytes free
Post-Run: 89,978,060,800 bytes free
.
- - End Of File - - 8B774F71E7E86363C4684357398434E2
  • 0

#12
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Combofix removed a lot of files. Things are looking good :)

Please update your Malwarebytes and do Quick Scan. Remove all findings and post log it give you here to me.
  • 0

#13
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hi Troks,

Did you manage to run Malwarebytes?
  • 0

#14
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP