Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Win32:Alureon-AXW trojan and Win32:Malware-gen

Started by beejee , Jan 17 2013 06:04 PM

Page 4 of 6
2
3
4
5
6

Please log in to reply

#46
beejee

Posted 20 January 2013 - 02:09 PM

Member

Topic Starter
Member
48 posts

Sorry. I downloaded the first one.

#47
RKinner

Posted 20 January 2013 - 02:12 PM

Malware Expert

Expert
24,622 posts

OK. If you get another blue screen then try the second one.

#48
beejee

Posted 20 January 2013 - 02:22 PM

Member

Topic Starter
Member
48 posts

Will do. So a bad audio driver can cause a blue screen?

#49
RKinner

Posted 20 January 2013 - 03:39 PM

Malware Expert

Expert
24,622 posts

Any driver can cause a blue screen if it is poorly written or corrupted so that it tries to write to a forbidden area of memory. Your last BSOD was caused by a bad audio driver. Since the HP one was the original, unless it was corrupted you will probably see the BSOD again. If that happens then try to update to the second one since it is much newer.

#50
beejee

Posted 21 January 2013 - 04:31 PM

Member

Topic Starter
Member
48 posts

Was listening to a YouTube video, then another blue screen. Downloaded the other audio driver but the Install Wizard was unable to install it saying, "_ExitError: Error=Error in installation, unknown error."

#51
RKinner

Posted 21 January 2013 - 05:52 PM

Malware Expert

Expert
24,622 posts

Run BlueScreenView.exe again as before and let's see if it is the same error.

#52
beejee

Posted 21 January 2013 - 06:04 PM

Member

Topic Starter
Member
48 posts

==================================================
Dump File : Mini012113-01.dmp
Crash Time : 1/21/2013 3:58:31 PM
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x000000d1
Parameter 1 : 00000000`00000028
Parameter 2 : 00000000`00000002
Parameter 3 : 00000000`00000000
Parameter 4 : fffffa60`0187f65f
Caused By Driver :
Caused By Address :
File Description :
Product Name :
Company :
File Version :
Processor : x64
Crash Address :
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\Windows\Minidump\Mini012113-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 6002
Dump File Size : 274,576
==================================================

==================================================
Dump File : Mini012013-01.dmp
Crash Time : 1/20/2013 8:18:28 AM
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x000000d1
Parameter 1 : 00000000`00000028
Parameter 2 : 00000000`00000002
Parameter 3 : 00000000`00000000
Parameter 4 : fffffa60`0187965f
Caused By Driver : tcpip.sys
Caused By Address : tcpip.sys+7965f
File Description :
Product Name :
Company :
File Version :
Processor : x64
Crash Address : ntoskrnl.exe+57ad0
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\Windows\Minidump\Mini012013-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 6002
Dump File Size : 274,576
==================================================

==================================================
Dump File : Mini011913-01.dmp
Crash Time : 1/19/2013 10:11:24 AM
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x000000d1
Parameter 1 : 00000000`00000028
Parameter 2 : 00000000`00000002
Parameter 3 : 00000000`00000000
Parameter 4 : fffffa60`0188565f
Caused By Driver : mraid35x.sys
Caused By Address : mraid35x.sys+89865f
File Description :
Product Name :
Company :
File Version :
Processor : x64
Crash Address : ntoskrnl.exe+57ad0
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\Windows\Minidump\Mini011913-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 6002
Dump File Size : 274,576
==================================================

==================================================
Dump File : Mini011813-02.dmp
Crash Time : 1/18/2013 9:06:01 PM
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x000000d1
Parameter 1 : 00000000`00000028
Parameter 2 : 00000000`00000002
Parameter 3 : 00000000`00000000
Parameter 4 : fffffa60`0187b65f
Caused By Driver : tcpip.sys
Caused By Address : tcpip.sys+7965f
File Description :
Product Name :
Company :
File Version :
Processor : x64
Crash Address : ntoskrnl.exe+57ad0
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\Windows\Minidump\Mini011813-02.dmp
Processors Count : 2
Major Version : 15
Minor Version : 6002
Dump File Size : 274,576
==================================================

==================================================
Dump File : Mini011813-01.dmp
Crash Time : 1/18/2013 4:06:54 PM
Bug Check String : SYSTEM_THREAD_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000007e
Parameter 1 : ffffffff`c0000005
Parameter 2 : fffff800`023913a0
Parameter 3 : fffffa60`021e0908
Parameter 4 : fffffa60`021e02e0
Caused By Driver : CLFS.SYS
Caused By Address : CLFS.SYS+1b85b40
File Description :
Product Name :
Company :
File Version :
Processor : x64
Crash Address : ntoskrnl.exe+1353a0
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\Windows\Minidump\Mini011813-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 6002
Dump File Size : 274,576
==================================================

#53
RKinner

Posted 21 January 2013 - 06:38 PM

Malware Expert

Expert
24,622 posts

It's not the sound this time.

Something odd in your BlueScreenView logs. One time mraid35x.sys is supposed to be the culprit but I have no idea why it would be running. Speccy says you are not using RAID which is what it is supposed to do.

Can you attach the files

C:\Windows\Minidump\Mini012113-01.dmp

and

C:\Windows\Minidump\Mini012013-01.dmp

Copy the text in the code box:

/md5start
mraid35x.sys
tcpip.sys
/md5stop

Run OTL (Vista or Win 7 => right click and Run As Administrator)

Paste (Ctrl + v) the copied text in the box where it says Custom Scan/Fixes

Select the All option in the Services and Drivers groups then Run Scan.

You should get two logs. Please copy and paste both of them.

Let's try the BIOS. I think this is the latest BIOS:

http://h10025.www1.h...979324&sw_lang=

(Do not turn off the PC until this is finished)

Then let's make sure we have the latest chipset utility:

http://www.intel.com.../support/detect

#54
beejee

Posted 21 January 2013 - 07:29 PM

Member

Topic Starter
Member
48 posts

Control panel says audio is working, but now the sound symbol on the keyboard is red and I cannot get it to turn on.

I tried to attch .dmp files but it says I'm not allowed to open the files.

