Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Re-done scan OTL as suggested. [Closed]

Started by VictoriaSquirrel , Nov 18 2012 08:22 AM

  • This topic is locked This topic is locked

#1
VictoriaSquirrel
Posted 18 November 2012 - 08:22 AM

VictoriaSquirrel

    Member

  • Member
  • PipPip
  • 11 posts
Hello. I hope there is help out there? I am told I have infected my friends computer via a memory stick I gave her. She had a technician out, so I know it is true. My computer is having severe problems. It keeps "cutting out" (like it is unplugged), I often get the black screen, the internet (today) keeps dropping, also this morning it took a lot of starting: no sign of life for a long time. Totally unstable. I have done CHKDSK, I have checked the memory - all no problems. I have just done a Hijack This scan, which I attach, as I do not understand it. Quite often it tells me that "Google/Explorer cannot find this app - e.g. Mail.I usually disconnect internet and try again.

I am using Windows Vista Home Premium. My AV (up to date)is AVG, I have done many scans: CCleaner, Malwarebytes etc. but can find nothing. Also I have scanned the memory stick. Internet is via a dongle key Vodafone Italy.

I would appreciate any help you can give, to keep this computer in business. Thanks.VS

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:58:42, on 18/11/2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16450)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\AVG\AVG10\avgtray.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe
C:\Users\LUKILADY\Desktop\clean\HijackThis.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - AutorunsDisabled - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - (no file)
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe
O23 - Service: eDataSecurity Service - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Macrium Reflect Image Mounting Service (ReflectService.exe) - Unknown owner - C:\Program Files\Macrium\Reflect\ReflectService.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files\Secunia\PSI\PSIA.exe
O23 - Service: Secunia Update Agent - Secunia - C:\Program Files\Secunia\PSI\sua.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Vodafone Mobile Broadband Service (VmbService) - Vodafone - C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 8499 bytes

Attached Thumbnails

  • PS_Hijack This info.png

  • 0

Advertisements

#2
Essexboy
Posted 18 November 2012 - 08:44 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there Hijackthis no longer gives sufficient data

Download OTL to your Desktop
Secondary link
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.

    Posted Image
  • Select All Users
  • Under the Custom Scan box paste this in

    netsvcs
    BASESERVICES
    %SYSTEMDRIVE%\*.exe
    /md5start
    services.*
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    winsock.*
    /md5stop
    CREATERESTOREPOINT
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Post both logs

THEN

Download aswMBR.exe ( 4.5mb ) to your desktop.
Double click the aswMBR.exe to run it Click the "Scan" button to start scan

Posted Image


On completion of the scan click save log, save it to your desktop and post in your next reply
  • 0

#3
VictoriaSquirrel
Posted 18 November 2012 - 10:36 AM

VictoriaSquirrel

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
Hello again, and thanks for your reply Essexboy. I have now done the scan as suggested with OTL. Hopefully this is attached. Please refer to the post a few posts down from this one. Hope you can help, and very many thanks. VS

scans:

OTL logfile created on: 18/11/2012 16:39:38 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\LUKILADY\Documents\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 0.69 Gb Available Physical Memory | 34.76% Memory free
4.23 Gb Paging File | 2.84 Gb Available in Paging File | 67.29% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 69.78 Gb Total Space | 9.03 Gb Free Space | 12.93% Space Free | Partition Type: NTFS
Drive D: | 69.51 Gb Total Space | 43.85 Gb Free Space | 63.08% Space Free | Partition Type: NTFS
Drive F: | 983.22 Mb Total Space | 18.61 Mb Free Space | 1.89% Space Free | Partition Type: FAT
Drive G: | 40.37 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: FREESPIRIT-VS | User Name: LUKILADY | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/11/18 16:09:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\LUKILADY\Documents\Downloads\OTL.exe
PRC - [2012/11/17 09:54:59 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
PRC - [2012/10/02 11:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012/08/21 04:32:24 | 000,224,960 | ---- | M] () -- C:\Program Files\Macrium\Reflect\ReflectService.exe
PRC - [2012/08/01 03:48:54 | 002,345,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgtray.exe
PRC - [2012/07/27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/01/31 15:02:52 | 007,391,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2011/10/14 07:01:50 | 000,994,360 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psia.exe
PRC - [2011/10/14 07:01:48 | 000,399,416 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\sua.exe
PRC - [2011/09/09 02:10:56 | 001,082,208 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgnsx.exe
PRC - [2011/08/18 00:33:26 | 000,659,296 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgrsx.exe
PRC - [2011/05/23 13:13:04 | 000,657,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe
PRC - [2011/03/28 02:00:52 | 000,351,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgcsrvx.exe
PRC - [2011/03/16 15:05:20 | 001,025,888 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgemcx.exe
PRC - [2011/02/10 06:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2011/02/08 04:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe
PRC - [2010/09/08 15:44:16 | 000,008,704 | ---- | M] (Vodafone) -- C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
PRC - [2010/09/08 15:44:12 | 000,272,384 | ---- | M] (Vodafone) -- C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe
PRC - [2009/05/14 16:07:14 | 000,759,048 | ---- | M] (ABBYY) -- C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/10/16 17:26:20 | 000,860,160 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe
PRC - [2008/10/16 16:54:34 | 000,466,944 | ---- | M] (Intel® Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
PRC - [2007/04/24 19:17:34 | 000,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
PRC - [2007/02/07 08:04:26 | 000,457,512 | ---- | M] (HiTRSUT) -- C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
PRC - [2007/01/31 18:18:42 | 000,053,248 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
PRC - [2007/01/02 17:33:24 | 000,135,168 | ---- | M] (acer) -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
PRC - [2006/12/29 04:07:22 | 000,126,976 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eNet\eNet Service.exe
PRC - [2006/12/22 22:43:18 | 000,024,576 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe


========== Modules (No Company Name) ==========

MOD - [2012/11/18 15:56:46 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\741164a3e36f879b9f9e3ff176465127\System.Xml.ni.dll
MOD - [2012/11/18 15:56:17 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\22e554f2c4da53c07e4815a24e2d50e2\System.Windows.Forms.ni.dll
MOD - [2012/11/18 15:55:14 | 001,592,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\2c6cd37f29fc76d6c2ed6bbed202d82c\System.Drawing.ni.dll
MOD - [2012/11/18 15:55:05 | 010,683,392 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Design\2e4fdf9504741254b2f3dcca3fedb057\System.Design.ni.dll
MOD - [2012/11/18 15:54:26 | 006,621,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\ee724aeea5f1b9d8a01fa6047fd2ef99\System.Data.ni.dll
MOD - [2012/11/18 15:53:00 | 007,976,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b2052acbbbba4f98585196872195e009\System.ni.dll
MOD - [2012/11/18 15:52:05 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7ad9c44df3b85848590e63f13fc59804\mscorlib.ni.dll
MOD - [2012/09/14 18:17:42 | 000,054,768 | ---- | M] () -- C:\Users\LUKILADY\AppData\Local\assembly\dl3\56EJHZDX.8CC\4G2EPON5.QWJ\1a52b42e\00ce9d15_99cbcc01\Google.Connect.Plugin.resources.DLL
MOD - [2012/09/14 18:17:37 | 000,955,888 | ---- | M] () -- C:\Users\LUKILADY\AppData\Local\assembly\dl3\56EJHZDX.8CC\4G2EPON5.QWJ\d905fe8a\00df8008_99cbcc01\Interop.Excel.DLL
MOD - [2012/09/14 18:17:37 | 000,210,416 | ---- | M] () -- C:\Users\LUKILADY\AppData\Local\assembly\dl3\56EJHZDX.8CC\4G2EPON5.QWJ\408dbffc\00b24f07_99cbcc01\Interop.PowerPoint.DLL
MOD - [2012/09/14 18:17:37 | 000,157,168 | ---- | M] () -- C:\Users\LUKILADY\AppData\Local\assembly\dl3\56EJHZDX.8CC\4G2EPON5.QWJ\480670fd\000cb209_99cbcc01\Interop.Office.DLL
MOD - [2012/09/14 18:17:36 | 000,501,232 | ---- | M] () -- C:\Users\LUKILADY\AppData\Local\assembly\dl3\56EJHZDX.8CC\4G2EPON5.QWJ\8005ac74\000cb209_99cbcc01\Interop.Word.DLL
MOD - [2012/09/14 18:17:36 | 000,140,272 | ---- | M] () -- C:\Users\LUKILADY\AppData\Local\assembly\dl3\56EJHZDX.8CC\4G2EPON5.QWJ\e9fb2f2b\00b24f07_99cbcc01\protobuf-net.DLL
MOD - [2012/04/23 12:01:12 | 000,630,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
MOD - [2012/03/22 12:02:38 | 005,025,792 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
MOD - [2012/01/05 11:58:56 | 000,472,560 | ---- | M] () -- C:\Program Files\Google\Connect\Office\2.0\adxloader.dll
MOD - [2011/12/18 17:03:43 | 000,870,256 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Word.dll
MOD - [2011/10/05 03:52:30 | 000,756,048 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSPTLS.DLL
MOD - [2011/02/10 06:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
MOD - [2010/03/04 13:53:19 | 000,258,048 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
MOD - [2009/04/11 07:28:21 | 000,368,640 | ---- | M] () -- C:\Windows\System32\msjetoledb40.dll
MOD - [2009/03/30 05:42:20 | 002,048,000 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2009/03/30 05:42:19 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2009/03/30 05:42:19 | 000,261,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2009/03/30 05:42:19 | 000,114,688 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
MOD - [2009/03/30 05:42:18 | 000,372,736 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
MOD - [2009/03/30 05:42:17 | 002,933,760 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2009/03/30 05:42:17 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll
MOD - [2009/03/30 05:42:11 | 000,069,120 | ---- | M] () -- C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
MOD - [2009/03/30 05:42:10 | 000,010,752 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
MOD - [2007/03/23 03:43:51 | 000,004,608 | ---- | M] () -- C:\Windows\assembly\GAC\Extensibility\7.0.3300.0__b03f5f7f11d50a3a\Extensibility.dll


========== Services (SafeList) ==========

SRV - [2012/11/17 09:54:59 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2012/10/02 11:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012/08/21 04:32:24 | 000,224,960 | ---- | M] () [Auto | Running] -- C:\Program Files\Macrium\Reflect\ReflectService.exe -- (ReflectService.exe)
SRV - [2012/08/16 21:16:59 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/07/13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/01/31 15:02:52 | 007,391,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/10/14 07:01:50 | 000,994,360 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\psia.exe -- (Secunia PSI Agent)
SRV - [2011/10/14 07:01:48 | 000,399,416 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2011/02/08 04:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010/09/08 15:44:16 | 000,008,704 | ---- | M] (Vodafone) [Auto | Running] -- C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe -- (VmbService)
SRV - [2009/05/14 16:07:14 | 000,759,048 | ---- | M] (ABBYY) [Auto | Running] -- C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Sprint.9.0)
SRV - [2008/10/16 17:26:20 | 000,860,160 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2008/10/16 16:54:34 | 000,466,944 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2008/01/19 08:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/04/24 19:17:34 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe -- (eSettingsService)
SRV - [2007/02/07 08:04:26 | 000,457,512 | ---- | M] (HiTRSUT) [Auto | Running] -- C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe -- (eDataSecurity Service)
SRV - [2007/01/31 18:18:42 | 000,053,248 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe -- (eRecoveryService)
SRV - [2007/01/02 17:33:24 | 000,135,168 | ---- | M] (acer) [Auto | Running] -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe -- (WMIService)
SRV - [2006/12/29 04:07:22 | 000,126,976 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\eNet\eNet Service.exe -- (eNet Service)
SRV - [2006/12/22 22:43:18 | 000,024,576 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe -- (eLockService)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | Disabled | Stopped] -- system32\DRIVERS\UIUSYS.SYS -- (UIUSys)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [File_System | Boot | Stopped] -- system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\ftdibus.sys -- (FTDIBUS)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2012/08/21 04:33:27 | 000,016,064 | ---- | M] (Macrium Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pssnap.sys -- (pssnap)
DRV - [2012/08/21 04:33:19 | 000,053,952 | ---- | M] (Macrium Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\psmounter.sys -- (PSMounter)
DRV - [2012/01/26 14:04:11 | 000,101,720 | ---- | M] (Sunbelt Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\SBREDrv.sys -- (SBRE)
DRV - [2012/01/05 00:01:54 | 000,032,768 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\taphss.sys -- (taphss)
DRV - [2011/07/22 17:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 22:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/05/27 18:05:18 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011/04/04 23:59:56 | 000,297,168 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011/03/16 15:03:20 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/03/01 13:25:18 | 000,034,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/02/22 07:12:38 | 000,022,992 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV - [2011/02/10 06:53:30 | 000,028,624 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011/02/10 06:53:28 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011/01/07 05:41:46 | 000,248,656 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2010/09/08 09:23:14 | 000,113,664 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2010/09/08 09:23:14 | 000,103,168 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2010/09/08 09:23:14 | 000,101,120 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ewusbfake.sys -- (hwusbfake)
DRV - [2010/09/01 09:30:58 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\psi_mf.sys -- (PSI)
DRV - [2010/01/18 18:22:30 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2008/12/08 16:21:18 | 000,110,080 | ---- | M] (ZTE Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbnet.sys -- (ZTEusbnet)
DRV - [2008/12/08 16:21:18 | 000,105,344 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - [2008/12/08 16:21:18 | 000,104,960 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\zteusbvoice.sys -- (ZTEusbvoice)
DRV - [2008/12/08 16:21:18 | 000,104,960 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - [2008/12/08 16:21:18 | 000,104,960 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - [2008/12/08 16:21:18 | 000,007,680 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\massfilter.sys -- (massfilter)
DRV - [2008/11/17 07:40:22 | 003,668,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32)
DRV - [2007/10/11 11:24:00 | 000,079,104 | ---- | M] (Softwareentwicklung Remus - ArchiCrypt ) [Driver] [Kernel | System | Running] -- C:\Windows\System32\drivers\sleen16.sys -- (SLEE_16_DRIVER)
DRV - [2007/08/21 09:13:03 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\point32k.sys -- (Point32)
DRV - [2007/07/02 23:37:10 | 000,131,616 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\nvrd32.sys -- (nvrd32)
DRV - [2007/02/24 23:14:00 | 002,216,448 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32)
DRV - [2006/12/27 02:57:12 | 000,817,968 | ---- | M] (Bison Electronics. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BisonC07.sys -- (Cam5607)
DRV - [2006/12/20 06:50:00 | 004,448,160 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2006/12/07 18:12:02 | 000,076,584 | ---- | M] () [Kernel | Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15)
DRV - [2006/11/02 08:30:54 | 001,781,760 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32)
DRV - [2006/11/02 08:30:53 | 000,045,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006/10/25 07:36:48 | 000,042,240 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ESD7SK.sys -- (ESDCR)
DRV - [2006/10/25 07:36:44 | 000,076,928 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ESM7SK.sys -- (ESMCR)
DRV - [2006/10/25 07:36:36 | 000,062,208 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\EMS7SK.sys -- (EMSCR)
DRV - [2006/10/18 23:44:30 | 000,031,232 | ---- | M] (SMSC) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\smscirda.sys -- (SMSCIRDA)
DRV - [2006/10/02 11:38:48 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\pfc.sys -- (pfc)
DRV - [2006/08/05 01:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2005/11/24 12:51:38 | 000,245,248 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rt73.sys -- (RT73)
DRV - [2005/06/01 01:11:24 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2001/10/02 23:47:28 | 000,051,072 | ---- | M] (SCM Microsystems Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\EUSBMSD.SYS -- (EUSBMSD)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft...er=6&ar=msnhome
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://home.microsof...arch/search.asp
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://home.microsof...obby/search.asp
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2462170

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\LUKILADY\Desktop
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft...er=6&ar=msnhome
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://home.microsof...arch/search.asp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 0
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...er=6&ar=msnhome
IE - HKCU\..\URLSearchHook: *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - No CLSID value found
IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://www.google.co...q={searchTerms}
IE - HKCU\..\SearchScopes\{DF726A2B-0B8B-49A5-A9B3-FC27CFD8E33B}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{E17B4A14-ACE0-4962-836F-64AA66A9490B}: "URL" = http://rover.ebay.co...e={searchTerms}
IE - HKCU\..\SearchScopes\{E3C61CA2-C147-44BA-BDF6-66B9F1C7E7E2}: "URL" = http://www.google.co...&rlz=1I7IRFD_en
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.0.60401.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2010/01/23 11:55:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2012/09/18 12:57:20 | 000,000,000 | ---D | M]


========== Chrome ==========

CHR - homepage: http://uk.msn.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = http://www.google.co...utputEncoding?}
CHR - default_search_provider: suggest_url =
CHR - homepage: http://uk.msn.com/
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\LUKILADY\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.64\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.64\pdf.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java™ Platform SE 7 U2 (Enabled) = C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.0.60401.0\npctrl.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Google Translate = C:\Users\LUKILADY\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb\1.2.4_0\
CHR - Extension: Awesome Screenshot: Capture & Annotate = C:\Users\LUKILADY\AppData\Local\Google\Chrome\User Data\Default\Extensions\alelhddbbhepgpmgidjdcjakblofbmce\3.3.8_0\
CHR - Extension: Google Drive = C:\Users\LUKILADY\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: aToDo = C:\Users\LUKILADY\AppData\Local\Google\Chrome\User Data\Default\Extensions\biifddgekpaapdngnnejkhfgifkiiadd\1.2.2_0\
CHR - Extension: Guinness World Records - Record Player = C:\Users\LUKILADY\AppData\Local\Google\Chrome\User Data\Default\Extensions\capanopkcpoomknfiopjknnacehffjdh\1.2_0\
CHR - Extension: Adblock Plus = C:\Users\LUKILADY\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.3.1_0\
CHR - Extension: Red Fox Snow Theme = C:\Users\LUKILADY\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgaadipmojdihomphfmjphmelinpdalg\1.0.2_0\
CHR - Extension: Add to Amazon Wish List = C:\Users\LUKILADY\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.9_0\
CHR - Extension: Screen Capture (by Google) = C:\Users\LUKILADY\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.5_0\
CHR - Extension: Learn Italian - Molto Bene = C:\Users\LUKILADY\AppData\Local\Google\Chrome\User Data\Default\Extensions\dadgddaepklpemjojmnhgdjmmkmefihe\1.46_0\
CHR - Extension: Gmail Offline = C:\Users\LUKILADY\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.19_0\
CHR - Extension: Box - 5 GB Free Storage = C:\Users\LUKILADY\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejnkaeblpdcamcioiiabclakabcbjmbl\1.1.6_0\
CHR - Extension: Skype Click to Call = C:\Users\LUKILADY\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0\
CHR - Extension: Quick Note = C:\Users\LUKILADY\AppData\Local\Google\Chrome\User Data\Default\Extensions\mijlebbfndhelmdpmllgcfadlkankhok\1.4.2_0\
CHR - Extension: SkyDrive = C:\Users\LUKILADY\AppData\Local\Google\Chrome\User Data\Default\Extensions\nffchahhjecejoiigmnhhicpoabngedk\1.0.3_0\
CHR - Extension: Todo.ly = C:\Users\LUKILADY\AppData\Local\Google\Chrome\User Data\Default\Extensions\obhefmbclkekanpjjpkbciloojcmpkap\2_0\
CHR - Extension: Hotmail = C:\Users\LUKILADY\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfpeapihoiogbcmdmnibeplnikfnhoge\1.0.1_0\
CHR - Extension: Send from Gmail (by Google) = C:\Users\LUKILADY\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgphcomnlaojlmmcjmiddhdapjpbgeoc\1.13_0\

O1 HOSTS File: ([2011/08/13 09:42:01 | 000,434,016 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 14940 more lines...
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - AutorunsDisabled - No CLSID value found.
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation)
O4 - HKCU..\Run: [ehTray.exe] C:\Windows\ehome\ehtray.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm File not found
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm File not found
O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm File not found
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html File not found
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000036 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000037 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000038 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000039 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000040 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000041 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000042 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000043 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000044 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000045 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000046 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000047 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000048 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000049 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000050 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000051 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000052 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000053 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000054 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000055 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000056 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000057 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000058 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000059 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000060 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000061 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000062 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000063 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000064 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000065 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000066 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000067 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 83.224.66.134 83.224.70.93
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0DA3D306-AB23-420A-A3CF-C359C474E8EF}: DhcpNameServer = 83.224.66.138 83.224.70.94
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1501D3BB-AD63-4944-90A3-3128B19901B2}: DhcpNameServer = 83.224.70.62 83.224.70.78
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1DA22614-4656-4BEF-B632-DEB0A991D15A}: DhcpNameServer = 83.224.66.134 83.224.70.93
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4629F604-A9BC-4376-9BA4-6B9C0D742A54}: DhcpNameServer = 83.224.70.54 83.224.70.77
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A463D6C0-9234-45A7-893E-565E34B4C818}: DhcpNameServer = 83.224.70.54 83.224.70.77
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C7FC7C16-3588-4F39-81FE-745A5B05D427}: DhcpNameServer = 83.224.66.138 83.224.70.94
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\avgsecuritytoolbar - No CLSID value found
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\Windows\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\Windows\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\Windows\System32\browseui.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\LUKILADY\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Windows Live Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\LUKILADY\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Windows Live Photo Gallery Wallpaper.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010/09/13 19:09:13 | 000,000,122 | R--- | M] () - G:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{0d80f264-0da2-11e0-9b9b-0016d4d7d7af}\Shell - "" = AutoRun
O33 - MountPoints2\{0f2a2928-cee0-11e0-bcd8-001e101f79c9}\Shell - "" = AutoRun
O33 - MountPoints2\{0f2a2928-cee0-11e0-bcd8-001e101f79c9}\Shell\AutoRun\command - "" = F:\setup_vmb_lite.exe /checkApplicationPresence
O33 - MountPoints2\{2544c0fb-a9ee-11e0-b05a-001e101f06ab}\Shell - "" = AutoRun
O33 - MountPoints2\{26f1679d-bea9-11e0-b84c-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{26f1679d-bea9-11e0-b84c-806e6f6e6963}\Shell\AutoRun\command - "" = G:\setup_vmb_lite.exe -- [2010/09/08 15:54:25 | 000,274,432 | R--- | M] (Vodafone)
O33 - MountPoints2\{26f167ec-bea9-11e0-b84c-001e101f36d9}\Shell - "" = AutoRun
O33 - MountPoints2\{26f167ec-bea9-11e0-b84c-001e101f36d9}\Shell\AutoRun\command - "" = F:\setup_vmb_lite.exe /checkApplicationPresence
O33 - MountPoints2\{2fde86b2-aa62-11e0-b006-001e101fe5e1}\Shell - "" = AutoRun
O33 - MountPoints2\{2fde86b2-aa62-11e0-b006-001e101fe5e1}\Shell\AutoRun\command - "" = J:\LaunchU3.exe -a
O33 - MountPoints2\{3b3865c2-015e-11e0-949f-001e101f1ed9}\Shell - "" = AutoRun
O33 - MountPoints2\{3d196361-1869-11e1-84d6-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{41fd9f24-b9b8-11e0-963a-001e101f82a0}\Shell - "" = AutoRun
O33 - MountPoints2\{41fd9f8a-b9b8-11e0-963a-001e101f36d9}\Shell - "" = AutoRun
O33 - MountPoints2\{6a1c7160-22d4-11df-ba14-0016d4d7d7af}\Shell - "" = AutoRun
O33 - MountPoints2\{6a1c718a-22d4-11df-ba14-0016d4d7d7af}\Shell - "" = AutoRun
O33 - MountPoints2\{8785a25e-beb3-11e0-a21c-001e101f0e9d}\Shell - "" = AutoRun
O33 - MountPoints2\{8785a25e-beb3-11e0-a21c-001e101f0e9d}\Shell\AutoRun\command - "" = F:\setup_vmb_lite.exe /checkApplicationPresence
O33 - MountPoints2\{8c62ea3b-ac5c-11e0-9d67-00a0c6000000}\Shell - "" = AutoRun
O33 - MountPoints2\{994b2bbf-a6f7-11df-9884-001e101f7f74}\Shell - "" = AutoRun
O33 - MountPoints2\{ab1e4670-c2ad-11e1-8ab9-f30e1fca76d1}\Shell - "" = AutoRun
O33 - MountPoints2\{b48a487c-a445-11df-a233-0016d4d7d7af}\Shell - "" = AutoRun
O33 - MountPoints2\{b48a4899-a445-11df-a233-001e101f63cf}\Shell - "" = AutoRun
O33 - MountPoints2\{b48a48cd-a445-11df-a233-001e101f8c05}\Shell - "" = AutoRun
O33 - MountPoints2\{c2f9ecbf-125d-11e0-ad31-001e101fb681}\Shell - "" = AutoRun
O33 - MountPoints2\{c465112d-ae81-11df-8f8d-001e101fb45e}\Shell - "" = AutoRun
O33 - MountPoints2\{c642c4aa-1392-11e0-a5d0-001e101f82a7}\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\setup_vmb_lite.exe -- [2010/09/08 15:54:25 | 000,274,432 | R--- | M] (Vodafone)
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (sdnclean.exe)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/11/18 14:25:18 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/11/18 14:12:19 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012/11/18 14:12:17 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012/11/18 14:12:17 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012/11/18 14:12:17 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012/11/18 14:12:17 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012/11/18 14:12:15 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012/11/18 14:12:15 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012/11/18 14:12:12 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012/11/17 10:40:03 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2012/11/17 09:58:03 | 000,000,000 | ---D | C] -- C:\Program Files\MALWAREBYTES ANTI-MALWARE
[2012/11/17 09:50:05 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\synceng.dll
[2012/11/17 09:48:42 | 002,047,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012/11/16 21:22:18 | 000,000,000 | -HSD | C] -- C:\found.000
[2012/11/16 21:17:29 | 000,000,000 | ---D | C] -- C:\Windows\Registration
[2012/11/16 17:20:09 | 000,000,000 | ---D | C] -- C:\Users\LUKILADY\AppData\Local\{FB737772-6E73-471D-8E3F-413068387220}
[2012/11/16 09:48:55 | 000,000,000 | ---D | C] -- C:\Users\LUKILADY\Downloads
[2012/11/15 12:05:01 | 000,000,000 | ---D | C] -- C:\Users\LUKILADY\Documents\Speccy
[2012/11/15 12:03:45 | 000,000,000 | ---D | C] -- C:\Users\LUKILADY\Documents\Amazon
[2012/11/08 17:43:39 | 000,000,000 | ---D | C] -- C:\Users\LUKILADY\AppData\Local\{C8269988-1C95-4886-8A2D-4D1C6D299B84}
[2012/11/05 10:39:47 | 000,000,000 | ---D | C] -- C:\ImportReports
[2012/11/05 10:39:07 | 000,000,000 | -H-D | C] -- C:\ProgramData\{8846882E-9E7D-4C3B-B1C1-B545384346FE}
[2012/11/05 10:31:51 | 000,514,536 | ---- | C] (Transparent Language) -- C:\Users\LUKILADY\Desktop\BYKIDownloaderPC.exe
[2012/10/31 17:23:44 | 000,000,000 | ---D | C] -- C:\Users\LUKILADY\Desktop\Italian class work
[2012/10/31 10:03:45 | 000,000,000 | ---D | C] -- C:\Users\LUKILADY\AppData\Local\{9891FE9D-E20B-406B-8852-38A96A5CE885}
[2012/10/30 16:00:20 | 000,000,000 | ---D | C] -- C:\Users\LUKILADY\AppData\Local\{1F5BE633-65E7-4A06-B4E4-789A91DB5C25}
[9 C:\Users\LUKILADY\Desktop\*.tmp files -> C:\Users\LUKILADY\Desktop\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/11/18 15:56:25 | 000,609,196 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/11/18 15:56:25 | 000,108,672 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/11/18 15:52:57 | 000,013,166 | ---- | M] () -- C:\Users\LUKILADY\AppData\Roaming\nvModes.001
[2012/11/18 15:49:09 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/11/18 15:49:07 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/11/18 15:48:17 | 000,337,280 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/11/18 15:47:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/11/18 14:41:15 | 000,043,006 | ---- | M] () -- C:\Users\LUKILADY\Desktop\Untitled.png
[2012/11/18 14:40:55 | 000,034,238 | ---- | M] () -- C:\Users\LUKILADY\Desktop\PS_Hijack This info.png
[2012/11/17 09:58:15 | 000,000,870 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/11/16 16:27:06 | 000,000,638 | ---- | M] () -- C:\Users\LUKILADY\Desktop\Scan-Giti.csv
[2012/11/16 16:18:52 | 000,013,166 | ---- | M] () -- C:\Users\LUKILADY\AppData\Roaming\nvModes.dat
[2012/11/11 11:08:19 | 000,000,961 | ---- | M] () -- C:\Users\LUKILADY\Documents\Documenttrtans.rtf
[2012/11/10 10:57:11 | 000,319,631 | ---- | M] () -- C:\Users\LUKILADY\Documents\Slimming_Orlistat.png
[2012/11/08 17:42:31 | 000,709,337 | ---- | M] () -- C:\Users\LUKILADY\Desktop\img028.jpg
[2012/11/06 10:12:09 | 002,100,736 | ---- | M] () -- C:\Users\LUKILADY\Documents\BTH_Miracle_ foods_report.pdf
[2012/11/05 10:39:00 | 000,001,922 | ---- | M] () -- C:\Users\Public\Desktop\Byki 4 Express.lnk
[2012/11/05 10:31:51 | 000,514,536 | ---- | M] (Transparent Language) -- C:\Users\LUKILADY\Desktop\BYKIDownloaderPC.exe
[2012/11/02 19:06:00 | 000,150,376 | ---- | M] () -- C:\Users\LUKILADY\Desktop\Vodafone - Recapito Elettronico Fattura nr. AC15120208.zip.pdf
[2012/11/02 18:57:23 | 000,001,247 | ---- | M] () -- C:\Users\LUKILADY\Documents\trans_Vod.2.11.2012..rtf
[2012/11/01 16:21:36 | 000,002,543 | ---- | M] () -- C:\Users\LUKILADY\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office OneNote 2007.lnk
[2012/10/31 20:06:42 | 000,142,336 | ---- | M] () -- C:\Users\LUKILADY\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/10/26 14:19:55 | 000,000,345 | ---- | M] () -- C:\Users\LUKILADY\Desktop\tv man sr.rtf
[2012/10/26 14:18:12 | 000,000,533 | ---- | M] () -- C:\Users\LUKILADY\Documents\tv man.rtf
[2012/10/26 13:41:52 | 000,001,976 | ---- | M] () -- C:\Users\LUKILADY\Documents\cc_20121026_144140.reg
[2012/10/20 20:20:48 | 000,000,249 | ---- | M] () -- C:\Users\LUKILADY\Desktop\wise words-idiot.rtf
[9 C:\Users\LUKILADY\Desktop\*.tmp files -> C:\Users\LUKILADY\Desktop\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/11/18 14:41:10 | 000,043,006 | ---- | C] () -- C:\Users\LUKILADY\Desktop\Untitled.png
[2012/11/18 14:40:50 | 000,034,238 | ---- | C] () -- C:\Users\LUKILADY\Desktop\PS_Hijack This info.png
[2012/11/17 09:58:15 | 000,000,870 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/11/16 16:27:05 | 000,000,638 | ---- | C] () -- C:\Users\LUKILADY\Desktop\Scan-Giti.csv
[2012/11/11 14:46:08 | 002,100,736 | ---- | C] () -- C:\Users\LUKILADY\Documents\BTH_Miracle_ foods_report.pdf
[2012/11/11 10:58:43 | 000,000,961 | ---- | C] () -- C:\Users\LUKILADY\Documents\Documenttrtans.rtf
[2012/11/10 10:57:08 | 000,319,631 | ---- | C] () -- C:\Users\LUKILADY\Documents\Slimming_Orlistat.png
[2012/11/08 17:42:29 | 000,709,337 | ---- | C] () -- C:\Users\LUKILADY\Desktop\img028.jpg
[2012/11/05 10:39:00 | 000,001,922 | ---- | C] () -- C:\Users\Public\Desktop\Byki 4 Express.lnk
[2012/11/02 19:05:59 | 000,150,376 | ---- | C] () -- C:\Users\LUKILADY\Desktop\Vodafone - Recapito Elettronico Fattura nr. AC15120208.zip.pdf
[2012/11/02 18:57:23 | 000,001,247 | ---- | C] () -- C:\Users\LUKILADY\Documents\trans_Vod.2.11.2012..rtf
[2012/10/26 14:19:55 | 000,000,345 | ---- | C] () -- C:\Users\LUKILADY\Desktop\tv man sr.rtf
[2012/10/26 14:18:12 | 000,000,533 | ---- | C] () -- C:\Users\LUKILADY\Documents\tv man.rtf
[2012/10/26 13:41:43 | 000,001,976 | ---- | C] () -- C:\Users\LUKILADY\Documents\cc_20121026_144140.reg
[2012/10/20 20:20:48 | 000,000,249 | ---- | C] () -- C:\Users\LUKILADY\Desktop\wise words-idiot.rtf
[2012/09/27 14:59:22 | 000,012,682 | ---- | C] () -- C:\Users\LUKILADY\nvraid.cat
[2012/08/22 16:25:30 | 000,112,640 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2012/04/14 16:40:00 | 000,000,021 | ---- | C] () -- C:\Windows\preview.ini
[2012/02/05 12:42:18 | 000,000,000 | ---- | C] () -- C:\Users\LUKILADY\AppData\Roaming\downloads.m3u
[2012/02/05 12:33:53 | 000,000,134 | ---- | C] () -- C:\Users\LUKILADY\AppData\Roaming\default.rss
[2012/02/05 12:18:28 | 000,000,193 | ---- | C] () -- C:\Users\LUKILADY\AppData\Roaming\SamsungLiveUpdateConfig.ini
[2012/02/04 16:58:35 | 000,524,288 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2012/02/04 16:58:35 | 000,139,264 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011/10/24 11:41:30 | 000,000,000 | ---- | C] () -- C:\Users\LUKILADY\AppData\Local\{7A041B1C-D2B5-4688-80FD-306FB0227155}
[2011/10/10 15:41:56 | 000,055,808 | ---- | C] () -- C:\Windows\System32\zlib1.dll
[2011/05/31 19:57:58 | 000,000,064 | ---- | C] () -- C:\Windows\System32\rp_stats.dat
[2011/05/31 19:57:58 | 000,000,044 | ---- | C] () -- C:\Windows\System32\rp_rules.dat
[2011/03/06 14:26:01 | 000,000,000 | ---- | C] () -- C:\Windows\setup32.INI
[2010/12/23 11:23:24 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/09/08 10:07:40 | 000,159,464 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4
[2010/08/07 08:36:35 | 000,000,104 | ---- | C] () -- C:\Users\LUKILADY\Computer - Shortcut.lnk
[2010/07/20 08:19:40 | 000,035,044 | ---- | C] () -- C:\Users\LUKILADY\ChopinScript.otf
[2010/06/15 20:39:33 | 000,007,484 | ---- | C] () -- C:\Users\LUKILADY\AppData\Local\d3d9caps.dat
[2010/02/04 15:11:29 | 000,142,336 | ---- | C] () -- C:\Users\LUKILADY\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/01/25 09:46:16 | 000,019,334 | ---- | C] () -- C:\Users\LUKILADY\AppData\Roaming\wklnhst.dat
[2010/01/22 18:56:03 | 000,013,166 | ---- | C] () -- C:\Users\LUKILADY\AppData\Roaming\nvModes.001
[2010/01/22 18:55:58 | 000,013,166 | ---- | C] () -- C:\Users\LUKILADY\AppData\Roaming\nvModes.dat

========== ZeroAccess Check ==========

[2006/11/02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Files - Unicode (All) ==========
[2011/03/07 12:45:44 | 000,000,017 | ---- | M] ()(C:\Windows\System32\??) -- C:\Windows\System32\నƭ
[2011/03/07 12:45:44 | 000,000,017 | ---- | C] ()(C:\Windows\System32\??) -- C:\Windows\System32\నƭ

========== Alternate Data Streams ==========

@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:07BF512B
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:CDEBE8F6
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:5C321E34

< End of report >
-----------
OTL Extras logfile created on: 18/11/2012 16:39:38 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\LUKILADY\Documents\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 0.69 Gb Available Physical Memory | 34.76% Memory free
4.23 Gb Paging File | 2.84 Gb Available in Paging File | 67.29% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 69.78 Gb Total Space | 9.03 Gb Free Space | 12.93% Space Free | Partition Type: NTFS
Drive D: | 69.51 Gb Total Space | 43.85 Gb Free Space | 63.08% Space Free | Partition Type: NTFS
Drive F: | 983.22 Mb Total Space | 18.61 Mb Free Space | 1.89% Space Free | Partition Type: FAT
Drive G: | 40.37 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: FREESPIRIT-VS | User Name: LUKILADY | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 1
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Acer\Empowering Technology\eDataSecurity\eDSfsu.exe" = C:\Acer\Empowering Technology\eDataSecurity\eDSfsu.exe:*:Enabled:eDSfsu -- (Acer Inc.)
"C:\Acer\Empowering Technology\eDataSecurity\encryption.exe" = C:\Acer\Empowering Technology\eDataSecurity\encryption.exe:*:Enabled:encryption -- (HiTRUST)
"C:\Acer\Empowering Technology\eDataSecurity\decryption.exe" = C:\Acer\Empowering Technology\eDataSecurity\decryption.exe:*:Enabled:decryption -- (HiTRUST)
"C:\Acer\Empowering Technology\eDataSecurity\eDSrf.exe" = C:\Acer\Empowering Technology\eDataSecurity\eDSrf.exe:*:Enabled:eDSrf -- (HITRUST)
"C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Disabled:Spybot-S&D 2 Scanner Service
"C:\Program Files\Spybot - Search & Destroy 2\SDFWSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDFWSvc.exe:*:Enabled:Spybot-S&D 2 Firewall service
"C:\Program Files\Spybot - Search & Destroy 2\SDMonSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDMonSvc.exe:*:Enabled:Spybot-S&D 2 On-Access monitor service
"C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{146EC89D-BD26-47A1-8FB7-3CECA63E38C3}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{35C59E58-C88C-46C2-8CA7-83E01A7D9D97}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe |
"{41DEECE4-3522-46A3-9017-C754E1E3013E}" = lport=2869 | protocol=6 | dir=in | app=system |
"{5159581F-C85C-4965-9955-90511C68BC6D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe |
"{6EA1D985-482D-47EB-ADC9-C1D1D3C4DE88}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{9AED41BB-E244-43DD-8FA7-8D9511A9EBEE}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{ACB17EE0-9383-40B8-9683-3FDFA4C8F4C9}" = lport=7777 | protocol=17 | dir=in | app=c:\windows\ehome\ehshell.exe |
"{CAD7844B-F7FD-485E-B21E-916B4A44AF9D}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe |
"{CFA780D2-E8FC-4FCB-AD03-E353BA99B287}" = lport=554 | protocol=6 | dir=in | app=c:\windows\ehome\ehshell.exe |
"{D180E4AB-F36F-4BD1-AC9A-73E7F20AAD58}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{D6D4AE18-B355-4AB3-BB54-AA8605AD4DB7}" = lport=3390 | protocol=6 | dir=in | app=system |
"{D809B449-E69D-4BFB-9709-D1787E392873}" = rport=10244 | protocol=6 | dir=out | app=system |
"{DC62FBAB-BEB5-4A1A-96E5-60E6A50A4C54}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{EB23A438-34AA-421A-9DCA-EF88193764AF}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe |
"{F2735B7C-6422-40CF-A939-9155CF8CE0A2}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{F4362002-C350-4393-82B2-EEBDF30DC0A6}" = lport=10244 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06E4E7C9-83C7-451B-8977-D9F08D8A8852}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |
"{077F7CFD-C42C-48BD-8694-85220A946E6D}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |
"{11DD5610-7F84-4770-A11A-1AF76F2A8032}" = protocol=17 | dir=in | app=c:\program files\superantispyware\superantispyware.exe |
"{232239AE-5E99-4965-B3FE-BED27F2E2A4B}" = protocol=6 | dir=out | app=c:\windows\system32\wudfhost.exe |
"{28FDF932-13D4-4D6C-9F05-C3BFA5E5B4E1}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{2BC00C2F-9FA2-4CAA-8075-D20669CAD05D}" = protocol=6 | dir=out | svc=mcx2svc | app=c:\windows\system32\svchost.exe |
"{4466BA0C-A84B-47F4-BCA1-8C08F67C08D0}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |
"{570D6EE3-4C0F-4EC8-BEF5-882CC719710D}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe |
"{5B63EF1A-2B85-492F-9CDE-6AE162F16802}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe |
"{61581752-3445-43AB-8C6B-5F9DDC3A1B61}" = protocol=17 | dir=out | app=c:\windows\ehome\ehshell.exe |
"{62DE2C39-124E-45D9-9A1D-0B6CC6C79F70}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{651E73DE-ACD8-4B9A-99EB-B4680B2942AB}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |
"{718DEC6E-AAC9-462A-ACD2-6017C27C9A48}" = dir=in | app=c:\program files\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe |
"{7B0EF680-E556-4D19-A49C-67E52E31024D}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |
"{7B1FEE43-18F8-4C18-8AE6-8A8839ADB214}" = protocol=6 | dir=out | app=c:\windows\ehome\ehshell.exe |
"{82BA22E3-BD76-42FD-91FB-76411FC6990F}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{87ED2D28-7749-4938-9D1D-163220FFAF8E}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{88AD90B5-3C66-4CD3-A62E-38FCEECCD041}" = protocol=6 | dir=out | app=system |
"{8BB7057D-C989-45F3-979C-09297184A9AC}" = dir=in | app=c:\program files\acer arcade deluxe\dvdivine\dvdivine.exe |
"{9107BB8F-063E-4109-AC98-782CAA718CEC}" = protocol=6 | dir=out | app=c:\windows\ehome\mcx2prov.exe |
"{9636CFBA-B7CD-41E8-B11E-4808ED4AA52F}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{96ACAEC8-1283-4276-89EC-96D0254ED7B7}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmplayer.exe |
"{9B9186CD-8F9A-40E7-959B-40A64227ED7F}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{A427CCFD-2D8D-4D93-BDAA-F8ADF96667C6}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{A82ABF6C-BA92-4F90-83B4-DC28405F93B6}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{B1837B59-142C-4525-816A-092828568DF5}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{B4C87850-6C9C-44DB-9A75-2F098B2ED6D9}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{C5A7F907-5C83-4942-A886-C95B5327A98B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D8B62EE6-FFFD-42E9-BC3C-12FADE486B94}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{F0484873-3879-456C-A434-2E39E03AE6F7}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{F219D296-C87A-4618-BA58-48C272888BBB}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{F6871E12-29F4-40D0-9F2C-EF3DABD1E397}" = protocol=6 | dir=in | app=c:\program files\superantispyware\superantispyware.exe |
"{F7EF4A59-A912-4BDB-BD2C-73B610C4410F}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"TCP Query User{37F21DD2-72A4-48DC-90CD-6BA71F0FC80C}C:\program files\musicbrainz picard\picard.exe" = protocol=6 | dir=in | app=c:\program files\musicbrainz picard\picard.exe |
"TCP Query User{4F86E80C-2F32-466F-9188-698CFC6D4046}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{EAEF0ED8-00A1-4B75-B290-D251B0C29C57}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{52AC539A-A59E-4DBA-9DA0-55A14638CBEE}C:\program files\musicbrainz picard\picard.exe" = protocol=17 | dir=in | app=c:\program files\musicbrainz picard\picard.exe |
"UDP Query User{858FD714-BBA5-46B6-829B-A18C58D58A2D}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{EDB4DF87-3DC9-41BB-AB50-39060854E0EE}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01F6C6F6-0D5A-45D0-83DB-38AB421D0BF5}" = Steganos Safe One
"{03B8AA32-F23C-4178-B8E6-09ECD07EAA47}" = Epson Event Manager
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B480F9F-4D85-43CA-B189-FDF5347E427C}" = Macrium Reflect Free Edition
"{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}" = Acer eLock Management
"{11F5D779-7BD9-465A-BBC4-10701386BCB9}" = FW LiveUpdate
"{13A5E785-5197-4EAD-8EE3-D660271E49BC}" = Feedback Tool
"{166FCF01-AC98-4288-A01C-90BEB808C059}" = Sony RAW Driver
"{17504ED4-DB08-40A8-81C2-27D8C01581DA}" = Windows Live Remote Service Resources
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 3.5
"{1AEC7728-1640-4E98-AABC-5EBE3FB57FE4}" = SMSC Fast Infrared Driver
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java™ 6 Update 33
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java™ 7 Update 5
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{32A3A4F4-B792-11D6-A78A-00B0D0160290}" = Java™ SE Development Kit 6 Update 29
"{32A3A4F4-B792-11D6-A78A-00B0D0160330}" = Java™ SE Development Kit 6 Update 33
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{39F58DDB-B2B8-4B86-AF20-4706A80EB30D}" = Epson Easy Photo Print 2
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{464B3406-A4D0-4914-910F-7CA4380DCC13}" = Windows Live Remote Client Resources
"{48165C86-E786-414F-8548-C77CEE2664DF}" = SlimComputer
"{48E80C20-00B3-11D4-AA4A-00C0580802FD}" = USB CF Reader Ver 4.2.0.3
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AEC24E4-373F-4E75-88DC-822E7F3E61E4}" = DiskUsageAnalyzer
"{4BB1DCED-84D3-47F9-B718-5947E904593E}" = Acer OrbiCam
"{529125EF-E3AC-4B74-97E6-F688A7C0F1BF}" = Paint.NET v3.5.10
"{56B777D9-9D85-4A81-BF59-1EED7401ADC4}" = Google Cloud Connect for Microsoft Office
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{65CB4C08-C47B-4A7E-A6A4-50C06ADA5FC6}" = Adobe AIR
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6C29152D-3FF9-43B2-84E4-9B35FC0BF5C2}" = Vodafone Mobile Broadband Lite
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7216871F-869E-437C-B9BF-2A13F2DCE63F}_is1" = Auslogics BoostSpeed
"{73EC658D-A1C6-40CA-8E86-E05821BAACE7}" = Java DB 10.6.2.1
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8810F2B7-A26B-40C1-9527-58CE2C496B21}" = USB MultiMediaCard Reader Ver 1.02 Beta 3
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A41CFD3-A3F0-4501-94F2-D71661AFD6DF}" = AVG 2011
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F1ADE4D-EFAC-4F5A-B346-23C2687FAF50}" = Apple Mobile Device Support
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{98A24200-17D3-4F27-A3A8-02AAB25EB504}" = AVG 2011
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A87B11AC-4344-4E5D-8B12-8F471A87DAD9}" = LightScribe 1.4.136.1
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4)
"{AEEAE013-92F1-4515-B278-139F1A692A36}" = Acer eDataSecurity Management
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B2D55EB8-32C5-4B43-9006-9E97DECBA178}" = Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{C06554A1-2C1E-4D20-B613-EE62C79927CC}" = Acer eNet Management
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE65A9A0-9686-45C6-9098-3C9543A412F0}" = Acer eSettings Management
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DD1DED37-2486-4F56-8F89-56AA814003F5}" = Acer OrbiCam
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EF67AE1A-6B31-4C98-91A9-F195D8702150}" = Google Drive
"{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}" = Acer Arcade Deluxe
"{F02C0A8C-7409-437A-A587-588B02B3635E}" = Teaching-you Italian
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{FCCC2E29-A6E0-4588-A0DE-38678E5F7904}" = Byki
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"ABBYY FineReader 9.0 Sprint" = ABBYY FineReader 9.0 Sprint
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AVG" = AVG 2011
"Byki Express" = Byki Express
"CassetteMate" = CassetteMate
"CCleaner" = CCleaner
"Defraggler" = Defraggler
"EPSON Scanner" = EPSON Scan
"EPSON SX125 Series" = EPSON SX125 Series Printer Uninstall
"EPSON SX125 Series Manual" = EPSON SX125 Series Manual
"ffdshow_is1" = ffdshow v1.2.4475 [2012-07-12]
"FileHippo.com" = FileHippo.com Update Checker
"Foxit Reader_is1" = Foxit Reader
"Free Spider_is1" = Free Spider Solitaire 2012 v3.0
"Glary Utilities_is1" = Glary Utilities 2.34.0.1190
"Google Chrome" = Google Chrome
"HijackThis" = HijackThis 1.99.1
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.65.1.1000
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"MusicBrainz Picard" = MusicBrainz Picard
"NVIDIA Drivers" = NVIDIA Drivers
"Secunia PSI" = Secunia PSI (2.0.0.4003)
"Semper Driver Backup_is1" = Semper Driver Backup
"Speccy" = Speccy
"SpywareBlaster_is1" = SpywareBlaster 4.6
"SugarSync" = SugarSync Manager
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VLC media player" = VLC media player 2.0.2
"Windows Essentials Media Codec Pack" = Windows Essentials Media Codec Pack 2.3d
"WinLiveSuite" = Windows Live Essentials
"ZhornStickies" = Stickies 7.0a

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"WavePad" = WavePad Sound Editor
"WinDirStat" = WinDirStat 1.1.2

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 16/11/2012 15:22:45 | Computer Name = FREESPIRIT-VS | Source = Windows Search Service | ID = 3058
Description =

Error - 16/11/2012 16:25:24 | Computer Name = FREESPIRIT-VS | Source = VmbService | ID = 0
Description = conflictManagerTypeValue

Error - 16/11/2012 16:25:41 | Computer Name = FREESPIRIT-VS | Source = ESENT | ID = 455
Description = Catalog Database (1620) Catalog Database: Error -1811 occurred while
opening logfile C:\Windows\system32\CatRoot2\edb00178.log.