#55
beejee

Posted 21 January 2013 - 07:33 PM

Member

Topic Starter
Member
48 posts

OTL logfile created on: 1/21/2013 7:19:40 PM - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jeannene\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.90 Gb Total Physical Memory | 2.35 Gb Available Physical Memory | 60.16% Memory free
8.03 Gb Paging File | 6.22 Gb Available in Paging File | 77.39% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 286.41 Gb Total Space | 152.55 Gb Free Space | 53.26% Space Free | Partition Type: NTFS
Drive D: | 11.68 Gb Total Space | 1.90 Gb Free Space | 16.25% Space Free | Partition Type: NTFS

Computer Name: LAPTOP2 | User Name: Jeannene | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/01/16 14:10:49 | 000,917,400 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013/01/13 08:42:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jeannene\Desktop\OTL.exe
PRC - [2012/12/18 08:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/10/30 17:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/10/30 17:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/09/26 07:37:44 | 000,060,512 | ---- | M] (NirSoft) -- C:\Program Files (x86)\NirSoft\BlueScreenView\BlueScreenView.exe
PRC - [2011/07/28 17:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2009/03/09 18:54:12 | 000,365,952 | ---- | M] () -- C:\Program Files (x86)\SMINST\BLService.exe
PRC - [2009/01/29 16:20:49 | 000,057,344 | ---- | M] (SlySoft, Inc.) -- C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe
PRC - [2009/01/26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe

========== Modules (No Company Name) ==========

MOD - [2013/01/16 14:10:52 | 003,022,232 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011/07/28 17:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/07/28 17:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe

========== Services (All) ==========

SRV:64bit: - [2012/10/30 17:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2012/07/11 12:54:58 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)
SRV:64bit: - [2012/06/02 16:19:43 | 002,428,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:64bit: - [2012/06/01 18:20:42 | 000,174,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV:64bit: - [2011/11/16 10:43:13 | 000,442,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\winhttp.dll -- (WinHttpAutoProxySvc)
SRV:64bit: - [2011/11/16 08:34:41 | 000,011,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:64bit: - [2011/11/16 08:34:41 | 000,011,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage)
SRV:64bit: - [2011/11/16 08:34:41 | 000,011,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (Netlogon)
SRV:64bit: - [2011/11/16 08:34:41 | 000,011,264 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (KeyIso)
SRV:64bit: - [2011/09/14 14:01:18 | 001,147,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\FntCache.dll -- (FontCache)
SRV:64bit: - [2011/03/02 10:12:21 | 000,117,760 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:64bit: - [2010/11/06 05:18:13 | 000,855,040 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:64bit: - [2010/09/06 12:28:38 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:64bit: - [2010/08/17 08:54:20 | 000,273,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:64bit: - [2010/07/21 14:53:06 | 000,654,112 | ---- | M] (Apple Inc.) [On_Demand | Stopped] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV:64bit: - [2010/02/18 07:49:59 | 000,225,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\iphlpsvc.dll -- (iphlpsvc)
SRV:64bit: - [2009/07/11 13:11:20 | 000,615,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc)
SRV:64bit: - [2009/07/10 05:51:23 | 000,302,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (Themes)
SRV:64bit: - [2009/07/10 05:51:23 | 000,302,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV:64bit: - [2009/06/10 05:53:17 | 000,203,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)
SRV:64bit: - [2009/04/11 01:11:31 | 001,092,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WsmSvc.dll -- (WinRM)
SRV:64bit: - [2009/04/11 01:11:31 | 000,074,752 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:64bit: - [2009/04/11 01:11:29 | 000,221,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:64bit: - [2009/04/11 01:11:28 | 001,491,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (Eventlog)
SRV:64bit: - [2009/04/11 01:11:28 | 000,581,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wcncsvc.dll -- (wcncsvc)
SRV:64bit: - [2009/04/11 01:11:28 | 000,572,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:64bit: - [2009/04/11 01:11:28 | 000,218,624 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\webclnt.dll -- (WebClient)
SRV:64bit: - [2009/04/11 01:11:27 | 000,372,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\w32time.dll -- (W32Time)
SRV:64bit: - [2009/04/11 01:11:27 | 000,313,344 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:64bit: - [2009/04/11 01:11:27 | 000,032,768 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\uxsms.dll -- (UxSms)
SRV:64bit: - [2009/04/11 01:11:26 | 000,886,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\sysmain.dll -- (SysMain)
SRV:64bit: - [2009/04/11 01:11:26 | 000,547,328 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\termsrv.dll -- (TermService)
SRV:64bit: - [2009/04/11 01:11:26 | 000,480,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:64bit: - [2009/04/11 01:11:26 | 000,318,976 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV:64bit: - [2009/04/11 01:11:24 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SLUINotify.dll -- (SLUINotify)
SRV:64bit: - [2009/04/11 01:11:23 | 000,719,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:64bit: - [2009/04/11 01:11:23 | 000,719,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:64bit: - [2009/04/11 01:11:23 | 000,206,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\regsvc.dll -- (RemoteRegistry)
SRV:64bit: - [2009/04/11 01:11:23 | 000,147,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SCardSvr.dll -- (SCardSvr)
SRV:64bit: - [2009/04/11 01:11:22 | 001,081,856 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:64bit: - [2009/04/11 01:11:22 | 000,409,600 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\qagentRT.dll -- (napagent)
SRV:64bit: - [2009/04/11 01:11:22 | 000,309,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:64bit: - [2009/04/11 01:11:22 | 000,178,176 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:64bit: - [2009/04/11 01:11:20 | 000,836,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\p2psvc.dll -- (PNRPsvc)
SRV:64bit: - [2009/04/11 01:11:20 | 000,836,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\p2psvc.dll -- (PNRPAutoReg)
SRV:64bit: - [2009/04/11 01:11:20 | 000,836,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\p2psvc.dll -- (p2psvc)
SRV:64bit: - [2009/04/11 01:11:20 | 000,836,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\p2psvc.dll -- (p2pimsvc)
SRV:64bit: - [2009/04/11 01:11:15 | 000,719,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\gpsvc.dll -- (gpsvc)
SRV:64bit: - [2009/04/11 01:11:15 | 000,603,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mpssvc.dll -- (MpsSvc)
SRV:64bit: - [2009/04/11 01:11:15 | 000,533,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\ipsecsvc.dll -- (PolicyAgent)
SRV:64bit: - [2009/04/11 01:11:15 | 000,454,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\ikeext.dll -- (IKEEXT)
SRV:64bit: - [2009/04/11 01:11:15 | 000,024,064 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV:64bit: - [2009/04/11 01:11:14 | 000,399,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\emdmgmt.dll -- (EMDMgmt)
SRV:64bit: - [2009/04/11 01:11:14 | 000,361,984 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV:64bit: - [2009/04/11 01:11:14 | 000,268,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcsvc.dll -- (Dhcp)
SRV:64bit: - [2009/04/11 01:11:14 | 000,208,896 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:64bit: - [2009/04/11 01:11:13 | 000,458,240 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bfe.dll -- (BFE)
SRV:64bit: - [2009/04/11 01:11:13 | 000,446,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\Audiosrv.dll -- (AudioSrv)
SRV:64bit: - [2009/04/11 01:11:13 | 000,446,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\Audiosrv.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2009/04/11 01:11:13 | 000,053,760 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\bthserv.dll -- (BthServ)
SRV:64bit: - [2009/04/11 01:11:13 | 000,049,664 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\certprop.dll -- (SCPolicySvc)
SRV:64bit: - [2009/04/11 01:11:13 | 000,049,664 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\certprop.dll -- (CertPropSvc)
SRV:64bit: - [2009/04/11 01:11:10 | 000,209,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wbem\WmiApSrv.exe -- (wmiApSrv)
SRV:64bit: - [2009/04/11 01:11:03 | 001,433,600 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vssvc.exe -- (VSS)
SRV:64bit: - [2009/04/11 01:11:00 | 000,454,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vds.exe -- (vds)
SRV:64bit: - [2009/04/11 01:10:50 | 000,597,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SearchIndexer.exe -- (WSearch)
SRV:64bit: - [2009/04/11 01:10:35 | 002,582,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SLsvc.exe -- (slsvc)
SRV:64bit: - [2009/04/11 01:10:29 | 000,125,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msiexec.exe -- (msiserver)
SRV:64bit: - [2009/04/11 01:10:08 | 003,433,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DFSR.exe -- (DFSR)
SRV:64bit: - [2008/08/26 08:02:20 | 000,016,896 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Program Files\LSI SoftModem\agr64svc.exe -- (AgereModemAudio)
SRV:64bit: - [2008/03/18 17:25:40 | 000,023,040 | ---- | M] (Hewlett-Packard Corporation) [Auto | Running] -- C:\Windows\SysNative\Hpservice.exe -- (hpsrv)
SRV:64bit: - [2008/01/20 20:52:15 | 001,216,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV:64bit: - [2008/01/20 20:52:00 | 000,173,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wpcsvc.dll -- (WPCSvc)
SRV:64bit: - [2008/01/20 20:51:38 | 000,092,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wpdbusenum.dll -- (WPDBusEnum)
SRV:64bit: - [2008/01/20 20:51:33 | 000,067,072 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\Mcx2Svc.dll -- (Mcx2Svc)
SRV:64bit: - [2008/01/20 20:51:19 | 000,141,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\sstpsvc.dll -- (SstpSvc)
SRV:64bit: - [2008/01/20 20:51:16 | 000,040,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\UI0Detect.exe -- (UI0Detect)
SRV:64bit: - [2008/01/20 20:51:03 | 000,117,248 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\trkwks.dll -- (TrkWks)
SRV:64bit: - [2008/01/20 20:51:01 | 000,344,576 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\upnphost.dll -- (upnphost)
SRV:64bit: - [2008/01/20 20:50:59 | 001,373,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\pla.dll -- (pla)
SRV:64bit: - [2008/01/20 20:50:34 | 000,154,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\iscsiexe.dll -- (MSiSCSI)
SRV:64bit: - [2008/01/20 20:50:27 | 000,206,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:64bit: - [2008/01/20 20:50:17 | 000,074,752 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
SRV:64bit: - [2008/01/20 20:50:14 | 000,296,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lltdsvc.dll -- (lltdsvc)
SRV:64bit: - [2008/01/20 20:50:09 | 000,066,560 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\WUDFSvc.dll -- (wudfsvc)
SRV:64bit: - [2008/01/20 20:50:06 | 000,024,064 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lmhsvc.dll -- (lmhosts)
SRV:64bit: - [2008/01/20 20:49:59 | 000,074,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sessenv.dll -- (SessionEnv)