Error - 16/11/2012 16:25:41 | Computer Name = FREESPIRIT-VS | Source = Microsoft-Windows-CAPI2 | ID = 131329
Description =

Error - 17/11/2012 04:00:10 | Computer Name = FREESPIRIT-VS | Source = VmbService | ID = 0
Description = conflictManagerTypeValue

Error - 17/11/2012 04:39:35 | Computer Name = FREESPIRIT-VS | Source = VmbService | ID = 0
Description = conflictManagerTypeValue

Error - 17/11/2012 05:32:41 | Computer Name = FREESPIRIT-VS | Source = VmbService | ID = 0
Description = conflictManagerTypeValue

Error - 31/05/2005 20:03:11 | Computer Name = FREESPIRIT-VS | Source = VmbService | ID = 0
Description = conflictManagerTypeValue

Error - 18/11/2012 09:08:52 | Computer Name = FREESPIRIT-VS | Source = Windows Search Service | ID = 3006
Description =

Error - 18/11/2012 09:08:52 | Computer Name = FREESPIRIT-VS | Source = Windows Search Service | ID = 3007
Description =

Error - 18/11/2012 10:49:09 | Computer Name = FREESPIRIT-VS | Source = VmbService | ID = 0
Description = conflictManagerTypeValue

[ OSession Events ]
Error - 22/08/2010 01:39:01 | Computer Name = FREESPIRIT-VS | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 8
seconds with 0 seconds of active time. This session ended with a crash.

Error - 01/09/2010 10:15:09 | Computer Name = FREESPIRIT-VS | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 29
seconds with 0 seconds of active time. This session ended with a crash.

Error - 13/09/2010 09:10:38 | Computer Name = FREESPIRIT-VS | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 52 seconds with 0 seconds of active time. This session ended with a crash.

Error - 26/09/2010 11:44:56 | Computer Name = FREESPIRIT-VS | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 8
seconds with 0 seconds of active time. This session ended with a crash.

Error - 01/12/2010 09:29:53 | Computer Name = FREESPIRIT-VS | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 32
seconds with 0 seconds of active time. This session ended with a crash.

Error - 14/04/2011 13:05:32 | Computer Name = FREESPIRIT-VS | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 22 seconds with 0 seconds of active time. This session ended with a crash.

Error - 10/07/2011 08:47:32 | Computer Name = FREESPIRIT-VS | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 3211 seconds with 60 seconds of active time. This session ended with a crash.

Error - 24/09/2011 14:50:24 | Computer Name = FREESPIRIT-VS | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 7 seconds with 0 seconds of active time. This session ended with a crash.

Error - 11/11/2011 06:25:48 | Computer Name = FREESPIRIT-VS | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 5548
seconds with 3780 seconds of active time. This session ended with a crash.

Error - 03/04/2012 12:48:10 | Computer Name = FREESPIRIT-VS | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 16
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 18/11/2012 09:14:52 | Computer Name = FREESPIRIT-VS | Source = Service Control Manager | ID = 7000
Description =

Error - 18/11/2012 09:16:22 | Computer Name = FREESPIRIT-VS | Source = Service Control Manager | ID = 7009
Description =

Error - 18/11/2012 09:16:22 | Computer Name = FREESPIRIT-VS | Source = Service Control Manager | ID = 7000
Description =

Error - 18/11/2012 09:33:31 | Computer Name = FREESPIRIT-VS | Source = Dhcp | ID = 1002
Description = The IP address lease 109.116.175.115 for the Network Card with network
address 001E101F7FB6 has been denied by the DHCP server 109.112.142.193 (The DHCP
Server sent a DHCPNACK message).

Error - 18/11/2012 09:44:39 | Computer Name = FREESPIRIT-VS | Source = Dhcp | ID = 1002
Description = The IP address lease 109.114.82.201 for the Network Card with network
address 001E101F1F81 has been denied by the DHCP server 31.26.199.33 (The DHCP
Server sent a DHCPNACK message).

Error - 18/11/2012 10:47:55 | Computer Name = FREESPIRIT-VS | Source = EventLog | ID = 6008
Description = The previous system shutdown at 15:43:40 on 18/11/2012 was unexpected.

Error - 18/11/2012 10:49:08 | Computer Name = FREESPIRIT-VS | Source = Service Control Manager | ID = 7009
Description =

Error - 18/11/2012 10:49:08 | Computer Name = FREESPIRIT-VS | Source = Service Control Manager | ID = 7000
Description =

Error - 18/11/2012 10:50:20 | Computer Name = FREESPIRIT-VS | Source = Service Control Manager | ID = 7026
Description =

Error - 18/11/2012 10:59:14 | Computer Name = FREESPIRIT-VS | Source = Dhcp | ID = 1002
Description = The IP address lease 109.116.176.82 for the Network Card with network
address 001E101F8ED0 has been denied by the DHCP server 37.183.14.90 (The DHCP
Server sent a DHCPNACK message).


< End of report >

Attached Files


Edited by VictoriaSquirrel, 18 November 2012 - 11:15 AM.

  • 0

#4
Essexboy
Posted 18 November 2012 - 11:26 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi VS I have merged both threads could you keep everything in this one topic please

Did you manage to run AswMBR ?

  • Download RogueKiller and save it on your desktop.

    NOTE: If using IE8 or better Smartscreen Filter will need to be disabled
  • Quit all programs
  • Start RogueKiller.exe.
  • Wait until Prescan has finished ...
  • Click on Scan
    Posted Image
  • Wait for the end of the scan.
  • The report has been created on the desktop.

  • 0

#5
VictoriaSquirrel
Posted 20 November 2012 - 03:20 AM

VictoriaSquirrel

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
Dear Essexboy,

Once again thanks for your help. I hope I have got it right this time. I am having a lot of problems staying either online, or connected at all. So it is taking a very long time to achieve anything.

However, I have managed to change the firewall from Windows to the suggested Online Amor, which seems to be working well. I have done the RogueKiller scan (eventually) and give below the results.

I would add that I have noticed on my desktop many "ghost" files have appeared, which I dare not click/delete; these all have the first letter replaced with either an S or $ sign.

Over to you, and thank you.

VS
RogueKiller V8.3.0 [Nov 19 2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo...13-roguekiller/
Website: http://tigzy.geeksto...roguekiller.php
Blog: http://tigzyrk.blogspot.com

Operating System: Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Started in : Normal mode
User : LUKILADY [Admin rights]
Mode : Scan -- Date : 11/20/2012 09:50:36

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 10 ¤¤¤
[TASK][ROGUE ST] 0 : c:\program files\internet explorer\iexplore.exe -> FOUND
[TASK][ROGUE ST] 4788 : wscript.exe C:\Users\LUKILADY\AppData\Local\Temp\launchie.vbs //B -> FOUND
[TASK][SUSP PATH] Seagate 2GHJYGRY Product Registration (Lady Carrington) : C:\Users\Lady Carrington\AppData\Roaming\Leadertech\PowerRegister\Seagate 2GHJYGRY Product Registration.exe /remind /language=ENG /loadsrnm="2GHJYGRY" /SRNM="2GHJYGRY" /BRND="Seagate" /BDSR="Seagate 2GHJYGRY" -> FOUND
[TASK][SUSP PATH] wavepadShakeIcon : C:\Users\LUKILADY\AppData\Roaming\NCH Swift Sound\Program Files\WavePad\wavepad.exe -shakeicon -> FOUND
[HJ DESK] HKCU\[...]\ClassicStartMenu : {59031A47-3F72-44A7-89C5-5595FE6B30EE} (1) -> FOUND
[HJ DESK] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ DESK] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost
::1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
[...]


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: Hitachi HTS541616J9SA00 ATA Device +++++
--- User ---
[MBR] a7dd622b1ace2f4028d00101e16c7b1f
[BSP] de30d78ef611f293d400fe3b7fd2e558 : Acer tatooed MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 63 | Size: 9993 Mo
1 - [ACTIVE] FAT16 (0x06) [VISIBLE] Offset (sectors): 20466810 | Size: 71453 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 166802895 | Size: 71178 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: Memorex M-Flyer B USB Device +++++
--- User ---
[MBR] 2c5485f7efbf0c8108fd6778f7258c7b
[BSP] 61f9ff0001ffe9235fb038aaafe0ad3e : MBR Code unknown
Partition table:
0 - [ACTIVE] FAT16 (0x06) [VISIBLE] Offset (sectors): 32 | Size: 983 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Finished : << RKreport[1]_S_11202012_02d0950.txt >>
RKreport[1]_S_11202012_02d0950.txt



RogueKiller V8.3.0 [Nov 19 2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo...13-roguekiller/
Website: http://tigzy.geeksto...roguekiller.php
Blog: http://tigzyrk.blogspot.com

Operating System: Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Started in : Normal mode
User : LUKILADY [Admin rights]
Mode : Scan -- Date : 11/20/2012 09:50:36

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 10 ¤¤¤
[TASK][ROGUE ST] 0 : c:\program files\internet explorer\iexplore.exe -> FOUND
[TASK][ROGUE ST] 4788 : wscript.exe C:\Users\LUKILADY\AppData\Local\Temp\launchie.vbs //B -> FOUND
[TASK][SUSP PATH] Seagate 2GHJYGRY Product Registration (Lady Carrington) : C:\Users\Lady Carrington\AppData\Roaming\Leadertech\PowerRegister\Seagate 2GHJYGRY Product Registration.exe /remind /language=ENG /loadsrnm="2GHJYGRY" /SRNM="2GHJYGRY" /BRND="Seagate" /BDSR="Seagate 2GHJYGRY" -> FOUND
[TASK][SUSP PATH] wavepadShakeIcon : C:\Users\LUKILADY\AppData\Roaming\NCH Swift Sound\Program Files\WavePad\wavepad.exe -shakeicon -> FOUND
[HJ DESK] HKCU\[...]\ClassicStartMenu : {59031A47-3F72-44A7-89C5-5595FE6B30EE} (1) -> FOUND
[HJ DESK] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ DESK] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost
::1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
[...]


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: Hitachi HTS541616J9SA00 ATA Device +++++
--- User ---
[MBR] a7dd622b1ace2f4028d00101e16c7b1f
[BSP] de30d78ef611f293d400fe3b7fd2e558 : Acer tatooed MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 63 | Size: 9993 Mo
1 - [ACTIVE] FAT16 (0x06) [VISIBLE] Offset (sectors): 20466810 | Size: 71453 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 166802895 | Size: 71178 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: Memorex M-Flyer B USB Device +++++
--- User ---
[MBR] 2c5485f7efbf0c8108fd6778f7258c7b
[BSP] 61f9ff0001ffe9235fb038aaafe0ad3e : MBR Code unknown
Partition table:
0 - [ACTIVE] FAT16 (0x06) [VISIBLE] Offset (sectors): 32 | Size: 983 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Finished : << RKreport[1]_S_11202012_02d0950.txt >>
RKreport[1]_S_11202012_02d0950.txt



RogueKiller V8.3.0 [Nov 19 2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo...13-roguekiller/
Website: http://tigzy.geeksto...roguekiller.php
Blog: http://tigzyrk.blogspot.com

Operating System: Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Started in : Normal mode
User : LUKILADY [Admin rights]
Mode : Scan -- Date : 11/20/2012 09:50:36

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 10 ¤¤¤
[TASK][ROGUE ST] 0 : c:\program files\internet explorer\iexplore.exe -> FOUND
[TASK][ROGUE ST] 4788 : wscript.exe C:\Users\LUKILADY\AppData\Local\Temp\launchie.vbs //B -> FOUND
[TASK][SUSP PATH] Seagate 2GHJYGRY Product Registration (Lady Carrington) : C:\Users\Lady Carrington\AppData\Roaming\Leadertech\PowerRegister\Seagate 2GHJYGRY Product Registration.exe /remind /language=ENG /loadsrnm="2GHJYGRY" /SRNM="2GHJYGRY" /BRND="Seagate" /BDSR="Seagate 2GHJYGRY" -> FOUND
[TASK][SUSP PATH] wavepadShakeIcon : C:\Users\LUKILADY\AppData\Roaming\NCH Swift Sound\Program Files\WavePad\wavepad.exe -shakeicon -> FOUND
[HJ DESK] HKCU\[...]\ClassicStartMenu : {59031A47-3F72-44A7-89C5-5595FE6B30EE} (1) -> FOUND
[HJ DESK] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ DESK] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost
::1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
[...]


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: Hitachi HTS541616J9SA00 ATA Device +++++
--- User ---
[MBR] a7dd622b1ace2f4028d00101e16c7b1f
[BSP] de30d78ef611f293d400fe3b7fd2e558 : Acer tatooed MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 63 | Size: 9993 Mo
1 - [ACTIVE] FAT16 (0x06) [VISIBLE] Offset (sectors): 20466810 | Size: 71453 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 166802895 | Size: 71178 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: Memorex M-Flyer B USB Device +++++
--- User ---
[MBR] 2c5485f7efbf0c8108fd6778f7258c7b
[BSP] 61f9ff0001ffe9235fb038aaafe0ad3e : MBR Code unknown
Partition table:
0 - [ACTIVE] FAT16 (0x06) [VISIBLE] Offset (sectors): 32 | Size: 983 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Finished : << RKreport[1]_S_11202012_02d0950.txt >>
RKreport[1]_S_11202012_02d0950.txt



RogueKiller V8.3.0 [Nov 19 2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo...13-roguekiller/
Website: http://tigzy.geeksto...roguekiller.php
Blog: http://tigzyrk.blogspot.com

Operating System: Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Started in : Normal mode
User : LUKILADY [Admin rights]
Mode : Scan -- Date : 11/20/2012 09:50:36

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 10 ¤¤¤
[TASK][ROGUE ST] 0 : c:\program files\internet explorer\iexplore.exe -> FOUND
[TASK][ROGUE ST] 4788 : wscript.exe C:\Users\LUKILADY\AppData\Local\Temp\launchie.vbs //B -> FOUND
[TASK][SUSP PATH] Seagate 2GHJYGRY Product Registration (Lady Carrington) : C:\Users\Lady Carrington\AppData\Roaming\Leadertech\PowerRegister\Seagate 2GHJYGRY Product Registration.exe /remind /language=ENG /loadsrnm="2GHJYGRY" /SRNM="2GHJYGRY" /BRND="Seagate" /BDSR="Seagate 2GHJYGRY" -> FOUND
[TASK][SUSP PATH] wavepadShakeIcon : C:\Users\LUKILADY\AppData\Roaming\NCH Swift Sound\Program Files\WavePad\wavepad.exe -shakeicon -> FOUND
[HJ DESK] HKCU\[...]\ClassicStartMenu : {59031A47-3F72-44A7-89C5-5595FE6B30EE} (1) -> FOUND
[HJ DESK] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ DESK] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost
::1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
[...]


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: Hitachi HTS541616J9SA00 ATA Device +++++
--- User ---
[MBR] a7dd622b1ace2f4028d00101e16c7b1f
[BSP] de30d78ef611f293d400fe3b7fd2e558 : Acer tatooed MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 63 | Size: 9993 Mo
1 - [ACTIVE] FAT16 (0x06) [VISIBLE] Offset (sectors): 20466810 | Size: 71453 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 166802895 | Size: 71178 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: Memorex M-Flyer B USB Device +++++
--- User ---
[MBR] 2c5485f7efbf0c8108fd6778f7258c7b
[BSP] 61f9ff0001ffe9235fb038aaafe0ad3e : MBR Code unknown
Partition table:
0 - [ACTIVE] FAT16 (0x06) [VISIBLE] Offset (sectors): 32 | Size: 983 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Finished : << RKreport[1]_S_11202012_02d0950.txt >>
RKreport[1]_S_11202012_02d0950.txt



RogueKiller V8.3.0 [Nov 19 2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo...13-roguekiller/
Website: http://tigzy.geeksto...roguekiller.php
Blog: http://tigzyrk.blogspot.com

Operating System: Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Started in : Normal mode
User : LUKILADY [Admin rights]
Mode : Scan -- Date : 11/20/2012 09:50:36

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 10 ¤¤¤
[TASK][ROGUE ST] 0 : c:\program files\internet explorer\iexplore.exe -> FOUND
[TASK][ROGUE ST] 4788 : wscript.exe C:\Users\LUKILADY\AppData\Local\Temp\launchie.vbs //B -> FOUND
[TASK][SUSP PATH] Seagate 2GHJYGRY Product Registration (Lady Carrington) : C:\Users\Lady Carrington\AppData\Roaming\Leadertech\PowerRegister\Seagate 2GHJYGRY Product Registration.exe /remind /language=ENG /loadsrnm="2GHJYGRY" /SRNM="2GHJYGRY" /BRND="Seagate" /BDSR="Seagate 2GHJYGRY" -> FOUND
[TASK][SUSP PATH] wavepadShakeIcon : C:\Users\LUKILADY\AppData\Roaming\NCH Swift Sound\Program Files\WavePad\wavepad.exe -shakeicon -> FOUND
[HJ DESK] HKCU\[...]\ClassicStartMenu : {59031A47-3F72-44A7-89C5-5595FE6B30EE} (1) -> FOUND
[HJ DESK] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ DESK] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost
::1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
[...]


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: Hitachi HTS541616J9SA00 ATA Device +++++
--- User ---
[MBR] a7dd622b1ace2f4028d00101e16c7b1f
[BSP] de30d78ef611f293d400fe3b7fd2e558 : Acer tatooed MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 63 | Size: 9993 Mo
1 - [ACTIVE] FAT16 (0x06) [VISIBLE] Offset (sectors): 20466810 | Size: 71453 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 166802895 | Size: 71178 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: Memorex M-Flyer B USB Device +++++
--- User ---
[MBR] 2c5485f7efbf0c8108fd6778f7258c7b
[BSP] 61f9ff0001ffe9235fb038aaafe0ad3e : MBR Code unknown
Partition table:
0 - [ACTIVE] FAT16 (0x06) [VISIBLE] Offset (sectors): 32 | Size: 983 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Finished : << RKreport[1]_S_11202012_02d0950.txt >>
RKreport[1]_S_11202012_02d0950.txt



RogueKiller V8.3.0 [Nov 19 2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo...13-roguekiller/
Website: http://tigzy.geeksto...roguekiller.php
Blog: http://tigzyrk.blogspot.com

Operating System: Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Started in : Normal mode
User : LUKILADY [Admin rights]
Mode : Scan -- Date : 11/20/2012 09:50:36

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 10 ¤¤¤
[TASK][ROGUE ST] 0 : c:\program files\internet explorer\iexplore.exe -> FOUND
[TASK][ROGUE ST] 4788 : wscript.exe C:\Users\LUKILADY\AppData\Local\Temp\launchie.vbs //B -> FOUND
[TASK][SUSP PATH] Seagate 2GHJYGRY Product Registration (Lady Carrington) : C:\Users\Lady Carrington\AppData\Roaming\Leadertech\PowerRegister\Seagate 2GHJYGRY Product Registration.exe /remind /language=ENG /loadsrnm="2GHJYGRY" /SRNM="2GHJYGRY" /BRND="Seagate" /BDSR="Seagate 2GHJYGRY" -> FOUND
[TASK][SUSP PATH] wavepadShakeIcon : C:\Users\LUKILADY\AppData\Roaming\NCH Swift Sound\Program Files\WavePad\wavepad.exe -shakeicon -> FOUND
[HJ DESK] HKCU\[...]\ClassicStartMenu : {59031A47-3F72-44A7-89C5-5595FE6B30EE} (1) -> FOUND
[HJ DESK] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ DESK] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost
::1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
[...]


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: Hitachi HTS541616J9SA00 ATA Device +++++
--- User ---
[MBR] a7dd622b1ace2f4028d00101e16c7b1f
[BSP] de30d78ef611f293d400fe3b7fd2e558 : Acer tatooed MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 63 | Size: 9993 Mo
1 - [ACTIVE] FAT16 (0x06) [VISIBLE] Offset (sectors): 20466810 | Size: 71453 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 166802895 | Size: 71178 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: Memorex M-Flyer B USB Device +++++
--- User ---
[MBR] 2c5485f7efbf0c8108fd6778f7258c7b
[BSP] 61f9ff0001ffe9235fb038aaafe0ad3e : MBR Code unknown
Partition table:
0 - [ACTIVE] FAT16 (0x06) [VISIBLE] Offset (sectors): 32 | Size: 983 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Finished : << RKreport[1]_S_11202012_02d0950.txt >>
RKreport[1]_S_11202012_02d0950.txt
  • 0

#6
VictoriaSquirrel
Posted 20 November 2012 - 03:34 AM

VictoriaSquirrel

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
Sorry to mess you about but the second scan failed to attach. Here it is:-

VS

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-11-20 10:22:14
-----------------------------
10:22:14.853 OS Version: Windows 6.0.6002 Service Pack 2
10:22:14.853 Number of processors: 2 586 0xF02
10:22:14.853 ComputerName: FREESPIRIT-VS UserName: LUKILADY
10:22:41.809 Initialize success
10:23:30.922 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
10:23:30.922 Disk 0 Vendor: Hitachi_HTS541616J9SA00 SB4OC70P Size: 152627MB BusType: 3
10:23:30.984 Disk 0 MBR read successfully
10:23:30.984 Disk 0 MBR scan
10:23:31.000 Disk 0 unknown MBR code
10:23:31.000 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 9993 MB offset 63
10:23:31.016 Disk 0 Partition 2 80 (A) 06 FAT16 NTFS 71453 MB offset 20466810
10:23:31.031 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 71178 MB offset 166802895
10:23:31.047 Disk 0 scanning sectors +312576705
10:23:31.140 Disk 0 scanning C:\Windows\system32\drivers
10:23:40.469 Service scanning
10:23:56.007 Modules scanning
10:24:05.816 Disk 0 trace - called modules:
10:24:05.847 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS intelide.sys
10:24:06.206 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85729480]
10:24:06.206 3 CLASSPNP.SYS[82fdf8b3] -> nt!IofCallDriver -> [0x856494b8]
10:24:06.206 5 acpi.sys[82e916bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x85649030]
10:24:06.221 Scan finished successfully
10:25:08.335 Disk 0 MBR has been saved successfully to "C:\Users\LUKILADY\Desktop\infection\MBR.dat"
10:25:08.351 The log file has been saved successfully to "C:\Users\LUKILADY\Desktop\infection\aswMBR.txt"
-------------
  • 0

#7
Essexboy
Posted 20 November 2012 - 09:01 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
The ghost files will be re-hidden once we tidy up at the end

As it stands I can see no apparent malware on the system .. What are the current problems you are experiencing
  • 0

#8
VictoriaSquirrel
Posted 23 November 2012 - 03:58 AM

VictoriaSquirrel

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
Hello, thanks for bearing with me....

It is constantly crashing -i.e. like losing the electricity. Sometimes I cannot start it up. (yet again it looks like there is no power)I gave my friend a file on my memory stick (plugged in now and for scans) and she told me I had given her a virus - confirmed by her technician. I always try to keep my computer clean and scan daily and have AVG free and scan downloads before opening.

It is a relief to know that you have found nothing viral.

The computer was overheating, and I thought that was why it was crashing. I looked on YouTube how to clean the fan and did so, but I did not take it out of the casing. This improved by 25%. The rest of the internals looked ok, and no dust visible which surprised me. It helped, but did not cure the crashing.

Can anything be done about the CRASHING? I bought a new adapter and cable a few months ago, so I know that is ok.

Thanks again.

VS
  • 0

#9
Essexboy
Posted 23 November 2012 - 06:53 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK lets run a final confirmation that malware is not causing the crashing.. Also was the USB stick reformatted to clear anything on it

Download the latest version of TDSSKiller from here and save it to your Desktop.


  • Doubleclick on TDSSKiller.exe to run the application
    Posted Image
  • Then click on Change parameters.

    Posted Image
  • Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
  • Click the Start Scan button.

  • If a suspicious object is detected, the default action will be Skip, click on Continue.

    Posted Image
  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
  • Get the report by selecting Reports

    Posted Image
  • Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

Please copy and paste its contents on your next reply.
  • 0

#10
VictoriaSquirrel
Posted 24 November 2012 - 02:40 AM

VictoriaSquirrel

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
Hello and thanks. Will do. Comp has crashed 4 times in 20 mins this morning. Last night Explorer kept opening windows- at one point 32, although I was using Chrome. I COULD NOT CLOSE THEM even using Task Manager, had to close computer completely.Computer was unresponsive for along time. Then black screen a couple of times and another crash - then gave up!

It is a big problem to me as I live in Italy on a small sailboat and am attempting to cope with the demands of a solicitor, barrister and court in the UK. (Thankfully not as the defendant!).

More later.

Enjoy your weekend. You and your colleagues are doing a wonderful job for us none too savvy users.

VS
  • 0

Advertisements

#11
Essexboy
Posted 26 November 2012 - 09:09 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Were you able to run TDSSKiller ?
  • 0

#12
VictoriaSquirrel
Posted 26 November 2012 - 09:25 AM

VictoriaSquirrel

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
Hello,

I keep trying, It keeps on crashing. Yesterday I could not run it properly "not responding".Or just crashed. Also the type keeps changing in emails. It seems to have a mind of its own! If I do not manage to get back today and I will try, I have no electricity tomorrow here. There are still ghost icons on desktop. I have not done anything with memory stick. Just left it in for the scans. What do I do?
Thanks VS
  • 0

#13
Essexboy
Posted 26 November 2012 - 09:30 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK having a think about this we may need to use the USB stick for something else
Are you able to access another computer to run these ?

Download the following three programmes to your desktop :


1. WiNTBootIc
2. Windows RC
3. ListParts

Extract wintoboot to your desktop
Insert a USB drive of at least 1GB
Run Wintoboot

Posted Image

Drag and drop the Windows 7 ISO to the programme in the space indicated
Tick the Format box and accept the warnings
Press Do It

You will see it progressing

Posted Image

It will let you know when it is done
Then copy Listparts to the same USB

Posted Image


Insert the USB into the sick computer and start the computer. First ensuring that the system is set to boot from USB
Note: If you are not sure how to do that follow the instructions Here


When you reboot you will see this.
Click repair my computer
Posted Image

Select your operating system
Posted Image

Select Command prompt
Posted Image

At the command prompt type the following :

notepad and press Enter.
The notepad opens. Under File menu select Open.
Select "Computer" and find your flash drive letter and close the notepad.
In the command window type e:\Listparts.exe and press Enter
Note: Replace letter e with the drive letter of your flash drive.
The tool will start to run.
Posted Image
Press Scan button.
It will make a log (results.txt) on the flash drive. Please copy and paste it to your reply.
  • 0

#14
VictoriaSquirrel
Posted 26 November 2012 - 10:11 AM

VictoriaSquirrel

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
Hello,

I finally managed it. I could not find Cure so clicked quarantine. Is this ok?

I have just copied your last post to MS Office so will deal with that now as long as I can stay conected. I oticed you ask about another computer. Regret I only have this one available.

Thanks VS

oooooppppps! I have just had a message that the scan is too long, so have gone to do it again. I may have done something wrong. It could have duplicated as I found it problematic to copy.
Sorry.
  • 0

#15
VictoriaSquirrel
Posted 26 November 2012 - 10:27 AM

VictoriaSquirrel

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
Hello AGAIN - success this time (I think).
I did the scan - found 16 threats - no Cure, so clicked skip,+ continue. At the end of scan - rebooted. Scanned again still 16 threats. Copied report.

Here it is: Will get on with the other instructions now. Thanks VS.