SRV:64bit: - [2008/01/20 20:49:56 | 000,037,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\mmcss.dll -- (THREADORDER)
SRV:64bit: - [2008/01/20 20:49:56 | 000,037,888 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:64bit: - [2008/01/20 20:49:46 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ssdpsrv.dll -- (SSDPSRV)
SRV:64bit: - [2008/01/20 20:49:42 | 000,024,576 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:64bit: - [2008/01/20 20:49:33 | 000,061,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\sens.dll -- (SENS)
SRV:64bit: - [2008/01/20 20:49:15 | 000,081,920 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wdi.dll -- (WdiSystemHost)
SRV:64bit: - [2008/01/20 20:49:15 | 000,081,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wdi.dll -- (WdiServiceHost)
SRV:64bit: - [2008/01/20 20:49:11 | 000,103,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:64bit: - [2008/01/20 20:49:09 | 000,139,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dps.dll -- (DPS)
SRV:64bit: - [2008/01/20 20:49:09 | 000,028,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:64bit: - [2008/01/20 20:49:04 | 000,086,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\kmsvc.dll -- (hkmsvc)
SRV:64bit: - [2008/01/20 20:49:02 | 000,120,832 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\WerSvc.dll -- (WerSvc)
SRV:64bit: - [2008/01/20 20:49:02 | 000,065,536 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\tbssvc.dll -- (TBS)
SRV:64bit: - [2008/01/20 20:48:40 | 000,304,128 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\netprofm.dll -- (netprofm)
SRV:64bit: - [2008/01/20 20:48:39 | 000,231,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wecsvc.dll -- (Wecsvc)
SRV:64bit: - [2008/01/20 20:48:29 | 000,015,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\fdPHost.dll -- (fdPHost)
SRV:64bit: - [2008/01/20 20:48:26 | 000,088,064 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\mprdim.dll -- (RemoteAccess)
SRV:64bit: - [2008/01/20 20:48:24 | 000,098,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:64bit: - [2008/01/20 20:48:21 | 000,093,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ipbusenum.dll -- (IPBusEnum)
SRV:64bit: - [2008/01/20 20:48:19 | 000,395,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\msdtckrm.dll -- (KtmRm)
SRV:64bit: - [2008/01/20 20:48:19 | 000,106,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msdtc.exe -- (MSDTC)
SRV:64bit: - [2008/01/20 20:48:17 | 000,045,056 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:64bit: - [2008/01/20 20:48:16 | 000,080,896 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:64bit: - [2008/01/20 20:48:10 | 000,348,160 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:64bit: - [2008/01/20 20:48:03 | 000,342,016 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:64bit: - [2008/01/20 20:47:55 | 000,079,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\pcasvc.dll -- (PcaSvc)
SRV:64bit: - [2008/01/20 20:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2008/01/20 20:47:30 | 000,284,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\qwave.dll -- (QWAVE)
SRV:64bit: - [2008/01/20 20:47:28 | 000,128,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SDRSVC.dll -- (SDRSVC)
SRV:64bit: - [2006/11/02 09:03:19 | 000,084,992 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\TabSvc.dll -- (TabletInputService)
SRV:64bit: - [2006/11/02 05:19:10 | 000,085,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wercplsupport.dll -- (wercplsupport)
SRV:64bit: - [2006/11/02 05:19:10 | 000,039,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WcsPlugInService.dll -- (WcsPlugInService)
SRV:64bit: - [2006/11/02 05:17:22 | 000,033,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\fdrespub.dll -- (FDResPub)
SRV:64bit: - [2006/11/02 05:16:28 | 000,026,624 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:64bit: - [2006/11/02 05:16:12 | 000,014,336 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\snmptrap.exe -- (SNMPTRAP)
SRV:64bit: - [2006/11/02 05:15:56 | 000,008,704 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\locator.exe -- (RpcLocator)
SRV:64bit: - [2006/11/02 05:15:49 | 000,008,704 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dllhost.exe -- (COMSysApp)
SRV - [2013/01/18 22:15:58 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/01/16 14:10:51 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/12/18 08:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/06/01 18:02:32 | 000,133,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc)
SRV - [2011/11/16 10:23:44 | 000,377,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2011/07/20 05:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2010/06/10 20:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/07/10 05:47:42 | 000,247,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (Themes)
SRV - [2009/07/10 05:47:42 | 000,247,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
SRV - [2009/04/17 17:44:24 | 000,112,128 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe -- (HP Health Check Service)
SRV - [2009/04/11 01:10:58 | 000,042,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\servicing\TrustedInstaller.exe -- (TrustedInstaller)
SRV - [2009/04/11 00:28:26 | 000,747,008 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\WsmSvc.dll -- (WinRM)
SRV - [2009/04/11 00:28:25 | 000,413,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\wcncsvc.dll -- (wcncsvc)
SRV - [2009/04/11 00:28:25 | 000,199,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\WebClnt.dll -- (WebClient)
SRV - [2009/04/11 00:28:25 | 000,140,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\wpcsvc.dll -- (WPCSvc)
SRV - [2009/04/11 00:28:24 | 000,242,688 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV - [2009/04/11 00:28:24 | 000,095,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\SCardSvr.dll -- (SCardSvr)
SRV - [2009/04/11 00:28:23 | 000,644,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\p2psvc.dll -- (PNRPsvc)
SRV - [2009/04/11 00:28:23 | 000,644,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\p2psvc.dll -- (PNRPAutoReg)
SRV - [2009/04/11 00:28:23 | 000,644,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\p2psvc.dll -- (p2psvc)
SRV - [2009/04/11 00:28:23 | 000,644,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\p2psvc.dll -- (p2pimsvc)
SRV - [2009/04/11 00:28:19 | 000,268,800 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV - [2009/04/11 00:28:19 | 000,026,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV - [2009/04/11 00:28:18 | 000,204,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcsvc.dll -- (Dhcp)
SRV - [2009/04/11 00:27:59 | 000,441,344 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWow64\SearchIndexer.exe -- (WSearch)
SRV - [2009/04/11 00:27:45 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\msiexec.exe -- (msiserver)
SRV - [2009/03/29 22:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/03/29 22:39:54 | 000,089,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)
SRV - [2009/03/09 18:54:12 | 000,365,952 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\SMINST\BLService.exe -- (Recovery Service for Windows)
SRV - [2009/02/24 16:04:52 | 000,116,104 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe -- (TVSched)
SRV - [2009/02/18 12:40:04 | 000,042,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
SRV - [2009/02/18 12:39:11 | 000,857,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)
SRV - [2009/02/12 11:32:42 | 000,228,408 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe -- (hpqwmiex)
SRV - [2009/02/04 16:57:06 | 000,296,320 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe -- (TVCapSvc)
SRV - [2009/01/21 04:47:38 | 000,247,152 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe -- (RichVideo)
SRV - [2008/12/04 18:05:16 | 000,222,512 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Stopped] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe -- (Com4QLBEx)
SRV - [2008/01/20 20:51:36 | 000,344,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\ehome\ehrecvr.exe -- (ehRecvr)
SRV - [2008/01/20 20:51:36 | 000,153,600 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\ehome\ehsched.exe -- (ehSched)
SRV - [2008/01/20 20:51:00 | 000,019,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\perfhost.exe -- (PerfHost)
SRV - [2008/01/20 20:50:38 | 000,084,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\SessEnv.dll -- (SessionEnv)
SRV - [2008/01/20 20:50:07 | 000,047,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\Sens.dll -- (SENS)
SRV - [2008/01/20 20:50:01 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\wdi.dll -- (WdiSystemHost)
SRV - [2008/01/20 20:50:01 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\wdi.dll -- (WdiServiceHost)
SRV - [2008/01/20 20:49:21 | 000,237,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm)
SRV - [2008/01/20 20:49:09 | 000,068,608 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\mprdim.dll -- (RemoteAccess)
SRV - [2008/01/20 20:48:26 | 000,259,072 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\upnphost.dll -- (upnphost)
SRV - [2008/01/20 20:48:23 | 001,502,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\pla.dll -- (pla)
SRV - [2008/01/20 20:47:35 | 000,243,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\qwave.dll -- (QWAVE)
SRV - [2006/11/02 09:03:48 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\ehome\ehstart.dll -- (ehstart)
SRV - [2006/11/02 03:46:13 | 000,032,256 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\WcsPlugInService.dll -- (WcsPlugInService)
SRV - [2006/11/02 03:45:02 | 000,007,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\dllhost.exe -- (COMSysApp)
SRV - [2006/10/26 15:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
SRV - [2004/10/22 04:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)