17:18:31.0921 2708 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
17:18:32.0092 2708 ============================================================
17:18:32.0092 2708 Current date / time: 2012/11/26 17:18:32.0092
17:18:32.0092 2708 SystemInfo:
17:18:32.0092 2708
17:18:32.0092 2708 OS Version: 6.0.6002 ServicePack: 2.0
17:18:32.0092 2708 Product type: Workstation
17:18:32.0092 2708 ComputerName: FREESPIRIT-VS
17:18:32.0092 2708 UserName: LUKILADY
17:18:32.0092 2708 Windows directory: C:\Windows
17:18:32.0092 2708 System windows directory: C:\Windows
17:18:32.0092 2708 Processor architecture: Intel x86
17:18:32.0092 2708 Number of processors: 2
17:18:32.0092 2708 Page size: 0x1000
17:18:32.0092 2708 Boot type: Normal boot
17:18:32.0092 2708 ============================================================
17:18:39.0315 2708 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
17:18:39.0331 2708 ============================================================
17:18:39.0331 2708 \Device\Harddisk0\DR0:
17:18:39.0331 2708 MBR partitions:
17:18:39.0331 2708 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x6, StartLBA 0x1384C7A, BlocksNum 0x8B8E955
17:18:39.0331 2708 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x9F135CF, BlocksNum 0x8B054F2
17:18:39.0331 2708 ============================================================
17:18:39.0502 2708 C: <-> \Device\Harddisk0\DR0\Partition1
17:18:39.0721 2708 D: <-> \Device\Harddisk0\DR0\Partition2
17:18:39.0721 2708 ============================================================
17:18:39.0721 2708 Initialize success
17:18:39.0721 2708 ============================================================
17:19:00.0562 4636 ============================================================
17:19:00.0562 4636 Scan started
17:19:00.0562 4636 Mode: Manual; SigCheck; TDLFS;
17:19:00.0562 4636 ============================================================
17:19:01.0920 4636 ================ Scan system memory ========================
17:19:01.0920 4636 System memory - ok
17:19:01.0920 4636 ================ Scan services =============================
17:19:02.0216 4636 [ 01E81C84AD1D0ACC61CF3CFD06632210 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
17:19:02.0450 4636 !SASCORE - ok
17:19:02.0887 4636 [ B33CF4DE909A5B30F526D82053A63C8E ] ABBYY.Licensing.FineReader.Sprint.9.0 C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
17:19:02.0949 4636 ABBYY.Licensing.FineReader.Sprint.9.0 - ok
17:19:03.0168 4636 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
17:19:03.0214 4636 ACPI - ok
17:19:03.0308 4636 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
17:19:03.0339 4636 AdobeARMservice - ok
17:19:03.0448 4636 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:19:03.0495 4636 AdobeFlashPlayerUpdateSvc - ok
17:19:03.0526 4636 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
17:19:03.0573 4636 adp94xx - ok
17:19:03.0604 4636 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys
17:19:03.0651 4636 adpahci - ok
17:19:03.0714 4636 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
17:19:03.0745 4636 adpu160m - ok
17:19:03.0776 4636 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys
17:19:03.0807 4636 adpu320 - ok
17:19:03.0885 4636 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:19:04.0041 4636 AeLookupSvc - ok
17:19:04.0150 4636 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
17:19:04.0213 4636 AFD - ok
17:19:04.0275 4636 [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440 C:\Windows\system32\drivers\agp440.sys
17:19:04.0322 4636 agp440 - ok
17:19:04.0338 4636 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
17:19:04.0384 4636 aic78xx - ok
17:19:04.0431 4636 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
17:19:04.0525 4636 ALG - ok
17:19:04.0540 4636 [ 90395B64600EBB4552E26E178C94B2E4 ] aliide C:\Windows\system32\drivers\aliide.sys
17:19:04.0572 4636 aliide - ok
17:19:04.0572 4636 [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
17:19:04.0634 4636 amdagp - ok
17:19:04.0650 4636 [ 0577DF1D323FE75A739C787893D300EA ] amdide C:\Windows\system32\drivers\amdide.sys
17:19:04.0681 4636 amdide - ok
17:19:04.0712 4636 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
17:19:04.0790 4636 AmdK7 - ok
17:19:04.0806 4636 [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
17:19:04.0915 4636 AmdK8 - ok
17:19:04.0946 4636 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
17:19:05.0024 4636 Appinfo - ok
17:19:05.0289 4636 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:19:05.0336 4636 Apple Mobile Device - ok
17:19:05.0398 4636 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys
17:19:05.0445 4636 arc - ok
17:19:05.0461 4636 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys
17:19:05.0492 4636 arcsas - ok
17:19:05.0523 4636 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:19:05.0570 4636 AsyncMac - ok
17:19:05.0601 4636 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
17:19:05.0632 4636 atapi - ok
17:19:05.0773 4636 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:19:05.0866 4636 AudioEndpointBuilder - ok
17:19:06.0007 4636 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
17:19:06.0054 4636 Audiosrv - ok
17:19:07.0598 4636 [ 7A0F6A3E0E41425B9BA54616B482668A ] AVGIDSAgent C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
17:19:08.0082 4636 AVGIDSAgent - ok
17:19:08.0206 4636 [ 1C8D965BBCAA9EE5DEFDB54743437086 ] AVGIDSDriver C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
17:19:08.0284 4636 AVGIDSDriver - ok
17:19:08.0316 4636 [ C59C9BC3F0612BD207CCDC5D8CB9CE39 ] AVGIDSEH C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
17:19:08.0362 4636 AVGIDSEH - ok
17:19:08.0425 4636 [ C5559DE2EC66CEDE15A1664F6D183D8E ] AVGIDSFilter C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
17:19:08.0487 4636 AVGIDSFilter - ok
17:19:08.0503 4636 [ AE5E9667FA40206796D1BD5BD0427A8A ] AVGIDSShim C:\Windows\system32\DRIVERS\AVGIDSShim.Sys
17:19:08.0565 4636 AVGIDSShim - ok
17:19:08.0659 4636 [ 4E796D3D2C3182B13B3E3B5A2AD4EF0A ] Avgldx86 C:\Windows\system32\DRIVERS\avgldx86.sys
17:19:08.0721 4636 Avgldx86 - ok
17:19:08.0752 4636 [ 5639DE66B37D02BD22DF4CF3155FBA60 ] Avgmfx86 C:\Windows\system32\DRIVERS\avgmfx86.sys
17:19:08.0815 4636 Avgmfx86 - ok
17:19:08.0830 4636 [ D1BAF652EDA0AE70896276A1FB32C2D4 ] Avgrkx86 C:\Windows\system32\DRIVERS\avgrkx86.sys
17:19:08.0877 4636 Avgrkx86 - ok
17:19:08.0940 4636 [ AAF0EBCAD95F2164CFFB544E00392498 ] Avgtdix C:\Windows\system32\DRIVERS\avgtdix.sys
17:19:09.0002 4636 Avgtdix - ok
17:19:09.0096 4636 [ FC2BC51120A945F7C70376495E4E7737 ] avgwd C:\Program Files\AVG\AVG10\avgwdsvc.exe
17:19:09.0158 4636 avgwd - ok
17:19:09.0205 4636 [ 8E287EB3A52FD30C999482C576F4A61B ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
17:19:09.0283 4636 b57nd60x - ok
17:19:09.0314 4636 [ 08015D34F6FDD0B355805BAD978497C3 ] bcm4sbxp C:\Windows\system32\DRIVERS\bcm4sbxp.sys
17:19:09.0408 4636 bcm4sbxp - ok
17:19:09.0423 4636 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
17:19:09.0501 4636 Beep - ok
17:19:09.0548 4636 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
17:19:09.0595 4636 BFE - ok
17:19:09.0657 4636 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll
17:19:09.0735 4636 BITS - ok
17:19:09.0751 4636 blbdrive - ok
17:19:09.0798 4636 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:19:09.0876 4636 bowser - ok
17:19:09.0907 4636 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
17:19:09.0954 4636 BrFiltLo - ok
17:19:09.0985 4636 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
17:19:10.0032 4636 BrFiltUp - ok
17:19:10.0063 4636 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
17:19:10.0110 4636 Browser - ok
17:19:10.0141 4636 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
17:19:10.0250 4636 Brserid - ok
17:19:10.0328 4636 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
17:19:10.0437 4636 BrSerWdm - ok
17:19:10.0453 4636 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
17:19:10.0531 4636 BrUsbMdm - ok
17:19:10.0546 4636 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
17:19:10.0640 4636 BrUsbSer - ok
17:19:10.0656 4636 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
17:19:10.0749 4636 BTHMODEM - ok
17:19:10.0812 4636 [ 5EE02E415744AB14DCB1F2EBC5EB9130 ] Cam5607 C:\Windows\system32\Drivers\BisonC07.sys
17:19:10.0905 4636 Cam5607 - ok
17:19:10.0952 4636 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:19:11.0014 4636 cdfs - ok
17:19:11.0061 4636 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:19:11.0108 4636 cdrom - ok
17:19:11.0155 4636 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
17:19:11.0233 4636 CertPropSvc - ok
17:19:11.0295 4636 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\drivers\circlass.sys
17:19:11.0358 4636 circlass - ok
17:19:11.0420 4636 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
17:19:11.0467 4636 CLFS - ok
17:19:11.0732 4636 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:19:11.0779 4636 clr_optimization_v2.0.50727_32 - ok
17:19:11.0841 4636 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:19:11.0888 4636 clr_optimization_v4.0.30319_32 - ok
17:19:11.0919 4636 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:19:11.0982 4636 CmBatt - ok
17:19:12.0028 4636 [ 45201046C776FFDAF3FC8A0029C581C8 ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:19:12.0060 4636 cmdide - ok
17:19:12.0091 4636 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:19:12.0122 4636 Compbatt - ok
17:19:12.0138 4636 COMSysApp - ok
17:19:12.0169 4636 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
17:19:12.0184 4636 crcdisk - ok
17:19:12.0231 4636 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys
17:19:12.0294 4636 Crusoe - ok
17:19:12.0372 4636 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:19:12.0590 4636 CryptSvc - ok
17:19:12.0684 4636 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:19:13.0011 4636 DcomLaunch - ok
17:19:13.0042 4636 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:19:13.0105 4636 DfsC - ok
17:19:13.0308 4636 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
17:19:13.0510 4636 DFSR - ok
17:19:13.0588 4636 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
17:19:13.0651 4636 Dhcp - ok
17:19:13.0666 4636 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
17:19:13.0713 4636 disk - ok
17:19:13.0760 4636 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:19:13.0822 4636 Dnscache - ok
17:19:13.0900 4636 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
17:19:14.0025 4636 dot3svc - ok
17:19:14.0072 4636 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
17:19:14.0212 4636 DPS - ok
17:19:14.0290 4636 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:19:14.0337 4636 drmkaud - ok
17:19:14.0462 4636 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:19:14.0509 4636 DXGKrnl - ok
17:19:14.0540 4636 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
17:19:14.0634 4636 E1G60 - ok
17:19:14.0712 4636 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
17:19:14.0743 4636 EapHost - ok
17:19:14.0805 4636 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
17:19:14.0836 4636 Ecache - ok
17:19:15.0086 4636 [ F87DDE13D57062DA8EBA2368667D8130 ] eDataSecurity Service C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
17:19:15.0164 4636 eDataSecurity Service - ok
17:19:15.0304 4636 [ 96BCD90ED9235A21629EFFDE5E941FB1 ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
17:19:15.0367 4636 eeCtrl - ok
17:19:15.0663 4636 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:19:15.0757 4636 ehRecvr - ok
17:19:15.0835 4636 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
17:19:15.0897 4636 ehSched - ok
17:19:15.0928 4636 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
17:19:15.0975 4636 ehstart - ok
17:19:16.0100 4636 [ 7A9E8C1BE235D0B0CA784A13FC960B6A ] eLockService C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
17:19:16.0116 4636 eLockService ( UnsignedFile.Multi.Generic ) - warning
17:19:16.0116 4636 eLockService - detected UnsignedFile.Multi.Generic (1)
17:19:16.0194 4636 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys
17:19:16.0256 4636 elxstor - ok
17:19:16.0318 4636 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
17:19:16.0412 4636 EMDMgmt - ok
17:19:16.0443 4636 [ 1FA3F9DF8983873746FA6B72DD7E3C2C ] EMSCR C:\Windows\system32\DRIVERS\EMS7SK.sys
17:19:16.0537 4636 EMSCR - ok
17:19:16.0568 4636 [ B462C73B8B9498A8F0F895B757733698 ] eNet Service C:\Acer\Empowering Technology\eNet\eNet Service.exe
17:19:16.0568 4636 eNet Service ( UnsignedFile.Multi.Generic ) - warning
17:19:16.0568 4636 eNet Service - detected UnsignedFile.Multi.Generic (1)
17:19:16.0615 4636 [ A2580C15D2664D18C3E140C7F98B366C ] eRecoveryService C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
17:19:16.0615 4636 eRecoveryService ( UnsignedFile.Multi.Generic ) - warning
17:19:16.0615 4636 eRecoveryService - detected UnsignedFile.Multi.Generic (1)
17:19:16.0662 4636 [ 9C7487253AAD6BF61F9BC83D50E32CCC ] ESDCR C:\Windows\system32\DRIVERS\ESD7SK.sys
17:19:16.0771 4636 ESDCR - ok
17:19:16.0864 4636 [ D411B3C7005917470F5D9B9C8F48DD96 ] eSettingsService C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
17:19:16.0958 4636 eSettingsService ( UnsignedFile.Multi.Generic ) - warning
17:19:16.0958 4636 eSettingsService - detected UnsignedFile.Multi.Generic (1)
17:19:17.0036 4636 [ 99589D975DA04F8BD31F124428FCC797 ] ESMCR C:\Windows\system32\DRIVERS\ESM7SK.sys
17:19:17.0098 4636 ESMCR - ok
17:19:17.0130 4636 [ 77B0BBFBF3DE22A17922B088ACE0FFD1 ] EUSBMSD C:\Windows\system32\DRIVERS\EUSBMSD.SYS
17:19:17.0176 4636 EUSBMSD - ok
17:19:17.0239 4636 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
17:19:17.0286 4636 EventSystem - ok
17:19:17.0566 4636 [ 54B6E150BFF4A47EB0D204119D262E46 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
17:19:17.0598 4636 EvtEng ( UnsignedFile.Multi.Generic ) - warning
17:19:17.0598 4636 EvtEng - detected UnsignedFile.Multi.Generic (1)
17:19:17.0644 4636 [ 4B36D96340200512C7974307D0F7D8B3 ] ewusbnet C:\Windows\system32\DRIVERS\ewusbnet.sys
17:19:17.0722 4636 ewusbnet - ok
17:19:17.0738 4636 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
17:19:17.0832 4636 exfat - ok
17:19:17.0878 4636 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:19:17.0956 4636 fastfat - ok
17:19:17.0988 4636 [ 63BDADA84951B9C03E641800E176898A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
17:19:18.0144 4636 fdc - ok
17:19:18.0206 4636 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
17:19:18.0268 4636 fdPHost - ok
17:19:18.0315 4636 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
17:19:18.0393 4636 FDResPub - ok
17:19:18.0456 4636 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:19:18.0487 4636 FileInfo - ok
17:19:18.0534 4636 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:19:18.0596 4636 Filetrace - ok
17:19:18.0627 4636 [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
17:19:18.0690 4636 flpydisk - ok
17:19:18.0752 4636 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:19:18.0799 4636 FltMgr - ok
17:19:18.0877 4636 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
17:19:18.0955 4636 FontCache - ok
17:19:19.0064 4636 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
17:19:19.0111 4636 FontCache3.0.0.0 - ok
17:19:19.0126 4636 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:19:19.0251 4636 Fs_Rec - ok
17:19:19.0251 4636 FTDIBUS - ok
17:19:19.0329 4636 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
17:19:19.0376 4636 gagp30kx - ok
17:19:19.0470 4636 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:19:19.0501 4636 GEARAspiWDM - ok
17:19:19.0704 4636 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
17:19:19.0766 4636 gpsvc - ok
17:19:19.0922 4636 [ 626A24ED1228580B9518C01930936DF9 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
17:19:19.0953 4636 gupdate - ok
17:19:19.0969 4636 [ 626A24ED1228580B9518C01930936DF9 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
17:19:20.0000 4636 gupdatem - ok
17:19:20.0078 4636 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:19:20.0156 4636 HdAudAddService - ok
17:19:20.0187 4636 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
17:19:20.0250 4636 HDAudBus - ok
17:19:20.0312 4636 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
17:19:20.0406 4636 HidBth - ok
17:19:20.0437 4636 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
17:19:20.0530 4636 HidIr - ok
17:19:20.0577 4636 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll
17:19:20.0624 4636 hidserv - ok
17:19:20.0655 4636 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:19:20.0702 4636 HidUsb - ok
17:19:20.0749 4636 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:19:20.0811 4636 hkmsvc - ok
17:19:20.0858 4636 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
17:19:20.0889 4636 HpCISSs - ok
17:19:20.0936 4636 [ 46D67209550973257601A533E2AC5785 ] HSFHWAZL C:\Windows\system32\DRIVERS\VSTAZL3.SYS
17:19:20.0998 4636 HSFHWAZL - ok
17:19:21.0154 4636 [ EC36F1D542ED4252390D446BF6D4DFD0 ] HSF_DPV C:\Windows\system32\DRIVERS\VSTDPV3.SYS
17:19:21.0232 4636 HSF_DPV - ok
17:19:21.0264 4636 [ 7E775360ECE92156CED6ED3B1DAF6208 ] HSXHWAZL C:\Windows\system32\DRIVERS\HSXHWAZL.sys
17:19:21.0295 4636 HSXHWAZL ( UnsignedFile.Multi.Generic ) - warning
17:19:21.0310 4636 HSXHWAZL - detected UnsignedFile.Multi.Generic (1)
17:19:21.0342 4636 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:19:21.0451 4636 HTTP - ok
17:19:21.0482 4636 [ 1FC7A63148E4F2BD831DAB0DC732026D ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
17:19:21.0513 4636 hwdatacard - ok
17:19:21.0591 4636 [ A259D3619AA23D4562581067F85E2006 ] hwusbfake C:\Windows\system32\DRIVERS\ewusbfake.sys
17:19:21.0669 4636 hwusbfake - ok
17:19:21.0700 4636 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys
17:19:21.0732 4636 i2omp - ok
17:19:21.0763 4636 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
17:19:21.0825 4636 i8042prt - ok
17:19:21.0872 4636 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
17:19:21.0934 4636 iaStorV - ok
17:19:22.0153 4636 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:19:22.0231 4636 idsvc - ok
17:19:22.0262 4636 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
17:19:22.0293 4636 iirsp - ok
17:19:22.0324 4636 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
17:19:22.0387 4636 IKEEXT - ok
17:19:22.0449 4636 [ 9D64201C9E5AC8D1F088762BA00FF3AB ] int15 C:\Acer\Empowering Technology\eRecovery\int15.sys
17:19:22.0527 4636 int15 - ok
17:19:22.0777 4636 [ 4A705BF2A6F7972F2F2AD8A0D8079F95 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
17:19:22.0917 4636 IntcAzAudAddService - ok
17:19:22.0995 4636 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
17:19:23.0011 4636 intelide - ok
17:19:23.0042 4636 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:19:23.0089 4636 intelppm - ok
17:19:23.0182 4636 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:19:23.0307 4636 IPBusEnum - ok
17:19:23.0370 4636 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:19:23.0526 4636 IpFilterDriver - ok
17:19:23.0604 4636 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:19:23.0682 4636 iphlpsvc - ok
17:19:23.0697 4636 IpInIp - ok
17:19:23.0760 4636 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
17:19:23.0838 4636 IPMIDRV - ok
17:19:23.0916 4636 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
17:19:23.0978 4636 IPNAT - ok
17:19:24.0056 4636 [ E50A95179211B12946F7E035D60AF560 ] irda C:\Windows\system32\DRIVERS\irda.sys
17:19:24.0150 4636 irda - ok
17:19:24.0181 4636 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:19:24.0228 4636 IRENUM - ok
17:19:24.0259 4636 [ CBB0D940221A281BCFEAEA695BD1CDA5 ] Irmon C:\Windows\System32\irmon.dll
17:19:24.0337 4636 Irmon - ok
17:19:24.0352 4636 [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:19:24.0384 4636 isapnp - ok
17:19:24.0493 4636 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
17:19:24.0524 4636 iScsiPrt - ok
17:19:24.0555 4636 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
17:19:24.0586 4636 iteatapi - ok
17:19:24.0618 4636 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
17:19:24.0649 4636 iteraid - ok
17:19:24.0680 4636 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:19:24.0711 4636 kbdclass - ok
17:19:24.0774 4636 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:19:24.0820 4636 kbdhid - ok
17:19:24.0914 4636 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
17:19:24.0976 4636 KeyIso - ok
17:19:25.0039 4636 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:19:25.0086 4636 KSecDD - ok
17:19:25.0132 4636 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
17:19:25.0195 4636 KtmRm - ok
17:19:25.0242 4636 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll
17:19:25.0320 4636 LanmanServer - ok
17:19:25.0460 4636 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:19:25.0538 4636 LanmanWorkstation - ok
17:19:25.0554 4636 Lbd - ok
17:19:25.0663 4636 [ 559C9B7800FAC92FC515CD0003D7C631 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
17:19:25.0694 4636 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
17:19:25.0694 4636 LightScribeService - detected UnsignedFile.Multi.Generic (1)
17:19:25.0756 4636 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:19:25.0803 4636 lltdio - ok
17:19:25.0834 4636 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:19:25.0897 4636 lltdsvc - ok
17:19:25.0928 4636 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:19:26.0022 4636 lmhosts - ok
17:19:26.0068 4636 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
17:19:26.0131 4636 LSI_FC - ok
17:19:26.0146 4636 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
17:19:26.0178 4636 LSI_SAS - ok
17:19:26.0209 4636 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
17:19:26.0256 4636 LSI_SCSI - ok
17:19:26.0287 4636 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
17:19:26.0365 4636 luafv - ok
17:19:26.0412 4636 [ F0435FE3C1EC2659D2BBF073CA0752EE ] massfilter C:\Windows\system32\DRIVERS\massfilter.sys
17:19:26.0474 4636 massfilter - ok
17:19:26.0646 4636 [ 0DB7527DB188C7D967A37BB51BBF3963 ] MBAMSwissArmy C:\Windows\system32\drivers\mbamswissarmy.sys
17:19:26.0708 4636 MBAMSwissArmy - ok
17:19:26.0739 4636 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:19:26.0786 4636 Mcx2Svc - ok
17:19:26.0833 4636 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
17:19:26.0848 4636 mdmxsdk ( UnsignedFile.Multi.Generic ) - warning
17:19:26.0848 4636 mdmxsdk - detected UnsignedFile.Multi.Generic (1)
17:19:26.0880 4636 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys
17:19:26.0942 4636 megasas - ok
17:19:26.0989 4636 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
17:19:27.0051 4636 MMCSS - ok
17:19:27.0114 4636 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
17:19:27.0160 4636 Modem - ok
17:19:27.0192 4636 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:19:27.0270 4636 monitor - ok
17:19:27.0316 4636 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:19:27.0348 4636 mouclass - ok
17:19:27.0426 4636 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:19:27.0472 4636 mouhid - ok
17:19:27.0566 4636 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
17:19:27.0597 4636 MountMgr - ok
17:19:27.0660 4636 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys
17:19:27.0706 4636 mpio - ok
17:19:27.0769 4636 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:19:27.0831 4636 mpsdrv - ok
17:19:27.0972 4636 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
17:19:28.0034 4636 MpsSvc - ok
17:19:28.0050 4636 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
17:19:28.0081 4636 Mraid35x - ok
17:19:28.0112 4636 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:19:28.0159 4636 MRxDAV - ok
17:19:28.0190 4636 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:19:28.0268 4636 mrxsmb - ok
17:19:28.0299 4636 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:19:28.0346 4636 mrxsmb10 - ok
17:19:28.0393 4636 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:19:28.0455 4636 mrxsmb20 - ok
17:19:28.0518 4636 [ 742AED7939E734C36B7E8D6228CE26B7 ] msahci C:\Windows\system32\drivers\msahci.sys
17:19:28.0627 4636 msahci - ok
17:19:28.0642 4636 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:19:28.0689 4636 msdsm - ok
17:19:28.0720 4636 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
17:19:28.0845 4636 MSDTC - ok
17:19:28.0939 4636 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:19:29.0001 4636 Msfs - ok
17:19:29.0064 4636 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:19:29.0095 4636 msisadrv - ok
17:19:29.0157 4636 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:19:29.0220 4636 MSiSCSI - ok
17:19:29.0235 4636 msiserver - ok
17:19:29.0282 4636 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:19:29.0344 4636 MSKSSRV - ok
17:19:29.0407 4636 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:19:29.0469 4636 MSPCLOCK - ok
17:19:29.0500 4636 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:19:29.0547 4636 MSPQM - ok
17:19:29.0594 4636 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:19:29.0625 4636 MsRPC - ok
17:19:29.0688 4636 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
17:19:29.0719 4636 mssmbios - ok
17:19:29.0797 4636 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:19:29.0844 4636 MSTEE - ok
17:19:29.0890 4636 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
17:19:29.0922 4636 Mup - ok
17:19:30.0031 4636 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
17:19:30.0109 4636 napagent - ok
17:19:30.0187 4636 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:19:30.0234 4636 NativeWifiP - ok
17:19:30.0390 4636 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:19:30.0436 4636 NDIS - ok
17:19:30.0499 4636 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:19:30.0546 4636 NdisTapi - ok
17:19:30.0577 4636 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:19:30.0639 4636 Ndisuio - ok
17:19:30.0686 4636 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:19:30.0748 4636 NdisWan - ok
17:19:30.0795 4636 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:19:30.0858 4636 NDProxy - ok
17:19:30.0889 4636 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:19:30.0967 4636 NetBIOS - ok
17:19:30.0998 4636 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
17:19:31.0045 4636 netbt - ok
17:19:31.0107 4636 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
17:19:31.0138 4636 Netlogon - ok
17:19:31.0279 4636 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
17:19:31.0372 4636 Netman - ok
17:19:31.0404 4636 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
17:19:31.0482 4636 netprofm - ok
17:19:31.0560 4636 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:19:31.0606 4636 NetTcpPortSharing - ok
17:19:32.0028 4636 [ A15F219208843A5A210C8CB391384453 ] NETw3v32 C:\Windows\system32\DRIVERS\NETw3v32.sys
17:19:32.0152 4636 NETw3v32 - ok
17:19:32.0262 4636 [ 1D73499A6664B4DA05D750FF83FDB274 ] NETw4v32 C:\Windows\system32\DRIVERS\NETw4v32.sys
17:19:32.0418 4636 NETw4v32 - ok
17:19:32.0652 4636 [ 8DE67BD902095A13329FD82C85A1FA09 ] NETw5v32 C:\Windows\system32\DRIVERS\NETw5v32.sys
17:19:32.0979 4636 NETw5v32 - ok
17:19:33.0057 4636 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
17:19:33.0088 4636 nfrd960 - ok
17:19:33.0135 4636 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:19:33.0213 4636 NlaSvc - ok
17:19:33.0260 4636 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:19:33.0291 4636 Npfs - ok
17:19:33.0338 4636 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
17:19:33.0416 4636 nsi - ok
17:19:33.0478 4636 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:19:33.0525 4636 nsiproxy - ok
17:19:33.0946 4636 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:19:34.0477 4636 Ntfs - ok
17:19:34.0586 4636 [ 7F1C1F78D709C4A54CBB46EDE7E0B48D ] NTIDrvr C:\Windows\system32\DRIVERS\NTIDrvr.sys
17:19:34.0586 4636 NTIDrvr ( UnsignedFile.Multi.Generic ) - warning
17:19:34.0586 4636 NTIDrvr - detected UnsignedFile.Multi.Generic (1)
17:19:34.0633 4636 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
17:19:34.0726 4636 ntrigdigi - ok
17:19:34.0851 4636 [ CF7E041663119E09D2E118521ADA9300 ] NuidFltr C:\Windows\system32\DRIVERS\NuidFltr.sys
17:19:34.0867 4636 NuidFltr - ok
17:19:34.0945 4636 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
17:19:35.0023 4636 Null - ok
17:19:35.0226 4636 [ DCB0F735BB78497F6076177EB7D20214 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:19:35.0772 4636 nvlddmkm - ok
17:19:35.0834 4636 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\DRIVERS\nvraid.sys
17:19:35.0865 4636 nvraid - ok
17:19:35.0912 4636 [ ED399014A8029DE02BA5AE01DA8CC9EE ] nvrd32 C:\Windows\system32\DRIVERS\nvrd32.sys
17:19:35.0974 4636 nvrd32 - ok
17:19:36.0052 4636 [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:19:36.0099 4636 nvstor - ok
17:19:36.0130 4636 [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:19:36.0177 4636 nv_agp - ok
17:19:36.0193 4636 NwlnkFlt - ok
17:19:36.0193 4636 NwlnkFwd - ok
17:19:36.0442 4636 [ 1A008CBB313F7A6644B883AE1829393B ] OAcat C:\Program Files\Online Armor\OAcat.exe
17:19:36.0505 4636 OAcat - ok
17:19:36.0598 4636 [ C0BA927C3A1A62F2BF664F242D91C082 ] OADevice C:\Windows\system32\drivers\OADriver.sys
17:19:36.0661 4636 OADevice - ok
17:19:36.0676 4636 [ C968369E2BC5F6A8426C1E7D78E33F1B ] oahlpXX C:\Windows\system32\drivers\oahlp32.sys
17:19:36.0739 4636 oahlpXX - ok
17:19:36.0786 4636 [ 04E7E92CD91E61E0CC1BDF849032AD81 ] OAmon C:\Windows\system32\drivers\OAmon.sys
17:19:36.0832 4636 OAmon - ok
17:19:36.0942 4636 [ CE879EC1C02AE6434F767CD69B9ACB16 ] OAnet C:\Windows\system32\DRIVERS\oanet.sys
17:19:36.0988 4636 OAnet - ok
17:19:37.0300 4636 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
17:19:37.0347 4636 odserv - ok
17:19:37.0378 4636 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
17:19:37.0472 4636 ohci1394 - ok
17:19:37.0566 4636 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:19:37.0612 4636 ose - ok
17:19:37.0706 4636 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
17:19:37.0753 4636 p2pimsvc - ok
17:19:37.0784 4636 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
17:19:37.0831 4636 p2psvc - ok
17:19:37.0862 4636 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
17:19:37.0940 4636 Parport - ok
17:19:37.0971 4636 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:19:38.0002 4636 partmgr - ok
17:19:38.0049 4636 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
17:19:38.0127 4636 Parvdm - ok
17:19:38.0174 4636 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
17:19:38.0205 4636 PcaSvc - ok
17:19:38.0236 4636 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
17:19:38.0268 4636 pci - ok
17:19:38.0299 4636 [ 3B1901E401473E03EB8C874271E50C26 ] pciide C:\Windows\system32\drivers\pciide.sys
17:19:38.0361 4636 pciide - ok
17:19:38.0392 4636 [ 3BB2244F343B610C29C98035504C9B75 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
17:19:38.0424 4636 pcmcia - ok
17:19:38.0548 4636 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:19:38.0642 4636 PEAUTH - ok
17:19:38.0736 4636 [ 957B82EC80AD7EAD64E5E47DF6B0DC40 ] pfc C:\Windows\system32\drivers\pfc.sys
17:19:38.0782 4636 pfc ( UnsignedFile.Multi.Generic ) - warning
17:19:38.0782 4636 pfc - detected UnsignedFile.Multi.Generic (1)
17:19:39.0048 4636 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
17:19:39.0188 4636 pla - ok
17:19:39.0297 4636 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:19:39.0344 4636 PlugPlay - ok
17:19:39.0469 4636 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
17:19:39.0562 4636 PNRPAutoReg - ok
17:19:39.0640 4636 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
17:19:39.0687 4636 PNRPsvc - ok
17:19:39.0781 4636 [ 437827D69040C0C2565D47B024ED5372 ] Point32 C:\Windows\system32\DRIVERS\point32k.sys
17:19:39.0828 4636 Point32 - ok
17:19:39.0890 4636 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:19:39.0937 4636 PolicyAgent - ok
17:19:40.0015 4636 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:19:40.0062 4636 PptpMiniport - ok
17:19:40.0093 4636 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys
17:19:40.0171 4636 Processor - ok
17:19:40.0280 4636 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
17:19:40.0358 4636 ProfSvc - ok
17:19:40.0374 4636 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
17:19:40.0420 4636 ProtectedStorage - ok
17:19:40.0467 4636 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
17:19:40.0498 4636 PSched - ok
17:19:40.0530 4636 [ C2821F33B846A52FDC25FF554ACF11F2 ] PSDFilter C:\Windows\system32\DRIVERS\psdfilter.sys
17:19:40.0592 4636 PSDFilter - ok
17:19:40.0608 4636 [ 28D3A91FE7791B970E6B15C88F98DFBD ] PSDNServ C:\Windows\system32\drivers\PSDNServ.sys
17:19:40.0670 4636 PSDNServ - ok
17:19:40.0701 4636 [ 3A66F69459052DE13EF8A0F77D728A73 ] psdvdisk C:\Windows\system32\drivers\psdvdisk.sys
17:19:40.0779 4636 psdvdisk - ok
17:19:40.0842 4636 [ D24DFD16A1E2A76034DF5AA18125C35D ] PSI C:\Windows\system32\DRIVERS\psi_mf.sys
17:19:40.0920 4636 PSI - ok
17:19:40.0951 4636 [ C27B8139A223DE0375ABE1613668E2C4 ] PSMounter C:\Windows\system32\drivers\psmounter.sys
17:19:41.0029 4636 PSMounter - ok
17:19:41.0060 4636 [ 3E73DCEBB518CE7A70632A884A60B1FC ] pssnap C:\Windows\system32\DRIVERS\pssnap.sys
17:19:41.0107 4636 pssnap - ok
17:19:41.0200 4636 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys
17:19:41.0263 4636 ql2300 - ok
17:19:41.0356 4636 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
17:19:41.0403 4636 ql40xx - ok
17:19:41.0481 4636 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
17:19:41.0528 4636 QWAVE - ok
17:19:41.0575 4636 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:19:41.0606 4636 QWAVEdrv - ok
17:19:41.0653 4636 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:19:41.0700 4636 RasAcd - ok
17:19:41.0762 4636 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
17:19:41.0856 4636 RasAuto - ok
17:19:41.0887 4636 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:19:41.0949 4636 Rasl2tp - ok
17:19:42.0027 4636 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
17:19:42.0121 4636 RasMan - ok
17:19:42.0183 4636 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:19:42.0230 4636 RasPppoe - ok
17:19:42.0292 4636 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:19:42.0324 4636 RasSstp - ok
17:19:42.0433 4636 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:19:42.0480 4636 rdbss - ok
17:19:42.0542 4636 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:19:42.0589 4636 RDPCDD - ok
17:19:42.0698 4636 [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
17:19:42.0776 4636 rdpdr - ok
17:19:42.0838 4636 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:19:42.0901 4636 RDPENCDD - ok
17:19:42.0948 4636 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:19:43.0041 4636 RDPWD - ok
17:19:43.0119 4636 [ C310203D2ED0CFD0AD68DB638C8DBB25 ] ReflectService.exe C:\Program Files\Macrium\Reflect\ReflectService.exe
17:19:43.0182 4636 ReflectService.exe - ok
17:19:43.0260 4636 [ 3FF45B7F17D5837216ABAE652CC61540 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
17:19:43.0275 4636 RegSrvc ( UnsignedFile.Multi.Generic ) - warning
17:19:43.0275 4636 RegSrvc - detected UnsignedFile.Multi.Generic (1)
17:19:43.0478 4636 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:19:43.0540 4636 RemoteAccess - ok
17:19:43.0603 4636 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:19:43.0650 4636 RemoteRegistry - ok
17:19:43.0759 4636 [ C1C132455200AD4704142442C89D0FA4 ] RichVideo C:\Program Files\CyberLink\Shared Files\RichVideo.exe
17:19:43.0759 4636 RichVideo ( UnsignedFile.Multi.Generic ) - warning
17:19:43.0759 4636 RichVideo - detected UnsignedFile.Multi.Generic (1)
17:19:43.0821 4636 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
17:19:43.0852 4636 RpcLocator - ok
17:19:43.0899 4636 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
17:19:43.0977 4636 RpcSs - ok
17:19:44.0024 4636 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:19:44.0071 4636 rspndr - ok
17:19:44.0164 4636 [ 7436BFD3A542CF6FF55097200031B293 ] RT73 C:\Windows\system32\DRIVERS\rt73.sys
17:19:44.0274 4636 RT73 - ok
17:19:44.0336 4636 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
17:19:44.0367 4636 SamSs - ok
17:19:44.0601 4636 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
17:19:44.0648 4636 SASDIFSV - ok
17:19:44.0866 4636 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
17:19:44.0929 4636 SASKUTIL - ok
17:19:44.0991 4636 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:19:45.0100 4636 sbp2port - ok
17:19:45.0163 4636 [ 0505DA5D357F18A5D42FC5DEDE6BC9A0 ] SBRE C:\Windows\system32\drivers\SBREdrv.sys
17:19:45.0210 4636 SBRE - ok
17:19:45.0288 4636 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:19:45.0397 4636 SCardSvr - ok
17:19:46.0114 4636 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
17:19:47.0066 4636 Schedule - ok
17:19:47.0222 4636 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
17:19:47.0409 4636 SCPolicySvc - ok
17:19:47.0534 4636 [ 8F36B54688C31EED4580129040C6A3D3 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
17:19:47.0581 4636 sdbus - ok
17:19:47.0706 4636 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:19:47.0799 4636 SDRSVC - ok
17:19:47.0830 4636 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:19:47.0893 4636 secdrv - ok
17:19:47.0971 4636 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
17:19:48.0033 4636 seclogon - ok
17:19:48.0470 4636 [ 5B66DB4877BBAC9F7493AA8D84421E49 ] Secunia PSI Agent C:\Program Files\Secunia\PSI\PSIA.exe
17:19:48.0735 4636 Secunia PSI Agent - ok
17:19:49.0032 4636 [ 0E88FDF474F2CDD370A4A6CE77D018F0 ] Secunia Update Agent C:\Program Files\Secunia\PSI\sua.exe
17:19:49.0141 4636 Secunia Update Agent - ok
17:19:49.0234 4636 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
17:19:49.0359 4636 SENS - ok
17:19:49.0406 4636 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
17:19:49.0515 4636 Serenum - ok
17:19:49.0546 4636 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
17:19:49.0687 4636 Serial - ok
17:19:49.0734 4636 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
17:19:49.0780 4636 sermouse - ok
17:19:49.0968 4636 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
17:19:50.0092 4636 SessionEnv - ok
17:19:50.0170 4636 [ 103B79418DA647736EE95645F305F68A ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:19:50.0248 4636 sffdisk - ok
17:19:50.0326 4636 [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:19:50.0451 4636 sffp_mmc - ok
17:19:50.0514 4636 [ 9CFA05FCFCB7124E69CFC812B72F9614 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:19:50.0592 4636 sffp_sd - ok
17:19:50.0638 4636 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
17:19:50.0732 4636 sfloppy - ok
17:19:50.0904 4636 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:19:50.0997 4636 SharedAccess - ok
17:19:51.0060 4636 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:19:51.0106 4636 ShellHWDetection - ok
17:19:51.0138 4636 [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp C:\Windows\system32\drivers\sisagp.sys
17:19:51.0169 4636 sisagp - ok
17:19:51.0231 4636 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
17:19:51.0262 4636 SiSRaid2 - ok
17:19:51.0294 4636 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
17:19:51.0325 4636 SiSRaid4 - ok
17:19:51.0559 4636 [ 388AE59FE75F1B959DFA0900923C61BB ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
17:19:51.0840 4636 Skype C2C Service - ok
17:19:52.0058 4636 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
17:19:52.0089 4636 SkypeUpdate - ok
17:19:52.0152 4636 [ 4723512C035A3A880DB4657705466240 ] SLEE_16_DRIVER C:\Windows\system32\drivers\Sleen16.sys
17:19:52.0214 4636 SLEE_16_DRIVER - ok
17:19:52.0635 4636 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
17:19:52.0760 4636 slsvc - ok
17:19:52.0791 4636 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
17:19:52.0838 4636 SLUINotify - ok
17:19:52.0916 4636 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:19:52.0963 4636 Smb - ok
17:19:52.0994 4636 [ CED16C76469BA00E2AB310857CD4C767 ] SMSCIRDA C:\Windows\system32\DRIVERS\SMSCirda.sys
17:19:53.0056 4636 SMSCIRDA - ok
17:19:53.0181 4636 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:19:53.0212 4636 SNMPTRAP - ok
17:19:53.0275 4636 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
17:19:53.0306 4636 spldr - ok
17:19:53.0353 4636 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
17:19:53.0415 4636 Spooler - ok
17:19:53.0462 4636 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
17:19:53.0509 4636 srv - ok
17:19:53.0602 4636 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:19:53.0743 4636 srv2 - ok
17:19:53.0805 4636 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:19:53.0946 4636 srvnet - ok
17:19:54.0024 4636 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:19:54.0226 4636 SSDPSRV - ok
17:19:54.0336 4636 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:19:54.0382 4636 SstpSvc - ok
17:19:54.0445 4636 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
17:19:54.0492 4636 stisvc - ok
17:19:54.0741 4636 [ A54B4FBC24C4EDE34BEB5F8D8974752A ] SvcOnlineArmor C:\Program Files\Online Armor\oasrv.exe
17:19:55.0162 4636 SvcOnlineArmor - ok
17:19:55.0194 4636 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
17:19:55.0225 4636 swenum - ok
17:19:55.0287 4636 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
17:19:55.0350 4636 swprv - ok
17:19:55.0365 4636 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
17:19:55.0396 4636 Symc8xx - ok
17:19:55.0428 4636 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
17:19:55.0474 4636 Sym_hi - ok
17:19:55.0506 4636 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
17:19:55.0568 4636 Sym_u3 - ok
17:19:55.0646 4636 [ F7A4250BB3E3AFCD4AF100E551509352 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
17:19:55.0693 4636 SynTP - ok
17:19:55.0927 4636 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
17:19:56.0005 4636 SysMain - ok
17:19:56.0083 4636 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:19:56.0208 4636 TabletInputService - ok
17:19:56.0254 4636 [ 0C3B2A9C4BD2DD9A6C2E4084314DD719 ] taphss C:\Windows\system32\DRIVERS\taphss.sys
17:19:56.0301 4636 taphss - ok
17:19:56.0395 4636 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
17:19:56.0442 4636 TapiSrv - ok
17:19:56.0504 4636 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
17:19:56.0582 4636 TBS - ok
17:19:56.0660 4636 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:19:56.0785 4636 Tcpip - ok
17:19:56.0847 4636 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
17:19:56.0894 4636 Tcpip6 - ok
17:19:56.0988 4636 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:19:57.0034 4636 tcpipreg - ok
17:19:57.0097 4636 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:19:57.0159 4636 TDPIPE - ok
17:19:57.0190 4636 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:19:57.0268 4636 TDTCP - ok
17:19:57.0331 4636 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:19:57.0378 4636 tdx - ok
17:19:57.0424 4636 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
17:19:57.0456 4636 TermDD - ok
17:19:57.0596 4636 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
17:19:57.0674 4636 TermService - ok
17:19:57.0721 4636 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
17:19:57.0752 4636 Themes - ok
17:19:57.0783 4636 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
17:19:57.0830 4636 THREADORDER - ok
17:19:57.0892 4636 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
17:19:57.0939 4636 TrkWks - ok
17:19:58.0033 4636 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:19:58.0095 4636 TrustedInstaller - ok
17:19:58.0173 4636 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:19:58.0251 4636 tssecsrv - ok
17:19:58.0314 4636 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
17:19:58.0345 4636 tunmp - ok
17:19:58.0438 4636 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:19:58.0485 4636 tunnel - ok
17:19:58.0548 4636 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
17:19:58.0610 4636 uagp35 - ok
17:19:58.0657 4636 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:19:58.0704 4636 udfs - ok
17:19:58.0766 4636 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:19:58.0844 4636 UI0Detect - ok
17:19:58.0860 4636 UIUSys - ok
17:19:58.0922 4636 [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:19:58.0984 4636 uliagpkx - ok
17:19:59.0016 4636 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys
17:19:59.0078 4636 uliahci - ok
17:19:59.0109 4636 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
17:19:59.0140 4636 UlSata - ok
17:19:59.0172 4636 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
17:19:59.0203 4636 ulsata2 - ok
17:19:59.0265 4636 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:19:59.0359 4636 umbus - ok
17:19:59.0437 4636 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
17:19:59.0499 4636 upnphost - ok
17:19:59.0562 4636 [ EAFE1E00739AFE6C51487A050E772E17 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
17:19:59.0608 4636 USBAAPL - ok
17:19:59.0640 4636 [ 32DB9517628FF0D070682AAB61E688F0 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
17:19:59.0733 4636 usbaudio - ok
17:19:59.0764 4636 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:19:59.0827 4636 usbccgp - ok
17:19:59.0889 4636 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:19:59.0983 4636 usbcir - ok
17:20:00.0030 4636 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:20:00.0108 4636 usbehci - ok
17:20:00.0170 4636 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:20:00.0217 4636 usbhub - ok
17:20:00.0279 4636 [ CE697FEE0D479290D89BEC80DFE793B7 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
17:20:00.0342 4636 usbohci - ok
17:20:00.0388 4636 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:20:00.0435 4636 usbprint - ok
17:20:00.0498 4636 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
17:20:00.0544 4636 usbscan - ok
17:20:00.0576 4636 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:20:00.0638 4636 USBSTOR - ok
17:20:00.0685 4636 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
17:20:00.0763 4636 usbuhci - ok
17:20:00.0841 4636 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
17:20:00.0919 4636 usbvideo - ok
17:20:00.0997 4636 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
17:20:01.0044 4636 UxSms - ok
17:20:01.0106 4636 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
17:20:01.0153 4636 vds - ok
17:20:01.0200 4636 [ 7D92BE0028ECDEDEC74617009084B5EF ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:20:01.0293 4636 vga - ok
17:20:01.0356 4636 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
17:20:01.0402 4636 VgaSave - ok
17:20:01.0449 4636 [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp C:\Windows\system32\drivers\viaagp.sys
17:20:01.0480 4636 viaagp - ok
17:20:01.0512 4636 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
17:20:01.0590 4636 ViaC7 - ok
17:20:01.0621 4636 [ FD2E3175FCADA350C7AB4521DCA187EC ] viaide C:\Windows\system32\drivers\viaide.sys
17:20:01.0652 4636 viaide - ok
17:20:01.0964 4636 [ 184F8F8C967A8455B0397944E864BAE0 ] VmbService C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
17:20:01.0980 4636 VmbService ( UnsignedFile.Multi.Generic ) - warning
17:20:01.0980 4636 VmbService - detected UnsignedFile.Multi.Generic (1)
17:20:02.0073 4636 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:20:02.0104 4636 volmgr - ok
17:20:02.0245 4636 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:20:02.0276 4636 volmgrx - ok
17:20:02.0370 4636 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:20:02.0401 4636 volsnap - ok
17:20:02.0494 4636 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
17:20:02.0557 4636 vsmraid - ok
17:20:02.0806 4636 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
17:20:02.0884 4636 VSS - ok
17:20:02.0962 4636 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
17:20:03.0025 4636 W32Time - ok
17:20:03.0072 4636 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
17:20:03.0165 4636 WacomPen - ok
17:20:03.0196 4636 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
17:20:03.0243 4636 Wanarp - ok
17:20:03.0259 4636 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:20:03.0306 4636 Wanarpv6 - ok
17:20:03.0446 4636 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:20:03.0555 4636 wcncsvc - ok
17:20:03.0602 4636 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:20:03.0633 4636 WcsPlugInService - ok
17:20:03.0696 4636 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys
17:20:03.0758 4636 Wd - ok
17:20:03.0820 4636 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:20:03.0867 4636 Wdf01000 - ok
17:20:03.0914 4636 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:20:03.0976 4636 WdiServiceHost - ok
17:20:03.0992 4636 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:20:04.0039 4636 WdiSystemHost - ok
17:20:04.0117 4636 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
17:20:04.0195 4636 WebClient - ok
17:20:04.0257 4636 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:20:04.0335 4636 Wecsvc - ok
17:20:04.0366 4636 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:20:04.0413 4636 wercplsupport - ok
17:20:04.0460 4636 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
17:20:04.0522 4636 WerSvc - ok
17:20:04.0647 4636 [ 5C7BDCF5864DB00323FE2D90FA26A8A2 ] winachsf C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
17:20:04.0725 4636 winachsf - ok
17:20:04.0928 4636 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
17:20:04.0975 4636 WinDefend - ok
17:20:05.0006 4636 WinHttpAutoProxySvc - ok
17:20:05.0708 4636 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:20:05.0786 4636 Winmgmt - ok
17:20:06.0036 4636 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
17:20:06.0129 4636 WinRM - ok
17:20:06.0238 4636 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
17:20:06.0301 4636 Wlansvc - ok
17:20:06.0504 4636 [ 6067ACEF367E79914AF628FA1E9B5330 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
17:20:06.0566 4636 wlcrasvc - ok
17:20:06.0784 4636 [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:20:06.0847 4636 wlidsvc - ok
17:20:06.0956 4636 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
17:20:07.0034 4636 WmiAcpi - ok
17:20:07.0128 4636 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:20:07.0299 4636 wmiApSrv - ok
17:20:07.0705 4636 [ D4DBD5DF926A2A16F6F148559E006075 ] WMIService C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
17:20:07.0720 4636 WMIService ( UnsignedFile.Multi.Generic ) - warning
17:20:07.0720 4636 WMIService - detected UnsignedFile.Multi.Generic (1)
17:20:07.0908 4636 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
17:20:08.0001 4636 WMPNetworkSvc - ok
17:20:08.0079 4636 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:20:08.0142 4636 WPCSvc - ok
17:20:08.0188 4636 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:20:08.0266 4636 WPDBusEnum - ok
17:20:08.0407 4636 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
17:20:08.0500 4636 WPFFontCache_v0400 - ok
17:20:08.0610 4636 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:20:08.0672 4636 ws2ifsl - ok
17:20:08.0734 4636 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll
17:20:08.0781 4636 wscsvc - ok
17:20:08.0797 4636 WSearch - ok
17:20:09.0078 4636 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
17:20:09.0296 4636 wuauserv - ok
17:20:09.0358 4636 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:20:09.0452 4636 WUDFRd - ok
17:20:09.0499 4636 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:20:09.0561 4636 wudfsvc - ok
17:20:09.0639 4636 [ 5A7FF9A18FF6D7E0527FE3ABF9204EF8 ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys
17:20:09.0639 4636 XAudio ( UnsignedFile.Multi.Generic ) - warning
17:20:09.0639 4636 XAudio - detected UnsignedFile.Multi.Generic (1)
17:20:09.0702 4636 [ 28DC5D626E036A75A572556F0A6EB1F6 ] XAudioService C:\Windows\system32\DRIVERS\xaudio.exe
17:20:09.0733 4636 XAudioService ( UnsignedFile.Multi.Generic ) - warning
17:20:09.0733 4636 XAudioService - detected UnsignedFile.Multi.Generic (1)
17:20:09.0811 4636 [ B8B466103280E45E391E876F05122607 ] ZTEusbmdm6k C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
17:20:09.0858 4636 ZTEusbmdm6k - ok
17:20:09.0904 4636 [ 911BA85906BC7602C73441502ABFB565 ] ZTEusbnet C:\Windows\system32\DRIVERS\ZTEusbnet.sys
17:20:09.0951 4636 ZTEusbnet - ok
17:20:09.0982 4636 [ 69774B89725DDC4781E0EEB9809F3B20 ] ZTEusbnmea C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
17:20:10.0045 4636 ZTEusbnmea - ok
17:20:10.0107 4636 [ B8B466103280E45E391E876F05122607 ] ZTEusbser6k C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
17:20:10.0170 4636 ZTEusbser6k - ok
17:20:10.0216 4636 [ B8B466103280E45E391E876F05122607 ] ZTEusbvoice C:\Windows\system32\DRIVERS\ZTEusbvoice.sys
17:20:10.0248 4636 ZTEusbvoice - ok
17:20:10.0450 4636 ================ Scan global ===============================
17:20:10.0497 4636 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
17:20:10.0544 4636 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
17:20:10.0575 4636 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
17:20:10.0669 4636 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
17:20:10.0684 4636 [Global] - ok
17:20:10.0684 4636 ================ Scan MBR ==================================
17:20:10.0716 4636 [ A863475757CC50891AA8458C415E4B25 ] \Device\Harddisk0\DR0
17:20:14.0132 4636 \Device\Harddisk0\DR0 - ok
17:20:14.0132 4636 ================ Scan VBR ==================================
17:20:14.0163 4636 [ 954B982BAD1DEA35BB6780C0A78FE4B9 ] \Device\Harddisk0\DR0\Partition1
17:20:14.0163 4636 \Device\Harddisk0\DR0\Partition1 - ok
17:20:14.0194 4636 [ FCA3D140B67070A0E61DBA203DD331A9 ] \Device\Harddisk0\DR0\Partition2
17:20:14.0226 4636 \Device\Harddisk0\DR0\Partition2 - ok
17:20:14.0226 4636 ============================================================
17:20:14.0226 4636 Scan finished
17:20:14.0226 4636 ============================================================
17:20:14.0241 4996 Detected object count: 16
17:20:14.0241 4996 Actual detected object count: 16
17:20:25.0863 4996 eLockService ( UnsignedFile.Multi.Generic ) - skipped by user
17:20:25.0863 4996 eLockService ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:20:25.0863 4996 eNet Service ( UnsignedFile.Multi.Generic ) - skipped by user
17:20:25.0863 4996 eNet Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:20:25.0863 4996 eRecoveryService ( UnsignedFile.Multi.Generic ) - skipped by user
17:20:25.0863 4996 eRecoveryService ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:20:25.0863 4996 eSettingsService ( UnsignedFile.Multi.Generic ) - skipped by user
17:20:25.0863 4996 eSettingsService ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:20:25.0879 4996 EvtEng ( UnsignedFile.Multi.Generic ) - skipped by user
17:20:25.0879 4996 EvtEng ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:20:25.0879 4996 HSXHWAZL ( UnsignedFile.Multi.Generic ) - skipped by user
17:20:25.0879 4996 HSXHWAZL ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:20:25.0879 4996 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
17:20:25.0879 4996 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:20:25.0879 4996 mdmxsdk ( UnsignedFile.Multi.Generic ) - skipped by user
17:20:25.0879 4996 mdmxsdk ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:20:25.0879 4996 NTIDrvr ( UnsignedFile.Multi.Generic ) - skipped by user
17:20:25.0879 4996 NTIDrvr ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:20:25.0879 4996 pfc ( UnsignedFile.Multi.Generic ) - skipped by user
17:20:25.0879 4996 pfc ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:20:25.0879 4996 RegSrvc ( UnsignedFile.Multi.Generic ) - skipped by user
17:20:25.0879 4996 RegSrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:20:25.0879 4996 RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user
17:20:25.0879 4996 RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:20:25.0879 4996 VmbService ( UnsignedFile.Multi.Generic ) - skipped by user
17:20:25.0879 4996 VmbService ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:20:25.0894 4996 WMIService ( UnsignedFile.Multi.Generic ) - skipped by user
17:20:25.0894 4996 WMIService ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:20:25.0894 4996 XAudio ( UnsignedFile.Multi.Generic ) - skipped by user
17:20:25.0894 4996 XAudio ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:20:25.0894 4996 XAudioService ( UnsignedFile.Multi.Generic ) - skipped by user
17:20:25.0894 4996 XAudioService ( UnsignedFile.Multi.Generic ) - User select action: Skip 17:18:31.0921 2708 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