========== Driver Services (All) ==========

DRV:64bit: - [2012/10/30 17:51:56 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012/10/30 17:51:55 | 000,984,144 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012/10/30 17:51:55 | 000,370,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012/10/30 17:51:55 | 000,071,600 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012/10/30 17:51:55 | 000,044,272 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (AswRdr)
DRV:64bit: - [2012/10/30 17:51:53 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012/08/27 15:05:45 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012/08/21 05:50:57 | 000,267,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volsnap.sys -- (volsnap)
DRV:64bit: - [2012/06/04 09:29:59 | 000,516,480 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\ksecdd.sys -- (KSecDD)
DRV:64bit: - [2012/05/01 08:29:44 | 000,209,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpwd.sys -- (RDPWD)
DRV:64bit: - [2012/03/30 06:45:03 | 001,422,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\tcpip.sys -- (Tcpip6)
DRV:64bit: - [2012/03/30 06:45:03 | 001,422,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tcpip.sys -- (Tcpip)
DRV:64bit: - [2012/03/29 08:22:51 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tcpipreg.sys -- (tcpipreg)
DRV:64bit: - [2012/03/20 17:34:30 | 000,072,576 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\partmgr.sys -- (partmgr)
DRV:64bit: - [2012/02/29 07:52:46 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/03 08:25:21 | 000,404,992 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\afd.sys -- (AFD)
DRV:64bit: - [2011/09/14 14:01:11 | 000,900,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dxgkrnl.sys -- (DXGKrnl)
DRV:64bit: - [2011/07/22 10:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/12 15:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2011/07/06 09:49:23 | 000,275,456 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\mrxsmb10.sys -- (mrxsmb10)
DRV:64bit: - [2011/04/29 07:41:02 | 000,176,128 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\srv2.sys -- (srv2)
DRV:64bit: - [2011/04/29 07:40:56 | 000,145,920 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\srvnet.sys -- (srvnet)
DRV:64bit: - [2011/04/29 07:39:34 | 000,135,680 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\mrxsmb.sys -- (mrxsmb)
DRV:64bit: - [2011/04/29 07:39:31 | 000,107,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\mrxsmb20.sys -- (mrxsmb20)
DRV:64bit: - [2011/04/14 09:14:19 | 000,097,792 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\dfsc.sys -- (DfsC)
DRV:64bit: - [2011/02/18 08:18:15 | 000,450,560 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\srv.sys -- (srv)
DRV:64bit: - [2011/02/18 08:16:16 | 000,090,624 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\bowser.sys -- (bowser)
DRV:64bit: - [2010/06/30 02:27:08 | 000,035,840 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BVRPMPR5a64.SYS -- (BVRPMPR5a64)
DRV:64bit: - [2010/02/20 15:30:08 | 000,620,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HTTP.sys -- (HTTP)
DRV:64bit: - [2010/02/18 05:59:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\tunnel.sys -- (tunnel)
DRV:64bit: - [2009/09/08 02:40:28 | 000,152,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ssecmdm.sys -- (ssecmdm)
DRV:64bit: - [2009/09/08 02:40:28 | 000,113,664 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ssecbus.sys -- (ssecbus)
DRV:64bit: - [2009/09/08 02:40:28 | 000,018,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ssecmdfl.sys -- (ssecmdfl)
DRV:64bit: - [2009/07/14 12:18:49 | 000,654,928 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Wdf01000.sys -- (Wdf01000)
DRV:64bit: - [2009/06/27 14:42:27 | 002,041,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\bcmwl664.sys -- (BCM43XX)
DRV:64bit: - [2009/05/31 23:09:54 | 000,020,536 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\viaide.sys -- (viaide)
DRV:64bit: - [2009/05/31 23:09:54 | 000,020,536 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\cmdide.sys -- (cmdide)
DRV:64bit: - [2009/05/31 23:09:54 | 000,019,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelide.sys -- (intelide)
DRV:64bit: - [2009/05/31 23:09:54 | 000,018,488 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdide.sys -- (amdide)
DRV:64bit: - [2009/05/31 23:09:54 | 000,018,488 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aliide.sys -- (aliide)
DRV:64bit: - [2009/05/31 23:09:54 | 000,016,440 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pciide.sys -- (pciide)
DRV:64bit: - [2009/05/31 23:01:32 | 000,694,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BTHport.sys -- (BTHPORT)
DRV:64bit: - [2009/05/31 23:01:32 | 000,178,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\rfcomm.sys -- (RFCOMM)
DRV:64bit: - [2009/05/31 23:01:32 | 000,035,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BTHUSB.sys -- (BTHUSB)
DRV:64bit: - [2009/05/31 23:01:32 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\BthEnum.sys -- (BthEnum)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/05/09 01:14:20 | 000,015,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\NuidFltr.sys -- (NuidFltr)
DRV:64bit: - [2009/04/11 01:15:53 | 000,067,048 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volmgr.sys -- (volmgr)
DRV:64bit: - [2009/04/11 01:15:53 | 000,062,440 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\termdd.sys -- (TermDD)
DRV:64bit: - [2009/04/11 01:15:52 | 000,408,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volmgrx.sys -- (volmgrx)
DRV:64bit: - [2009/04/11 01:15:36 | 000,019,432 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spldr.sys -- (spldr)
DRV:64bit: - [2009/04/11 01:15:34 | 001,515,496 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\ntfs.sys -- (Ntfs)
DRV:64bit: - [2009/04/11 01:15:34 | 000,738,264 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ndis.sys -- (NDIS)
DRV:64bit: - [2009/04/11 01:15:33 | 000,361,448 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\CLFS.sys -- (CLFS)
DRV:64bit: - [2009/04/11 01:15:32 | 000,325,608 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpi.sys -- (ACPI)
DRV:64bit: - [2009/04/11 01:15:32 | 000,310,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msrpc.sys -- (MsRPC)
DRV:64bit: - [2009/04/11 01:15:32 | 000,275,432 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\fltmgr.sys -- (FltMgr)
DRV:64bit: - [2009/04/11 01:15:31 | 000,215,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\msiscsi.sys -- (iScsiPrt)
DRV:64bit: - [2009/04/11 01:15:31 | 000,178,664 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pci.sys -- (pci)
DRV:64bit: - [2009/04/11 01:15:30 | 000,155,112 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ecache.sys -- (Ecache)
DRV:64bit: - [2009/04/11 01:15:25 | 000,067,032 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\disk.sys -- (disk)
DRV:64bit: - [2009/04/11 01:15:24 | 000,059,880 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\mup.sys -- (Mup)