17:18:32.0092 2708 ============================================================
17:18:32.0092 2708 Current date / time: 2012/11/26 17:18:32.0092
17:18:32.0092 2708 SystemInfo:
17:18:32.0092 2708
17:18:32.0092 2708 OS Version: 6.0.6002 ServicePack: 2.0
17:18:32.0092 2708 Product type: Workstation
17:18:32.0092 2708 ComputerName: FREESPIRIT-VS
17:18:32.0092 2708 UserName: LUKILADY
17:18:32.0092 2708 Windows directory: C:\Windows
17:18:32.0092 2708 System windows directory: C:\Windows
17:18:32.0092 2708 Processor architecture: Intel x86
17:18:32.0092 2708 Number of processors: 2
17:18:32.0092 2708 Page size: 0x1000
17:18:32.0092 2708 Boot type: Normal boot
17:18:32.0092 2708 ============================================================
17:18:39.0315 2708 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
17:18:39.0331 2708 ============================================================
17:18:39.0331 2708 \Device\Harddisk0\DR0:
17:18:39.0331 2708 MBR partitions:
17:18:39.0331 2708 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x6, StartLBA 0x1384C7A, BlocksNum 0x8B8E955
17:18:39.0331 2708 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x9F135CF, BlocksNum 0x8B054F2
17:18:39.0331 2708 ============================================================
17:18:39.0502 2708 C: <-> \Device\Harddisk0\DR0\Partition1
17:18:39.0721 2708 D: <-> \Device\Harddisk0\DR0\Partition2
17:18:39.0721 2708 ============================================================
17:18:39.0721 2708 Initialize success
17:18:39.0721 2708 ============================================================
17:19:00.0562 4636 ============================================================
17:19:00.0562 4636 Scan started
17:19:00.0562 4636 Mode: Manual; SigCheck; TDLFS;
17:19:00.0562 4636 ============================================================
17:19:01.0920 4636 ================ Scan system memory ========================
17:19:01.0920 4636 System memory - ok
17:19:01.0920 4636 ================ Scan services =============================
17:19:02.0216 4636 [ 01E81C84AD1D0ACC61CF3CFD06632210 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
17:19:02.0450 4636 !SASCORE - ok
17:19:02.0887 4636 [ B33CF4DE909A5B30F526D82053A63C8E ] ABBYY.Licensing.FineReader.Sprint.9.0 C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
17:19:02.0949 4636 ABBYY.Licensing.FineReader.Sprint.9.0 - ok
17:19:03.0168 4636 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
17:19:03.0214 4636 ACPI - ok
17:19:03.0308 4636 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
17:19:03.0339 4636 AdobeARMservice - ok
17:19:03.0448 4636 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:19:03.0495 4636 AdobeFlashPlayerUpdateSvc - ok
17:19:03.0526 4636 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
17:19:03.0573 4636 adp94xx - ok
17:19:03.0604 4636 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys
17:19:03.0651 4636 adpahci - ok
17:19:03.0714 4636 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
17:19:03.0745 4636 adpu160m - ok
17:19:03.0776 4636 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys
17:19:03.0807 4636 adpu320 - ok
17:19:03.0885 4636 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:19:04.0041 4636 AeLookupSvc - ok
17:19:04.0150 4636 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
17:19:04.0213 4636 AFD - ok
17:19:04.0275 4636 [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440 C:\Windows\system32\drivers\agp440.sys
17:19:04.0322 4636 agp440 - ok
17:19:04.0338 4636 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
17:19:04.0384 4636 aic78xx - ok
17:19:04.0431 4636 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
17:19:04.0525 4636 ALG - ok
17:19:04.0540 4636 [ 90395B64600EBB4552E26E178C94B2E4 ] aliide C:\Windows\system32\drivers\aliide.sys
17:19:04.0572 4636 aliide - ok
17:19:04.0572 4636 [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
17:19:04.0634 4636 amdagp - ok
17:19:04.0650 4636 [ 0577DF1D323FE75A739C787893D300EA ] amdide C:\Windows\system32\drivers\amdide.sys
17:19:04.0681 4636 amdide - ok
17:19:04.0712 4636 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
17:19:04.0790 4636 AmdK7 - ok
17:19:04.0806 4636 [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
17:19:04.0915 4636 AmdK8 - ok
17:19:04.0946 4636 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
17:19:05.0024 4636 Appinfo - ok
17:19:05.0289 4636 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:19:05.0336 4636 Apple Mobile Device - ok
17:19:05.0398 4636 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys
17:19:05.0445 4636 arc - ok
17:19:05.0461 4636 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys
17:19:05.0492 4636 arcsas - ok
17:19:05.0523 4636 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:19:05.0570 4636 AsyncMac - ok
17:19:05.0601 4636 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
17:19:05.0632 4636 atapi - ok
17:19:05.0773 4636 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:19:05.0866 4636 AudioEndpointBuilder - ok
17:19:06.0007 4636 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
17:19:06.0054 4636 Audiosrv - ok
17:19:07.0598 4636 [ 7A0F6A3E0E41425B9BA54616B482668A ] AVGIDSAgent C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
17:19:08.0082 4636 AVGIDSAgent - ok
17:19:08.0206 4636 [ 1C8D965BBCAA9EE5DEFDB54743437086 ] AVGIDSDriver C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
17:19:08.0284 4636 AVGIDSDriver - ok
17:19:08.0316 4636 [ C59C9BC3F0612BD207CCDC5D8CB9CE39 ] AVGIDSEH C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
17:19:08.0362 4636 AVGIDSEH - ok
17:19:08.0425 4636 [ C5559DE2EC66CEDE15A1664F6D183D8E ] AVGIDSFilter C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
17:19:08.0487 4636 AVGIDSFilter - ok
17:19:08.0503 4636 [ AE5E9667FA40206796D1BD5BD0427A8A ] AVGIDSShim C:\Windows\system32\DRIVERS\AVGIDSShim.Sys
17:19:08.0565 4636 AVGIDSShim - ok
17:19:08.0659 4636 [ 4E796D3D2C3182B13B3E3B5A2AD4EF0A ] Avgldx86 C:\Windows\system32\DRIVERS\avgldx86.sys
17:19:08.0721 4636 Avgldx86 - ok
17:19:08.0752 4636 [ 5639DE66B37D02BD22DF4CF3155FBA60 ] Avgmfx86 C:\Windows\system32\DRIVERS\avgmfx86.sys
17:19:08.0815 4636 Avgmfx86 - ok
17:19:08.0830 4636 [ D1BAF652EDA0AE70896276A1FB32C2D4 ] Avgrkx86 C:\Windows\system32\DRIVERS\avgrkx86.sys
17:19:08.0877 4636 Avgrkx86 - ok
17:19:08.0940 4636 [ AAF0EBCAD95F2164CFFB544E00392498 ] Avgtdix C:\Windows\system32\DRIVERS\avgtdix.sys
17:19:09.0002 4636 Avgtdix - ok
17:19:09.0096 4636 [ FC2BC51120A945F7C70376495E4E7737 ] avgwd C:\Program Files\AVG\AVG10\avgwdsvc.exe
17:19:09.0158 4636 avgwd - ok
17:19:09.0205 4636 [ 8E287EB3A52FD30C999482C576F4A61B ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
17:19:09.0283 4636 b57nd60x - ok
17:19:09.0314 4636 [ 08015D34F6FDD0B355805BAD978497C3 ] bcm4sbxp C:\Windows\system32\DRIVERS\bcm4sbxp.sys
17:19:09.0408 4636 bcm4sbxp - ok
17:19:09.0423 4636 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
17:19:09.0501 4636 Beep - ok
17:19:09.0548 4636 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
17:19:09.0595 4636 BFE - ok
17:19:09.0657 4636 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll
17:19:09.0735 4636 BITS - ok
17:19:09.0751 4636 blbdrive - ok
17:19:09.0798 4636 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:19:09.0876 4636 bowser - ok
17:19:09.0907 4636 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
17:19:09.0954 4636 BrFiltLo - ok
17:19:09.0985 4636 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
17:19:10.0032 4636 BrFiltUp - ok
17:19:10.0063 4636 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
17:19:10.0110 4636 Browser - ok
17:19:10.0141 4636 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
17:19:10.0250 4636 Brserid - ok
17:19:10.0328 4636 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
17:19:10.0437 4636 BrSerWdm - ok
17:19:10.0453 4636 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
17:19:10.0531 4636 BrUsbMdm - ok
17:19:10.0546 4636 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
17:19:10.0640 4636 BrUsbSer - ok
17:19:10.0656 4636 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
17:19:10.0749 4636 BTHMODEM - ok
17:19:10.0812 4636 [ 5EE02E415744AB14DCB1F2EBC5EB9130 ] Cam5607 C:\Windows\system32\Drivers\BisonC07.sys
17:19:10.0905 4636 Cam5607 - ok
17:19:10.0952 4636 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:19:11.0014 4636 cdfs - ok
17:19:11.0061 4636 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:19:11.0108 4636 cdrom - ok
17:19:11.0155 4636 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
17:19:11.0233 4636 CertPropSvc - ok
17:19:11.0295 4636 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\drivers\circlass.sys
17:19:11.0358 4636 circlass - ok
17:19:11.0420 4636 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
17:19:11.0467 4636 CLFS - ok
17:19:11.0732 4636 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:19:11.0779 4636 clr_optimization_v2.0.50727_32 - ok
17:19:11.0841 4636 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:19:11.0888 4636 clr_optimization_v4.0.30319_32 - ok
17:19:11.0919 4636 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:19:11.0982 4636 CmBatt - ok
17:19:12.0028 4636 [ 45201046C776FFDAF3FC8A0029C581C8 ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:19:12.0060 4636 cmdide - ok
17:19:12.0091 4636 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:19:12.0122 4636 Compbatt - ok
17:19:12.0138 4636 COMSysApp - ok
17:19:12.0169 4636 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
17:19:12.0184 4636 crcdisk - ok
17:19:12.0231 4636 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys
17:19:12.0294 4636 Crusoe - ok
17:19:12.0372 4636 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:19:12.0590 4636 CryptSvc - ok
17:19:12.0684 4636 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:19:13.0011 4636 DcomLaunch - ok
17:19:13.0042 4636 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:19:13.0105 4636 DfsC - ok
17:19:13.0308 4636 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
17:19:13.0510 4636 DFSR - ok
17:19:13.0588 4636 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
17:19:13.0651 4636 Dhcp - ok
17:19:13.0666 4636 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
17:19:13.0713 4636 disk - ok
17:19:13.0760 4636 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:19:13.0822 4636 Dnscache - ok
17:19:13.0900 4636 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
17:19:14.0025 4636 dot3svc - ok
17:19:14.0072 4636 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
17:19:14.0212 4636 DPS - ok
17:19:14.0290 4636 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:19:14.0337 4636 drmkaud - ok
17:19:14.0462 4636 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:19:14.0509 4636 DXGKrnl - ok
17:19:14.0540 4636 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
17:19:14.0634 4636 E1G60 - ok
17:19:14.0712 4636 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
17:19:14.0743 4636 EapHost - ok
17:19:14.0805 4636 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
17:19:14.0836 4636 Ecache - ok
17:19:15.0086 4636 [ F87DDE13D57062DA8EBA2368667D8130 ] eDataSecurity Service C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
17:19:15.0164 4636 eDataSecurity Service - ok
17:19:15.0304 4636 [ 96BCD90ED9235A21629EFFDE5E941FB1 ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
17:19:15.0367 4636 eeCtrl - ok
17:19:15.0663 4636 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:19:15.0757 4636 ehRecvr - ok
17:19:15.0835 4636 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
17:19:15.0897 4636 ehSched - ok
17:19:15.0928 4636 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
17:19:15.0975 4636 ehstart - ok
17:19:16.0100 4636 [ 7A9E8C1BE235D0B0CA784A13FC960B6A ] eLockService C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
17:19:16.0116 4636 eLockService ( UnsignedFile.Multi.Generic ) - warning
17:19:16.0116 4636 eLockService - detected UnsignedFile.Multi.Generic (1)
17:19:16.0194 4636 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys
17:19:16.0256 4636 elxstor - ok
17:19:16.0318 4636 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
17:19:16.0412 4636 EMDMgmt - ok
17:19:16.0443 4636 [ 1FA3F9DF8983873746FA6B72DD7E3C2C ] EMSCR C:\Windows\system32\DRIVERS\EMS7SK.sys
17:19:16.0537 4636 EMSCR - ok
17:19:16.0568 4636 [ B462C73B8B9498A8F0F895B757733698 ] eNet Service C:\Acer\Empowering Technology\eNet\eNet Service.exe
17:19:16.0568 4636 eNet Service ( UnsignedFile.Multi.Generic ) - warning
17:19:16.0568 4636 eNet Service - detected UnsignedFile.Multi.Generic (1)
17:19:16.0615 4636 [ A2580C15D2664D18C3E140C7F98B366C ] eRecoveryService C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
17:19:16.0615 4636 eRecoveryService ( UnsignedFile.Multi.Generic ) - warning
17:19:16.0615 4636 eRecoveryService - detected UnsignedFile.Multi.Generic (1)
17:19:16.0662 4636 [ 9C7487253AAD6BF61F9BC83D50E32CCC ] ESDCR C:\Windows\system32\DRIVERS\ESD7SK.sys
17:19:16.0771 4636 ESDCR - ok
17:19:16.0864 4636 [ D411B3C7005917470F5D9B9C8F48DD96 ] eSettingsService C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
17:19:16.0958 4636 eSettingsService ( UnsignedFile.Multi.Generic ) - warning
17:19:16.0958 4636 eSettingsService - detected UnsignedFile.Multi.Generic (1)
17:19:17.0036 4636 [ 99589D975DA04F8BD31F124428FCC797 ] ESMCR C:\Windows\system32\DRIVERS\ESM7SK.sys
17:19:17.0098 4636 ESMCR - ok
17:19:17.0130 4636 [ 77B0BBFBF3DE22A17922B088ACE0FFD1 ] EUSBMSD C:\Windows\system32\DRIVERS\EUSBMSD.SYS
17:19:17.0176 4636 EUSBMSD - ok
17:19:17.0239 4636 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
17:19:17.0286 4636 EventSystem - ok
17:19:17.0566 4636 [ 54B6E150BFF4A47EB0D204119D262E46 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
17:19:17.0598 4636 EvtEng ( UnsignedFile.Multi.Generic ) - warning
17:19:17.0598 4636 EvtEng - detected UnsignedFile.Multi.Generic (1)
17:19:17.0644 4636 [ 4B36D96340200512C7974307D0F7D8B3 ] ewusbnet C:\Windows\system32\DRIVERS\ewusbnet.sys
17:19:17.0722 4636 ewusbnet - ok
17:19:17.0738 4636 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
17:19:17.0832 4636 exfat - ok
17:19:17.0878 4636 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:19:17.0956 4636 fastfat - ok
17:19:17.0988 4636 [ 63BDADA84951B9C03E641800E176898A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
17:19:18.0144 4636 fdc - ok
17:19:18.0206 4636 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
17:19:18.0268 4636 fdPHost - ok
17:19:18.0315 4636 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
17:19:18.0393 4636 FDResPub - ok
17:19:18.0456 4636 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:19:18.0487 4636 FileInfo - ok
17:19:18.0534 4636 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:19:18.0596 4636 Filetrace - ok
17:19:18.0627 4636 [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
17:19:18.0690 4636 flpydisk - ok
17:19:18.0752 4636 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:19:18.0799 4636 FltMgr - ok
17:19:18.0877 4636 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
17:19:18.0955 4636 FontCache - ok
17:19:19.0064 4636 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
17:19:19.0111 4636 FontCache3.0.0.0 - ok
17:19:19.0126 4636 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:19:19.0251 4636 Fs_Rec - ok
17:19:19.0251 4636 FTDIBUS - ok
17:19:19.0329 4636 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
17:19:19.0376 4636 gagp30kx - ok
17:19:19.0470 4636 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:19:19.0501 4636 GEARAspiWDM - ok
17:19:19.0704 4636 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
17:19:19.0766 4636 gpsvc - ok
17:19:19.0922 4636 [ 626A24ED1228580B9518C01930936DF9 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
17:19:19.0953 4636 gupdate - ok
17:19:19.0969 4636 [ 626A24ED1228580B9518C01930936DF9 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
17:19:20.0000 4636 gupdatem - ok
17:19:20.0078 4636 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:19:20.0156 4636 HdAudAddService - ok
17:19:20.0187 4636 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
17:19:20.0250 4636 HDAudBus - ok
17:19:20.0312 4636 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
17:19:20.0406 4636 HidBth - ok
17:19:20.0437 4636 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
17:19:20.0530 4636 HidIr - ok
17:19:20.0577 4636 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll
17:19:20.0624 4636 hidserv - ok
17:19:20.0655 4636 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:19:20.0702 4636 HidUsb - ok
17:19:20.0749 4636 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:19:20.0811 4636 hkmsvc - ok
17:19:20.0858 4636 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
17:19:20.0889 4636 HpCISSs - ok
17:19:20.0936 4636 [ 46D67209550973257601A533E2AC5785 ] HSFHWAZL C:\Windows\system32\DRIVERS\VSTAZL3.SYS
17:19:20.0998 4636 HSFHWAZL - ok
17:19:21.0154 4636 [ EC36F1D542ED4252390D446BF6D4DFD0 ] HSF_DPV C:\Windows\system32\DRIVERS\VSTDPV3.SYS
17:19:21.0232 4636 HSF_DPV - ok
17:19:21.0264 4636 [ 7E775360ECE92156CED6ED3B1DAF6208 ] HSXHWAZL C:\Windows\system32\DRIVERS\HSXHWAZL.sys
17:19:21.0295 4636 HSXHWAZL ( UnsignedFile.Multi.Generic ) - warning
17:19:21.0310 4636 HSXHWAZL - detected UnsignedFile.Multi.Generic (1)
17:19:21.0342 4636 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:19:21.0451 4636 HTTP - ok
17:19:21.0482 4636 [ 1FC7A63148E4F2BD831DAB0DC732026D ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
17:19:21.0513 4636 hwdatacard - ok
17:19:21.0591 4636 [ A259D3619AA23D4562581067F85E2006 ] hwusbfake C:\Windows\system32\DRIVERS\ewusbfake.sys
17:19:21.0669 4636 hwusbfake - ok
17:19:21.0700 4636 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys
17:19:21.0732 4636 i2omp - ok
17:19:21.0763 4636 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
17:19:21.0825 4636 i8042prt - ok
17:19:21.0872 4636 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
17:19:21.0934 4636 iaStorV - ok
17:19:22.0153 4636 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:19:22.0231 4636 idsvc - ok
17:19:22.0262 4636 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
17:19:22.0293 4636 iirsp - ok
17:19:22.0324 4636 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
17:19:22.0387 4636 IKEEXT - ok
17:19:22.0449 4636 [ 9D64201C9E5AC8D1F088762BA00FF3AB ] int15 C:\Acer\Empowering Technology\eRecovery\int15.sys
17:19:22.0527 4636 int15 - ok
17:19:22.0777 4636 [ 4A705BF2A6F7972F2F2AD8A0D8079F95 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
17:19:22.0917 4636 IntcAzAudAddService - ok
17:19:22.0995 4636 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
17:19:23.0011 4636 intelide - ok
17:19:23.0042 4636 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:19:23.0089 4636 intelppm - ok
17:19:23.0182 4636 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:19:23.0307 4636 IPBusEnum - ok
17:19:23.0370 4636 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:19:23.0526 4636 IpFilterDriver - ok
17:19:23.0604 4636 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:19:23.0682 4636 iphlpsvc - ok
17:19:23.0697 4636 IpInIp - ok
17:19:23.0760 4636 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
17:19:23.0838 4636 IPMIDRV - ok
17:19:23.0916 4636 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
17:19:23.0978 4636 IPNAT - ok
17:19:24.0056 4636 [ E50A95179211B12946F7E035D60AF560 ] irda C:\Windows\system32\DRIVERS\irda.sys
17:19:24.0150 4636 irda - ok
17:19:24.0181 4636 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:19:24.0228 4636 IRENUM - ok
17:19:24.0259 4636 [ CBB0D940221A281BCFEAEA695BD1CDA5 ] Irmon C:\Windows\System32\irmon.dll
17:19:24.0337 4636 Irmon - ok
17:19:24.0352 4636 [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:19:24.0384 4636 isapnp - ok
17:19:24.0493 4636 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
17:19:24.0524 4636 iScsiPrt - ok
17:19:24.0555 4636 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
17:19:24.0586 4636 iteatapi - ok
17:19:24.0618 4636 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
17:19:24.0649 4636 iteraid - ok
17:19:24.0680 4636 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:19:24.0711 4636 kbdclass - ok
17:19:24.0774 4636 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:19:24.0820 4636 kbdhid - ok
17:19:24.0914 4636 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
17:19:24.0976 4636 KeyIso - ok
17:19:25.0039 4636 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:19:25.0086 4636 KSecDD - ok
17:19:25.0132 4636 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
17:19:25.0195 4636 KtmRm - ok
17:19:25.0242 4636 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll
17:19:25.0320 4636 LanmanServer - ok
17:19:25.0460 4636 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:19:25.0538 4636 LanmanWorkstation - ok
17:19:25.0554 4636 Lbd - ok
17:19:25.0663 4636 [ 559C9B7800FAC92FC515CD0003D7C631 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
17:19:25.0694 4636 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
17:19:25.0694 4636 LightScribeService - detected UnsignedFile.Multi.Generic (1)
17:19:25.0756 4636 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:19:25.0803 4636 lltdio - ok
17:19:25.0834 4636 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:19:25.0897 4636 lltdsvc - ok
17:19:25.0928 4636 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:19:26.0022 4636 lmhosts - ok
17:19:26.0068 4636 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
17:19:26.0131 4636 LSI_FC - ok
17:19:26.0146 4636 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
17:19:26.0178 4636 LSI_SAS - ok
17:19:26.0209 4636 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
17:19:26.0256 4636 LSI_SCSI - ok
17:19:26.0287 4636 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
17:19:26.0365 4636 luafv - ok
17:19:26.0412 4636 [ F0435FE3C1EC2659D2BBF073CA0752EE ] massfilter C:\Windows\system32\DRIVERS\massfilter.sys
17:19:26.0474 4636 massfilter - ok
17:19:26.0646 4636 [ 0DB7527DB188C7D967A37BB51BBF3963 ] MBAMSwissArmy C:\Windows\system32\drivers\mbamswissarmy.sys
17:19:26.0708 4636 MBAMSwissArmy - ok
17:19:26.0739 4636 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:19:26.0786 4636 Mcx2Svc - ok
17:19:26.0833 4636 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
17:19:26.0848 4636 mdmxsdk ( UnsignedFile.Multi.Generic ) - warning
17:19:26.0848 4636 mdmxsdk - detected UnsignedFile.Multi.Generic (1)
17:19:26.0880 4636 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys
17:19:26.0942 4636 megasas - ok
17:19:26.0989 4636 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
17:19:27.0051 4636 MMCSS - ok
17:19:27.0114 4636 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
17:19:27.0160 4636 Modem - ok
17:19:27.0192 4636 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:19:27.0270 4636 monitor - ok
17:19:27.0316 4636 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:19:27.0348 4636 mouclass - ok
17:19:27.0426 4636 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:19:27.0472 4636 mouhid - ok
17:19:27.0566 4636 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
17:19:27.0597 4636 MountMgr - ok
17:19:27.0660 4636 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys
17:19:27.0706 4636 mpio - ok
17:19:27.0769 4636 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:19:27.0831 4636 mpsdrv - ok
17:19:27.0972 4636 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
17:19:28.0034 4636 MpsSvc - ok
17:19:28.0050 4636 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
17:19:28.0081 4636 Mraid35x - ok
17:19:28.0112 4636 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:19:28.0159 4636 MRxDAV - ok
17:19:28.0190 4636 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:19:28.0268 4636 mrxsmb - ok
17:19:28.0299 4636 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:19:28.0346 4636 mrxsmb10 - ok
17:19:28.0393 4636 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:19:28.0455 4636 mrxsmb20 - ok
17:19:28.0518 4636 [ 742AED7939E734C36B7E8D6228CE26B7 ] msahci C:\Windows\system32\drivers\msahci.sys
17:19:28.0627 4636 msahci - ok
17:19:28.0642 4636 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:19:28.0689 4636 msdsm - ok
17:19:28.0720 4636 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
17:19:28.0845 4636 MSDTC - ok
17:19:28.0939 4636 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:19:29.0001 4636 Msfs - ok
17:19:29.0064 4636 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:19:29.0095 4636 msisadrv - ok
17:19:29.0157 4636 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:19:29.0220 4636 MSiSCSI - ok
17:19:29.0235 4636 msiserver - ok
17:19:29.0282 4636 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:19:29.0344 4636 MSKSSRV - ok
17:19:29.0407 4636 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:19:29.0469 4636 MSPCLOCK - ok
17:19:29.0500 4636 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:19:29.0547 4636 MSPQM - ok
17:19:29.0594 4636 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:19:29.0625 4636 MsRPC - ok
17:19:29.0688 4636 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
17:19:29.0719 4636 mssmbios - ok
17:19:29.0797 4636 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:19:29.0844 4636 MSTEE - ok
17:19:29.0890 4636 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
17:19:29.0922 4636 Mup - ok
17:19:30.0031 4636 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
17:19:30.0109 4636 napagent - ok
17:19:30.0187 4636 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:19:30.0234 4636 NativeWifiP - ok
17:19:30.0390 4636 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:19:30.0436 4636 NDIS - ok
17:19:30.0499 4636 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:19:30.0546 4636 NdisTapi - ok
17:19:30.0577 4636 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:19:30.0639 4636 Ndisuio - ok
17:19:30.0686 4636 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:19:30.0748 4636 NdisWan - ok
17:19:30.0795 4636 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:19:30.0858 4636 NDProxy - ok
17:19:30.0889 4636 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:19:30.0967 4636 NetBIOS - ok
17:19:30.0998 4636 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
17:19:31.0045 4636 netbt - ok
17:19:31.0107 4636 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
17:19:31.0138 4636 Netlogon - ok
17:19:31.0279 4636 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
17:19:31.0372 4636 Netman - ok
17:19:31.0404 4636 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
17:19:31.0482 4636 netprofm - ok
17:19:31.0560 4636 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:19:31.0606 4636 NetTcpPortSharing - ok
17:19:32.0028 4636 [ A15F219208843A5A210C8CB391384453 ] NETw3v32 C:\Windows\system32\DRIVERS\NETw3v32.sys
17:19:32.0152 4636 NETw3v32 - ok
17:19:32.0262 4636 [ 1D73499A6664B4DA05D750FF83FDB274 ] NETw4v32 C:\Windows\system32\DRIVERS\NETw4v32.sys
17:19:32.0418 4636 NETw4v32 - ok
17:19:32.0652 4636 [ 8DE67BD902095A13329FD82C85A1FA09 ] NETw5v32 C:\Windows\system32\DRIVERS\NETw5v32.sys
17:19:32.0979 4636 NETw5v32 - ok
17:19:33.0057 4636 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
17:19:33.0088 4636 nfrd960 - ok
17:19:33.0135 4636 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:19:33.0213 4636 NlaSvc - ok
17:19:33.0260 4636 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:19:33.0291 4636 Npfs - ok
17:19:33.0338 4636 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
17:19:33.0416 4636 nsi - ok
17:19:33.0478 4636 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:19:33.0525 4636 nsiproxy - ok
17:19:33.0946 4636 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:19:34.0477 4636 Ntfs - ok
17:19:34.0586 4636 [ 7F1C1F78D709C4A54CBB46EDE7E0B48D ] NTIDrvr C:\Windows\system32\DRIVERS\NTIDrvr.sys
17:19:34.0586 4636 NTIDrvr ( UnsignedFile.Multi.Generic ) - warning
17:19:34.0586 4636 NTIDrvr - detected UnsignedFile.Multi.Generic (1)
17:19:34.0633 4636 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
17:19:34.0726 4636 ntrigdigi - ok
17:19:34.0851 4636 [ CF7E041663119E09D2E118521ADA9300 ] NuidFltr C:\Windows\system32\DRIVERS\NuidFltr.sys
17:19:34.0867 4636 NuidFltr - ok
17:19:34.0945 4636 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
17:19:35.0023 4636 Null - ok