DRV:64bit: - [2009/04/11 01:15:21 | 000,029,656 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\msahci.sys -- (msahci)
DRV:64bit: - [2009/04/11 01:15:00 | 000,020,952 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\atapi.sys -- (atapi)
DRV:64bit: - [2009/04/10 23:43:46 | 000,078,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\rassstp.sys -- (RasSstp)
DRV:64bit: - [2009/04/10 23:43:40 | 000,169,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\ndiswan.sys -- (NdisWan)
DRV:64bit: - [2009/04/10 23:43:39 | 000,098,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\raspptp.sys -- (PptpMiniport)
DRV:64bit: - [2009/04/10 23:43:39 | 000,086,528 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\wanarp.sys -- (Wanarpv6)
DRV:64bit: - [2009/04/10 23:43:39 | 000,086,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wanarp.sys -- (Wanarp)
DRV:64bit: - [2009/04/10 23:43:38 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\rasl2tp.sys -- (Rasl2tp)
DRV:64bit: - [2009/04/10 23:43:33 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\raspppoe.sys -- (RasPppoe)
DRV:64bit: - [2009/04/10 23:43:27 | 000,067,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ipfltdrv.sys -- (IpFilterDriver)
DRV:64bit: - [2009/04/10 23:43:00 | 000,094,720 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\tdx.sys -- (tdx)
DRV:64bit: - [2009/04/10 23:42:56 | 000,094,208 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\pacer.sys -- (PSched)
DRV:64bit: - [2009/04/10 23:42:33 | 000,248,320 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\netbt.sys -- (netbt)
DRV:64bit: - [2009/04/10 23:42:19 | 000,088,064 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\smb.sys -- (Smb)
DRV:64bit: - [2009/04/10 23:40:20 | 000,187,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\nwifi.sys -- (NativeWifiP)
DRV:64bit: - [2009/04/10 23:39:52 | 000,273,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\usbhub.sys -- (usbhub)
DRV:64bit: - [2009/04/10 23:39:41 | 000,948,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\HDAudBus.sys -- (HDAudBus)
DRV:64bit: - [2009/04/10 23:39:38 | 000,077,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\USBSTOR.SYS -- (USBSTOR)
DRV:64bit: - [2009/04/10 23:39:36 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\usbehci.sys -- (usbehci)
DRV:64bit: - [2009/04/10 23:39:34 | 000,098,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaudio.sys -- (usbaudio)
DRV:64bit: - [2009/04/10 23:39:32 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\hidusb.sys -- (HidUsb)
DRV:64bit: - [2009/04/10 23:34:39 | 000,079,872 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\cdrom.sys -- (cdrom)
DRV:64bit: - [2009/04/10 23:33:40 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\kbdhid.sys -- (kbdhid)
DRV:64bit: - [2009/04/10 22:55:42 | 000,139,264 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mrxdav.sys -- (MRxDAV)
DRV:64bit: - [2009/04/10 22:55:24 | 000,287,744 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\DRIVERS\rdbss.sys -- (rdbss)
DRV:64bit: - [2009/04/10 22:54:22 | 000,044,544 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\npfs.sys -- (Npfs)
DRV:64bit: - [2009/04/10 22:54:21 | 000,299,008 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\DRIVERS\udfs.sys -- (udfs)
DRV:64bit: - [2009/04/10 22:54:11 | 000,187,904 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\exfat.sys -- (exfat)
DRV:64bit: - [2009/04/10 22:54:10 | 000,198,144 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fastfat.sys -- (fastfat)
DRV:64bit: - [2009/02/25 07:53:26 | 000,137,056 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\jmcr.sys -- (JMCR)
DRV:64bit: - [2009/02/17 11:11:25 | 000,031,400 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2009/01/20 08:39:20 | 000,473,088 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\stwrt64.sys -- (STHDA)
DRV:64bit: - [2008/12/30 06:18:40 | 000,068,608 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\enecir.sys -- (enecir)
DRV:64bit: - [2008/12/03 07:21:52 | 000,184,832 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2008/11/21 11:05:22 | 001,253,376 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2008/10/28 03:33:30 | 008,039,808 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys -- (igfx)
DRV:64bit: - [2008/06/04 11:55:16 | 000,129,536 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
DRV:64bit: - [2008/03/27 13:10:56 | 000,026,984 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2008/03/27 13:10:14 | 000,040,296 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2008/01/31 17:23:14 | 000,195,120 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2008/01/20 20:51:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tdtcp.sys -- (TDTCP)
DRV:64bit: - [2008/01/20 20:51:14 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tdpipe.sys -- (TDPIPE)
DRV:64bit: - [2008/01/20 20:51:07 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\RDPCDD.sys -- (RDPCDD)
DRV:64bit: - [2008/01/20 20:51:01 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\asyncmac.sys -- (AsyncMac)
DRV:64bit: - [2008/01/20 20:50:59 | 000,070,200 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\fileinfo.sys -- (FileInfo)
DRV:64bit: - [2008/01/20 20:50:45 | 000,017,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\irenum.sys -- (IRENUM)
DRV:64bit: - [2008/01/20 20:50:39 | 000,090,624 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\Windows\SysNative\DRIVERS\cdfs.sys -- (cdfs)
DRV:64bit: - [2008/01/20 20:50:39 | 000,026,112 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\msfs.sys -- (Msfs)
DRV:64bit: - [2008/01/20 20:50:25 | 000,070,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mountmgr.sys -- (MountMgr)
DRV:64bit: - [2008/01/20 20:50:10 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\tssecsrv.sys -- (tssecsrv)
DRV:64bit: - [2008/01/20 20:50:09 | 000,108,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\WUDFRd.sys -- (WUDFRd)
DRV:64bit: - [2008/01/20 20:50:04 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\modem.sys -- (Modem)
DRV:64bit: - [2008/01/20 20:49:58 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\ndisuio.sys -- (Ndisuio)
DRV:64bit: - [2008/01/20 20:49:52 | 000,011,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MSKSSRV.sys -- (MSKSSRV)
DRV:64bit: - [2008/01/20 20:49:52 | 000,007,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MSTEE.sys -- (MSTEE)
DRV:64bit: - [2008/01/20 20:49:51 | 000,028,672 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vga.sys -- (VgaSave)
DRV:64bit: - [2008/01/20 20:49:48 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\rdpencdd.sys -- (RDPENCDD)
DRV:64bit: - [2008/01/20 20:49:42 | 000,081,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mpsdrv.sys -- (mpsdrv)
DRV:64bit: - [2008/01/20 20:49:42 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\nsiproxy.sys -- (nsiproxy)
DRV:64bit: - [2008/01/20 20:49:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ws2ifsl.sys -- (ws2ifsl)
DRV:64bit: - [2008/01/20 20:49:16 | 000,109,568 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\luafv.sys -- (luafv)
DRV:64bit: - [2008/01/20 20:49:15 | 000,075,776 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\rspndr.sys -- (rspndr)
DRV:64bit: - [2008/01/20 20:49:15 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\lltdio.sys -- (lltdio)
DRV:64bit: - [2008/01/20 20:49:00 | 000,020,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ksthunk.sys -- (ksthunk)
DRV:64bit: - [2008/01/20 20:48:45 | 000,115,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ipnat.sys -- (IPNAT)
DRV:64bit: - [2008/01/20 20:48:45 | 000,059,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ndproxy.sys -- (NDProxy)
DRV:64bit: - [2008/01/20 20:48:45 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\ndistapi.sys -- (NdisTapi)
DRV:64bit: - [2008/01/20 20:48:45 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\tunmp.sys -- (tunmp)
DRV:64bit: - [2008/01/20 20:48:28 | 000,033,280 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\filetrace.sys -- (Filetrace)
DRV:64bit: - [2008/01/20 20:48:27 | 000,044,544 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\DRIVERS\netbios.sys -- (NetBIOS)
DRV:64bit: - [2008/01/20 20:48:24 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\rasacd.sys -- (RasAcd)
DRV:64bit: - [2008/01/20 20:47:30 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\qwavedrv.sys -- (QWAVEdrv)
DRV:64bit: - [2008/01/20 20:47:28 | 000,076,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ipmidrv.sys -- (IPMIDRV)
DRV:64bit: - [2008/01/20 20:47:28 | 000,046,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2008/01/20 20:47:28 | 000,035,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\i2omp.sys -- (i2omp)
DRV:64bit: - [2008/01/20 20:47:27 | 000,185,912 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\adpu320.sys -- (adpu320)
DRV:64bit: - [2008/01/20 20:47:27 | 000,168,704 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\usbvideo.sys -- (usbvideo)
DRV:64bit: - [2008/01/20 20:47:27 | 000,042,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\kbdclass.sys -- (kbdclass)
DRV:64bit: - [2008/01/20 20:47:27 | 000,024,120 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wd.sys -- (Wd)
DRV:64bit: - [2008/01/20 20:47:26 | 000,128,056 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mpio.sys -- (mpio)
DRV:64bit: - [2008/01/20 20:47:26 | 000,078,392 | ---- | M] (Silicon Integrated Systems) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sisraid4.sys -- (SiSRaid4)
DRV:64bit: - [2008/01/20 20:47:25 | 000,149,048 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vsmraid.sys -- (vsmraid)
DRV:64bit: - [2008/01/20 20:47:25 | 000,041,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\usbscan.sys -- (usbscan)
DRV:64bit: - [2008/01/20 20:47:25 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\fdc.sys -- (fdc)
DRV:64bit: - [2008/01/20 20:47:25 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\usbuhci.sys -- (usbuhci)
DRV:64bit: - [2008/01/20 20:47:04 | 000,113,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\msdsm.sys -- (msdsm)
DRV:64bit: - [2008/01/20 20:47:04 | 000,055,296 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\blbdrive.sys -- (blbdrive)
DRV:64bit: - [2008/01/20 20:47:03 | 000,041,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\circlass.sys -- (circlass)
DRV:64bit: - [2008/01/20 20:47:02 | 000,115,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\bthpan.sys -- (BthPan)
DRV:64bit: - [2008/01/20 20:47:01 | 000,113,720 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV:64bit: - [2008/01/20 20:47:01 | 000,095,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\usbccgp.sys -- (usbccgp)
DRV:64bit: - [2008/01/20 20:47:00 | 000,091,192 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\arcsas.sys -- (arcsas)
DRV:64bit: - [2008/01/20 20:47:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\monitor.sys -- (monitor)
DRV:64bit: - [2008/01/20 20:47:00 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\vgapnp.sys -- (vga)
DRV:64bit: - [2008/01/20 20:47:00 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sffdisk.sys -- (sffdisk)
DRV:64bit: - [2008/01/20 20:47:00 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sffp_mmc.sys -- (sffp_mmc)
DRV:64bit: - [2008/01/20 20:47:00 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sffp_sd.sys -- (sffp_sd)
DRV:64bit: - [2008/01/20 20:46:59 | 000,397,368 | ---- | M] (Emulex) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\elxstor.sys -- (elxstor)
DRV:64bit: - [2008/01/20 20:46:59 | 000,290,872 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iastorv.sys -- (iaStorV)
DRV:64bit: - [2008/01/20 20:46:59 | 000,068,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gagp30kx.sys -- (gagp30kx)
DRV:64bit: - [2008/01/20 20:46:59 | 000,067,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uagp35.sys -- (uagp35)
DRV:64bit: - [2008/01/20 20:46:59 | 000,064,000 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\i8042prt.sys -- (i8042prt)
DRV:64bit: - [2008/01/20 20:46:59 | 000,047,672 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpcisss.sys -- (HpCISSs)
DRV:64bit: - [2008/01/20 20:46:59 | 000,039,992 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\mouclass.sys -- (mouclass)
DRV:64bit: - [2008/01/20 20:46:59 | 000,035,896 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\megasas.sys -- (megasas)
DRV:64bit: - [2008/01/20 20:46:59 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sermouse.sys -- (sermouse)
DRV:64bit: - [2008/01/20 20:46:59 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\usbprint.sys -- (usbprint)
DRV:64bit: - [2008/01/20 20:46:59 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\mouhid.sys -- (mouhid)
DRV:64bit: - [2008/01/20 20:46:57 | 003,154,432 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\NETw3v64.sys -- (NETw3v64)
DRV:64bit: - [2008/01/20 20:46:56 | 000,438,328 | ---- | M] (LSI Corporation, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\megasr.sys -- (MegaSR)
DRV:64bit: - [2008/01/20 20:46:56 | 000,284,728 | ---- | M] (ULi Electronics Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\uliahci.sys -- (uliahci)
DRV:64bit: - [2008/01/20 20:46:56 | 000,146,176 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\E1G6032E.sys -- (E1G60)
DRV:64bit: - [2008/01/20 20:46:56 | 000,105,016 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\lsi_sas.sys -- (LSI_SAS)
DRV:64bit: - [2008/01/20 20:46:56 | 000,045,624 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sisraid2.sys -- (SiSRaid2)
DRV:64bit: - [2008/01/20 20:46:55 | 000,111,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\sdbus.sys -- (sdbus)
DRV:64bit: - [2008/01/20 20:46:55 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\hidir.sys -- (HidIr)
DRV:64bit: - [2008/01/20 20:46:55 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\flpydisk.sys -- (flpydisk)
DRV:64bit: - [2008/01/20 20:46:54 | 000,342,584 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\adpahci.sys -- (adpahci)
DRV:64bit: - [2008/01/20 20:46:54 | 000,128,056 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvraid.sys -- (nvraid)
DRV:64bit: - [2008/01/20 20:46:54 | 000,126,520 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\adpu160m.sys -- (adpu160m)
DRV:64bit: - [2008/01/20 20:46:54 | 000,072,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ohci1394.sys -- (ohci1394)
DRV:64bit: - [2008/01/20 20:46:54 | 000,054,328 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvstor.sys -- (nvstor)
DRV:64bit: - [2008/01/20 20:46:54 | 000,041,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\umbus.sys -- (umbus)
DRV:64bit: - [2008/01/20 20:46:53 | 000,486,456 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\adp94xx.sys -- (adp94xx)
DRV:64bit: - [2008/01/20 20:46:52 | 001,221,176 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ql2300.sys -- (ql2300)
DRV:64bit: - [2008/01/20 20:46:52 | 000,174,696 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ulsata2.sys -- (ulsata2)
DRV:64bit: - [2008/01/20 20:46:52 | 000,090,680 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\arc.sys -- (arc)
DRV:64bit: - [2008/01/20 20:46:52 | 000,027,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\crcdisk.sys -- (crcdisk)
DRV:64bit: - [2008/01/20 20:46:51 | 000,314,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpdr.sys -- (rdpdr)
DRV:64bit: - [2008/01/20 20:46:51 | 000,126,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nv_agp.sys -- (nv_agp)
DRV:64bit: - [2008/01/20 20:46:51 | 000,113,720 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\lsi_fc.sys -- (LSI_FC)
DRV:64bit: - [2008/01/20 20:46:51 | 000,068,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uliagpkx.sys -- (uliagpkx)
DRV:64bit: - [2008/01/20 20:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agp440.sys -- (agp440)
DRV:64bit: - [2008/01/20 20:46:51 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdk8.sys -- (AmdK8)
DRV:64bit: - [2008/01/20 20:46:51 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\intelppm.sys -- (intelppm)
DRV:64bit: - [2008/01/20 20:46:51 | 000,047,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\processr.sys -- (Processor)
DRV:64bit: - [2008/01/20 20:46:51 | 000,034,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\mssmbios.sys -- (mssmbios)
DRV:64bit: - [2008/01/20 20:46:51 | 000,023,608 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\isapnp.sys -- (isapnp)
DRV:64bit: - [2008/01/20 20:46:51 | 000,017,976 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\msisadrv.sys -- (msisadrv)
DRV:64bit: - [2008/01/20 20:46:51 | 000,017,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CmBatt.sys -- (CmBatt)
DRV:64bit: - [2008/01/20 20:46:51 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\drmkaud.sys -- (drmkaud)
DRV:64bit: - [2008/01/20 20:46:50 | 000,023,608 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\compbatt.sys -- (Compbatt)
DRV:64bit: - [2008/01/20 20:46:50 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\wmiacpi.sys -- (WmiAcpi)
DRV:64bit: - [2008/01/20 20:46:50 | 000,013,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\swenum.sys -- (swenum)
DRV:64bit: - [2008/01/20 20:46:50 | 000,008,704 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\errdev.sys -- (ErrDev)
DRV:64bit: - [2007/06/18 17:13:12 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:64bit: - [2007/02/15 18:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV:64bit: - [2006/11/02 06:03:03 | 000,051,816 | ---- | M] (IBM Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nfrd960.sys -- (nfrd960)
DRV:64bit: - [2006/11/02 06:02:52 | 000,049,256 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\symc8xx.sys -- (Symc8xx)
DRV:64bit: - [2006/11/02 06:02:47 | 000,048,232 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sym_u3.sys -- (Sym_u3)
DRV:64bit: - [2006/11/02 06:02:39 | 000,044,648 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iirsp.sys -- (iirsp)
DRV:64bit: - [2006/11/02 06:02:37 | 000,044,648 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sym_hi.sys -- (Sym_hi)
DRV:64bit: - [2006/11/02 06:02:24 | 000,039,016 | ---- | M] (LSI Logic Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mraid35x.sys -- (Mraid35x)
DRV:64bit: - [2006/11/02 06:02:09 | 000,037,480 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iteraid.sys -- (iteraid)
DRV:64bit: - [2006/11/02 06:02:09 | 000,037,480 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iteatapi.sys -- (iteatapi)
DRV:64bit: - [2006/11/02 05:51:30 | 000,203,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pcmcia.sys -- (pcmcia)
DRV:64bit: - [2006/11/02 05:50:54 | 000,148,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ulsata.sys -- (UlSata)
DRV:64bit: - [2006/11/02 05:50:27 | 000,124,008 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ql40xx.sys -- (ql40xx)
DRV:64bit: - [2006/11/02 05:50:06 | 000,090,216 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sbp2port.sys -- (sbp2port)
DRV:64bit: - [2006/11/02 05:50:06 | 000,088,168 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\djsvs.sys -- (aic78xx)
DRV:64bit: - [2006/11/02 03:44:02 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthmodem.sys -- (BTHMODEM)
DRV:64bit: - [2006/11/02 03:44:01 | 000,034,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidbth.sys -- (HidBth)
DRV:64bit: - [2006/11/02 03:43:46 | 000,079,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbcir.sys -- (usbcir)
DRV:64bit: - [2006/11/02 03:43:40 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbohci.sys -- (usbohci)
DRV:64bit: - [2006/11/02 03:40:24 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacompen.sys -- (WacomPen)
DRV:64bit: - [2006/11/02 03:38:24 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sfloppy.sys -- (sfloppy)
DRV:64bit: - [2006/11/02 03:38:02 | 000,094,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serial.sys -- (Serial)
DRV:64bit: - [2006/11/02 03:37:58 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serenum.sys -- (Serenum)
DRV:64bit: - [2006/11/02 03:37:57 | 000,096,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\parport.sys -- (Parport)
DRV:64bit: - [2006/11/02 03:37:30 | 000,007,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MSPCLOCK.sys -- (MSPCLOCK)
DRV:64bit: - [2006/11/02 03:37:30 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MSPQM.sys -- (MSPQM)
DRV:64bit: - [2006/11/02 03:37:16 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\null.sys -- (Null)
DRV:64bit: - [2006/11/02 02:43:25 | 000,086,528 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\brserid.sys -- (Brserid)
DRV:64bit: - [2006/11/01 23:28:10 | 000,273,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HdAudio.sys -- (HdAudAddService)
DRV:64bit: - [2006/10/23 20:08:37 | 000,712,704 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\peauth.sys -- (PEAUTH)
DRV:64bit: - [2006/10/03 19:45:36 | 000,273,408 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\yk60x64.sys -- (yukonx64