17:19:35.0226 4636 [ DCB0F735BB78497F6076177EB7D20214 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:19:35.0772 4636 nvlddmkm - ok
17:19:35.0834 4636 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\DRIVERS\nvraid.sys
17:19:35.0865 4636 nvraid - ok
17:19:35.0912 4636 [ ED399014A8029DE02BA5AE01DA8CC9EE ] nvrd32 C:\Windows\system32\DRIVERS\nvrd32.sys
17:19:35.0974 4636 nvrd32 - ok
17:19:36.0052 4636 [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:19:36.0099 4636 nvstor - ok
17:19:36.0130 4636 [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:19:36.0177 4636 nv_agp - ok
17:19:36.0193 4636 NwlnkFlt - ok
17:19:36.0193 4636 NwlnkFwd - ok
17:19:36.0442 4636 [ 1A008CBB313F7A6644B883AE1829393B ] OAcat C:\Program Files\Online Armor\OAcat.exe
17:19:36.0505 4636 OAcat - ok
17:19:36.0598 4636 [ C0BA927C3A1A62F2BF664F242D91C082 ] OADevice C:\Windows\system32\drivers\OADriver.sys
17:19:36.0661 4636 OADevice - ok
17:19:36.0676 4636 [ C968369E2BC5F6A8426C1E7D78E33F1B ] oahlpXX C:\Windows\system32\drivers\oahlp32.sys
17:19:36.0739 4636 oahlpXX - ok
17:19:36.0786 4636 [ 04E7E92CD91E61E0CC1BDF849032AD81 ] OAmon C:\Windows\system32\drivers\OAmon.sys
17:19:36.0832 4636 OAmon - ok
17:19:36.0942 4636 [ CE879EC1C02AE6434F767CD69B9ACB16 ] OAnet C:\Windows\system32\DRIVERS\oanet.sys
17:19:36.0988 4636 OAnet - ok
17:19:37.0300 4636 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
17:19:37.0347 4636 odserv - ok
17:19:37.0378 4636 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
17:19:37.0472 4636 ohci1394 - ok
17:19:37.0566 4636 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:19:37.0612 4636 ose - ok
17:19:37.0706 4636 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
17:19:37.0753 4636 p2pimsvc - ok
17:19:37.0784 4636 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
17:19:37.0831 4636 p2psvc - ok
17:19:37.0862 4636 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
17:19:37.0940 4636 Parport - ok
17:19:37.0971 4636 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:19:38.0002 4636 partmgr - ok
17:19:38.0049 4636 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
17:19:38.0127 4636 Parvdm - ok
17:19:38.0174 4636 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
17:19:38.0205 4636 PcaSvc - ok
17:19:38.0236 4636 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
17:19:38.0268 4636 pci - ok
17:19:38.0299 4636 [ 3B1901E401473E03EB8C874271E50C26 ] pciide C:\Windows\system32\drivers\pciide.sys
17:19:38.0361 4636 pciide - ok
17:19:38.0392 4636 [ 3BB2244F343B610C29C98035504C9B75 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
17:19:38.0424 4636 pcmcia - ok
17:19:38.0548 4636 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:19:38.0642 4636 PEAUTH - ok
17:19:38.0736 4636 [ 957B82EC80AD7EAD64E5E47DF6B0DC40 ] pfc C:\Windows\system32\drivers\pfc.sys
17:19:38.0782 4636 pfc ( UnsignedFile.Multi.Generic ) - warning
17:19:38.0782 4636 pfc - detected UnsignedFile.Multi.Generic (1)
17:19:39.0048 4636 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
17:19:39.0188 4636 pla - ok
17:19:39.0297 4636 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:19:39.0344 4636 PlugPlay - ok
17:19:39.0469 4636 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
17:19:39.0562 4636 PNRPAutoReg - ok
17:19:39.0640 4636 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
17:19:39.0687 4636 PNRPsvc - ok
17:19:39.0781 4636 [ 437827D69040C0C2565D47B024ED5372 ] Point32 C:\Windows\system32\DRIVERS\point32k.sys
17:19:39.0828 4636 Point32 - ok
17:19:39.0890 4636 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:19:39.0937 4636 PolicyAgent - ok
17:19:40.0015 4636 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:19:40.0062 4636 PptpMiniport - ok
17:19:40.0093 4636 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys
17:19:40.0171 4636 Processor - ok
17:19:40.0280 4636 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
17:19:40.0358 4636 ProfSvc - ok
17:19:40.0374 4636 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
17:19:40.0420 4636 ProtectedStorage - ok
17:19:40.0467 4636 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
17:19:40.0498 4636 PSched - ok
17:19:40.0530 4636 [ C2821F33B846A52FDC25FF554ACF11F2 ] PSDFilter C:\Windows\system32\DRIVERS\psdfilter.sys
17:19:40.0592 4636 PSDFilter - ok
17:19:40.0608 4636 [ 28D3A91FE7791B970E6B15C88F98DFBD ] PSDNServ C:\Windows\system32\drivers\PSDNServ.sys
17:19:40.0670 4636 PSDNServ - ok
17:19:40.0701 4636 [ 3A66F69459052DE13EF8A0F77D728A73 ] psdvdisk C:\Windows\system32\drivers\psdvdisk.sys
17:19:40.0779 4636 psdvdisk - ok
17:19:40.0842 4636 [ D24DFD16A1E2A76034DF5AA18125C35D ] PSI C:\Windows\system32\DRIVERS\psi_mf.sys
17:19:40.0920 4636 PSI - ok
17:19:40.0951 4636 [ C27B8139A223DE0375ABE1613668E2C4 ] PSMounter C:\Windows\system32\drivers\psmounter.sys
17:19:41.0029 4636 PSMounter - ok
17:19:41.0060 4636 [ 3E73DCEBB518CE7A70632A884A60B1FC ] pssnap C:\Windows\system32\DRIVERS\pssnap.sys
17:19:41.0107 4636 pssnap - ok
17:19:41.0200 4636 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys
17:19:41.0263 4636 ql2300 - ok
17:19:41.0356 4636 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
17:19:41.0403 4636 ql40xx - ok
17:19:41.0481 4636 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
17:19:41.0528 4636 QWAVE - ok
17:19:41.0575 4636 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:19:41.0606 4636 QWAVEdrv - ok
17:19:41.0653 4636 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:19:41.0700 4636 RasAcd - ok
17:19:41.0762 4636 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
17:19:41.0856 4636 RasAuto - ok
17:19:41.0887 4636 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:19:41.0949 4636 Rasl2tp - ok
17:19:42.0027 4636 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
17:19:42.0121 4636 RasMan - ok
17:19:42.0183 4636 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:19:42.0230 4636 RasPppoe - ok
17:19:42.0292 4636 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:19:42.0324 4636 RasSstp - ok
17:19:42.0433 4636 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:19:42.0480 4636 rdbss - ok
17:19:42.0542 4636 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:19:42.0589 4636 RDPCDD - ok
17:19:42.0698 4636 [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
17:19:42.0776 4636 rdpdr - ok
17:19:42.0838 4636 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:19:42.0901 4636 RDPENCDD - ok
17:19:42.0948 4636 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:19:43.0041 4636 RDPWD - ok
17:19:43.0119 4636 [ C310203D2ED0CFD0AD68DB638C8DBB25 ] ReflectService.exe C:\Program Files\Macrium\Reflect\ReflectService.exe
17:19:43.0182 4636 ReflectService.exe - ok
17:19:43.0260 4636 [ 3FF45B7F17D5837216ABAE652CC61540 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
17:19:43.0275 4636 RegSrvc ( UnsignedFile.Multi.Generic ) - warning
17:19:43.0275 4636 RegSrvc - detected UnsignedFile.Multi.Generic (1)
17:19:43.0478 4636 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:19:43.0540 4636 RemoteAccess - ok
17:19:43.0603 4636 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:19:43.0650 4636 RemoteRegistry - ok
17:19:43.0759 4636 [ C1C132455200AD4704142442C89D0FA4 ] RichVideo C:\Program Files\CyberLink\Shared Files\RichVideo.exe
17:19:43.0759 4636 RichVideo ( UnsignedFile.Multi.Generic ) - warning
17:19:43.0759 4636 RichVideo - detected UnsignedFile.Multi.Generic (1)
17:19:43.0821 4636 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
17:19:43.0852 4636 RpcLocator - ok
17:19:43.0899 4636 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
17:19:43.0977 4636 RpcSs - ok
17:19:44.0024 4636 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:19:44.0071 4636 rspndr - ok
17:19:44.0164 4636 [ 7436BFD3A542CF6FF55097200031B293 ] RT73 C:\Windows\system32\DRIVERS\rt73.sys
17:19:44.0274 4636 RT73 - ok
17:19:44.0336 4636 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
17:19:44.0367 4636 SamSs - ok
17:19:44.0601 4636 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
17:19:44.0648 4636 SASDIFSV - ok
17:19:44.0866 4636 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
17:19:44.0929 4636 SASKUTIL - ok
17:19:44.0991 4636 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:19:45.0100 4636 sbp2port - ok
17:19:45.0163 4636 [ 0505DA5D357F18A5D42FC5DEDE6BC9A0 ] SBRE C:\Windows\system32\drivers\SBREdrv.sys
17:19:45.0210 4636 SBRE - ok
17:19:45.0288 4636 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:19:45.0397 4636 SCardSvr - ok
17:19:46.0114 4636 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
17:19:47.0066 4636 Schedule - ok
17:19:47.0222 4636 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
17:19:47.0409 4636 SCPolicySvc - ok
17:19:47.0534 4636 [ 8F36B54688C31EED4580129040C6A3D3 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
17:19:47.0581 4636 sdbus - ok
17:19:47.0706 4636 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:19:47.0799 4636 SDRSVC - ok
17:19:47.0830 4636 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:19:47.0893 4636 secdrv - ok
17:19:47.0971 4636 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
17:19:48.0033 4636 seclogon - ok
17:19:48.0470 4636 [ 5B66DB4877BBAC9F7493AA8D84421E49 ] Secunia PSI Agent C:\Program Files\Secunia\PSI\PSIA.exe
17:19:48.0735 4636 Secunia PSI Agent - ok
17:19:49.0032 4636 [ 0E88FDF474F2CDD370A4A6CE77D018F0 ] Secunia Update Agent C:\Program Files\Secunia\PSI\sua.exe
17:19:49.0141 4636 Secunia Update Agent - ok
17:19:49.0234 4636 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
17:19:49.0359 4636 SENS - ok
17:19:49.0406 4636 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
17:19:49.0515 4636 Serenum - ok
17:19:49.0546 4636 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
17:19:49.0687 4636 Serial - ok
17:19:49.0734 4636 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
17:19:49.0780 4636 sermouse - ok
17:19:49.0968 4636 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
17:19:50.0092 4636 SessionEnv - ok
17:19:50.0170 4636 [ 103B79418DA647736EE95645F305F68A ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:19:50.0248 4636 sffdisk - ok
17:19:50.0326 4636 [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:19:50.0451 4636 sffp_mmc - ok
17:19:50.0514 4636 [ 9CFA05FCFCB7124E69CFC812B72F9614 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:19:50.0592 4636 sffp_sd - ok
17:19:50.0638 4636 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
17:19:50.0732 4636 sfloppy - ok
17:19:50.0904 4636 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:19:50.0997 4636 SharedAccess - ok
17:19:51.0060 4636 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:19:51.0106 4636 ShellHWDetection - ok
17:19:51.0138 4636 [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp C:\Windows\system32\drivers\sisagp.sys
17:19:51.0169 4636 sisagp - ok
17:19:51.0231 4636 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
17:19:51.0262 4636 SiSRaid2 - ok
17:19:51.0294 4636 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
17:19:51.0325 4636 SiSRaid4 - ok
17:19:51.0559 4636 [ 388AE59FE75F1B959DFA0900923C61BB ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
17:19:51.0840 4636 Skype C2C Service - ok
17:19:52.0058 4636 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
17:19:52.0089 4636 SkypeUpdate - ok
17:19:52.0152 4636 [ 4723512C035A3A880DB4657705466240 ] SLEE_16_DRIVER C:\Windows\system32\drivers\Sleen16.sys
17:19:52.0214 4636 SLEE_16_DRIVER - ok
17:19:52.0635 4636 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
17:19:52.0760 4636 slsvc - ok
17:19:52.0791 4636 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
17:19:52.0838 4636 SLUINotify - ok
17:19:52.0916 4636 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:19:52.0963 4636 Smb - ok
17:19:52.0994 4636 [ CED16C76469BA00E2AB310857CD4C767 ] SMSCIRDA C:\Windows\system32\DRIVERS\SMSCirda.sys
17:19:53.0056 4636 SMSCIRDA - ok
17:19:53.0181 4636 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:19:53.0212 4636 SNMPTRAP - ok
17:19:53.0275 4636 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
17:19:53.0306 4636 spldr - ok
17:19:53.0353 4636 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
17:19:53.0415 4636 Spooler - ok
17:19:53.0462 4636 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
17:19:53.0509 4636 srv - ok
17:19:53.0602 4636 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:19:53.0743 4636 srv2 - ok
17:19:53.0805 4636 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:19:53.0946 4636 srvnet - ok
17:19:54.0024 4636 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:19:54.0226 4636 SSDPSRV - ok
17:19:54.0336 4636 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:19:54.0382 4636 SstpSvc - ok
17:19:54.0445 4636 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
17:19:54.0492 4636 stisvc - ok
17:19:54.0741 4636 [ A54B4FBC24C4EDE34BEB5F8D8974752A ] SvcOnlineArmor C:\Program Files\Online Armor\oasrv.exe
17:19:55.0162 4636 SvcOnlineArmor - ok
17:19:55.0194 4636 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
17:19:55.0225 4636 swenum - ok
17:19:55.0287 4636 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
17:19:55.0350 4636 swprv - ok
17:19:55.0365 4636 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
17:19:55.0396 4636 Symc8xx - ok
17:19:55.0428 4636 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
17:19:55.0474 4636 Sym_hi - ok
17:19:55.0506 4636 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
17:19:55.0568 4636 Sym_u3 - ok
17:19:55.0646 4636 [ F7A4250BB3E3AFCD4AF100E551509352 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
17:19:55.0693 4636 SynTP - ok
17:19:55.0927 4636 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
17:19:56.0005 4636 SysMain - ok
17:19:56.0083 4636 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:19:56.0208 4636 TabletInputService - ok
17:19:56.0254 4636 [ 0C3B2A9C4BD2DD9A6C2E4084314DD719 ] taphss C:\Windows\system32\DRIVERS\taphss.sys
17:19:56.0301 4636 taphss - ok
17:19:56.0395 4636 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
17:19:56.0442 4636 TapiSrv - ok
17:19:56.0504 4636 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
17:19:56.0582 4636 TBS - ok
17:19:56.0660 4636 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:19:56.0785 4636 Tcpip - ok
17:19:56.0847 4636 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
17:19:56.0894 4636 Tcpip6 - ok
17:19:56.0988 4636 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:19:57.0034 4636 tcpipreg - ok
17:19:57.0097 4636 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:19:57.0159 4636 TDPIPE - ok
17:19:57.0190 4636 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:19:57.0268 4636 TDTCP - ok
17:19:57.0331 4636 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:19:57.0378 4636 tdx - ok
17:19:57.0424 4636 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
17:19:57.0456 4636 TermDD - ok
17:19:57.0596 4636 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
17:19:57.0674 4636 TermService - ok
17:19:57.0721 4636 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
17:19:57.0752 4636 Themes - ok
17:19:57.0783 4636 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
17:19:57.0830 4636 THREADORDER - ok
17:19:57.0892 4636 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
17:19:57.0939 4636 TrkWks - ok
17:19:58.0033 4636 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:19:58.0095 4636 TrustedInstaller - ok
17:19:58.0173 4636 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:19:58.0251 4636 tssecsrv - ok
17:19:58.0314 4636 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
17:19:58.0345 4636 tunmp - ok
17:19:58.0438 4636 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:19:58.0485 4636 tunnel - ok
17:19:58.0548 4636 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
17:19:58.0610 4636 uagp35 - ok
17:19:58.0657 4636 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:19:58.0704 4636 udfs - ok
17:19:58.0766 4636 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:19:58.0844 4636 UI0Detect - ok
17:19:58.0860 4636 UIUSys - ok
17:19:58.0922 4636 [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:19:58.0984 4636 uliagpkx - ok
17:19:59.0016 4636 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys
17:19:59.0078 4636 uliahci - ok
17:19:59.0109 4636 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
17:19:59.0140 4636 UlSata - ok
17:19:59.0172 4636 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
17:19:59.0203 4636 ulsata2 - ok
17:19:59.0265 4636 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:19:59.0359 4636 umbus - ok
17:19:59.0437 4636 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
17:19:59.0499 4636 upnphost - ok
17:19:59.0562 4636 [ EAFE1E00739AFE6C51487A050E772E17 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
17:19:59.0608 4636 USBAAPL - ok
17:19:59.0640 4636 [ 32DB9517628FF0D070682AAB61E688F0 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
17:19:59.0733 4636 usbaudio - ok
17:19:59.0764 4636 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:19:59.0827 4636 usbccgp - ok
17:19:59.0889 4636 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:19:59.0983 4636 usbcir - ok
17:20:00.0030 4636 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:20:00.0108 4636 usbehci - ok
17:20:00.0170 4636 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:20:00.0217 4636 usbhub - ok
17:20:00.0279 4636 [ CE697FEE0D479290D89BEC80DFE793B7 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
17:20:00.0342 4636 usbohci - ok
17:20:00.0388 4636 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:20:00.0435 4636 usbprint - ok
17:20:00.0498 4636 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
17:20:00.0544 4636 usbscan - ok
17:20:00.0576 4636 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:20:00.0638 4636 USBSTOR - ok
17:20:00.0685 4636 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
17:20:00.0763 4636 usbuhci - ok
17:20:00.0841 4636 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
17:20:00.0919 4636 usbvideo - ok
17:20:00.0997 4636 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
17:20:01.0044 4636 UxSms - ok
17:20:01.0106 4636 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
17:20:01.0153 4636 vds - ok
17:20:01.0200 4636 [ 7D92BE0028ECDEDEC74617009084B5EF ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:20:01.0293 4636 vga - ok
17:20:01.0356 4636 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
17:20:01.0402 4636 VgaSave - ok
17:20:01.0449 4636 [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp C:\Windows\system32\drivers\viaagp.sys
17:20:01.0480 4636 viaagp - ok
17:20:01.0512 4636 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
17:20:01.0590 4636 ViaC7 - ok
17:20:01.0621 4636 [ FD2E3175FCADA350C7AB4521DCA187EC ] viaide C:\Windows\system32\drivers\viaide.sys
17:20:01.0652 4636 viaide - ok
17:20:01.0964 4636 [ 184F8F8C967A8455B0397944E864BAE0 ] VmbService C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
17:20:01.0980 4636 VmbService ( UnsignedFile.Multi.Generic ) - warning
17:20:01.0980 4636 VmbService - detected UnsignedFile.Multi.Generic (1)
17:20:02.0073 4636 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:20:02.0104 4636 volmgr - ok
17:20:02.0245 4636 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:20:02.0276 4636 volmgrx - ok
17:20:02.0370 4636 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:20:02.0401 4636 volsnap - ok
17:20:02.0494 4636 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
17:20:02.0557 4636 vsmraid - ok
17:20:02.0806 4636 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
17:20:02.0884 4636 VSS - ok
17:20:02.0962 4636 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
17:20:03.0025 4636 W32Time - ok
17:20:03.0072 4636 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
17:20:03.0165 4636 WacomPen - ok
17:20:03.0196 4636 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
17:20:03.0243 4636 Wanarp - ok
17:20:03.0259 4636 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:20:03.0306 4636 Wanarpv6 - ok
17:20:03.0446 4636 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:20:03.0555 4636 wcncsvc - ok
17:20:03.0602 4636 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:20:03.0633 4636 WcsPlugInService - ok
17:20:03.0696 4636 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys
17:20:03.0758 4636 Wd - ok
17:20:03.0820 4636 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:20:03.0867 4636 Wdf01000 - ok
17:20:03.0914 4636 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:20:03.0976 4636 WdiServiceHost - ok
17:20:03.0992 4636 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:20:04.0039 4636 WdiSystemHost - ok
17:20:04.0117 4636 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
17:20:04.0195 4636 WebClient - ok
17:20:04.0257 4636 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:20:04.0335 4636 Wecsvc - ok
17:20:04.0366 4636 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:20:04.0413 4636 wercplsupport - ok
17:20:04.0460 4636 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
17:20:04.0522 4636 WerSvc - ok
17:20:04.0647 4636 [ 5C7BDCF5864DB00323FE2D90FA26A8A2 ] winachsf C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
17:20:04.0725 4636 winachsf - ok
17:20:04.0928 4636 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
17:20:04.0975 4636 WinDefend - ok
17:20:05.0006 4636 WinHttpAutoProxySvc - ok
17:20:05.0708 4636 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:20:05.0786 4636 Winmgmt - ok
17:20:06.0036 4636 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
17:20:06.0129 4636 WinRM - ok
17:20:06.0238 4636 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
17:20:06.0301 4636 Wlansvc - ok
17:20:06.0504 4636 [ 6067ACEF367E79914AF628FA1E9B5330 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
17:20:06.0566 4636 wlcrasvc - ok
17:20:06.0784 4636 [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:20:06.0847 4636 wlidsvc - ok
17:20:06.0956 4636 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
17:20:07.0034 4636 WmiAcpi - ok
17:20:07.0128 4636 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:20:07.0299 4636 wmiApSrv - ok
17:20:07.0705 4636 [ D4DBD5DF926A2A16F6F148559E006075 ] WMIService C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
17:20:07.0720 4636 WMIService ( UnsignedFile.Multi.Generic ) - warning
17:20:07.0720 4636 WMIService - detected UnsignedFile.Multi.Generic (1)
17:20:07.0908 4636 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
17:20:08.0001 4636 WMPNetworkSvc - ok
17:20:08.0079 4636 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:20:08.0142 4636 WPCSvc - ok
17:20:08.0188 4636 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:20:08.0266 4636 WPDBusEnum - ok
17:20:08.0407 4636 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
17:20:08.0500 4636 WPFFontCache_v0400 - ok
17:20:08.0610 4636 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:20:08.0672 4636 ws2ifsl - ok
17:20:08.0734 4636 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll
17:20:08.0781 4636 wscsvc - ok
17:20:08.0797 4636 WSearch - ok
17:20:09.0078 4636 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
17:20:09.0296 4636 wuauserv - ok
17:20:09.0358 4636 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:20:09.0452 4636 WUDFRd - ok
17:20:09.0499 4636 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:20:09.0561 4636 wudfsvc - ok
17:20:09.0639 4636 [ 5A7FF9A18FF6D7E0527FE3ABF9204EF8 ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys
17:20:09.0639 4636 XAudio ( UnsignedFile.Multi.Generic ) - warning
17:20:09.0639 4636 XAudio - detected UnsignedFile.Multi.Generic (1)
17:20:09.0702 4636 [ 28DC5D626E036A75A572556F0A6EB1F6 ] XAudioService C:\Windows\system32\DRIVERS\xaudio.exe
17:20:09.0733 4636 XAudioService ( UnsignedFile.Multi.Generic ) - warning
17:20:09.0733 4636 XAudioService - detected UnsignedFile.Multi.Generic (1)
17:20:09.0811 4636 [ B8B466103280E45E391E876F05122607 ] ZTEusbmdm6k C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
17:20:09.0858 4636 ZTEusbmdm6k - ok
17:20:09.0904 4636 [ 911BA85906BC7602C73441502ABFB565 ] ZTEusbnet C:\Windows\system32\DRIVERS\ZTEusbnet.sys
17:20:09.0951 4636 ZTEusbnet - ok
17:20:09.0982 4636 [ 69774B89725DDC4781E0EEB9809F3B20 ] ZTEusbnmea C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
17:20:10.0045 4636 ZTEusbnmea - ok
17:20:10.0107 4636 [ B8B466103280E45E391E876F05122607 ] ZTEusbser6k C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
17:20:10.0170 4636 ZTEusbser6k - ok
17:20:10.0216 4636 [ B8B466103280E45E391E876F05122607 ] ZTEusbvoice C:\Windows\system32\DRIVERS\ZTEusbvoice.sys
17:20:10.0248 4636 ZTEusbvoice - ok
17:20:10.0450 4636 ================ Scan global ===============================
17:20:10.0497 4636 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
17:20:10.0544 4636 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
17:20:10.0575 4636 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
17:20:10.0669 4636 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
17:20:10.0684 4636 [Global] - ok
17:20:10.0684 4636 ================ Scan MBR ==================================
17:20:10.0716 4636 [ A863475757CC50891AA8458C415E4B25 ] \Device\Harddisk0\DR0
17:20:14.0132 4636 \Device\Harddisk0\DR0 - ok
17:20:14.0132 4636 ================ Scan VBR ==================================
17:20:14.0163 4636 [ 954B982BAD1DEA35BB6780C0A78FE4B9 ] \Device\Harddisk0\DR0\Partition1
17:20:14.0163 4636 \Device\Harddisk0\DR0\Partition1 - ok
17:20:14.0194 4636 [ FCA3D140B67070A0E61DBA203DD331A9 ] \Device\Harddisk0\DR0\Partition2
17:20:14.0226 4636 \Device\Harddisk0\DR0\Partition2 - ok
17:20:14.0226 4636 ============================================================
17:20:14.0226 4636 Scan finished
17:20:14.0226 4636 ============================================================
17:20:14.0241 4996 Detected object count: 16
17:20:14.0241 4996 Actual detected object count: 16
17:20:25.0863 4996 eLockService ( UnsignedFile.Multi.Generic ) - skipped by user
17:20:25.0863 4996 eLockService ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:20:25.0863 4996 eNet Service ( UnsignedFile.Multi.Generic ) - skipped by user
17:20:25.0863 4996 eNet Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:20:25.0863 4996 eRecoveryService ( UnsignedFile.Multi.Generic ) - skipped by user
17:20:25.0863 4996 eRecoveryService ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:20:25.0863 4996 eSettingsService ( UnsignedFile.Multi.Generic ) - skipped by user
17:20:25.0863 4996 eSettingsService ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:20:25.0879 4996 EvtEng ( UnsignedFile.Multi.Generic ) - skipped by user
17:20:25.0879 4996 EvtEng ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:20:25.0879 4996 HSXHWAZL ( UnsignedFile.Multi.Generic ) - skipped by user
17:20:25.0879 4996 HSXHWAZL ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:20:25.0879 4996 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
17:20:25.0879 4996 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:20:25.0879 4996 mdmxsdk ( UnsignedFile.Multi.Generic ) - skipped by user
17:20:25.0879 4996 mdmxsdk ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:20:25.0879 4996 NTIDrvr ( UnsignedFile.Multi.Generic ) - skipped by user
17:20:25.0879 4996 NTIDrvr ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:20:25.0879 4996 pfc ( UnsignedFile.Multi.Generic ) - skipped by user
17:20:25.0879 4996 pfc ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:20:25.0879 4996 RegSrvc ( UnsignedFile.Multi.Generic ) - skipped by user
17:20:25.0879 4996 RegSrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:20:25.0879 4996 RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user
17:20:25.0879 4996 RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:20:25.0879 4996 VmbService ( UnsignedFile.Multi.Generic ) - skipped by user
17:20:25.0879 4996 VmbService ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:20:25.0894 4996 WMIService ( UnsignedFile.Multi.Generic ) - skipped by user
17:20:25.0894 4996 WMIService ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:20:25.0894 4996 XAudio ( UnsignedFile.Multi.Generic ) - skipped by user
17:20:25.0894 4996 XAudio ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:20:25.0894 4996 XAudioService ( UnsignedFile.Multi.Generic ) - skipped by user
17:20:25.0894 4996 XAudioService ( UnsignedFile.Multi.Generic ) - User select action: Skip
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP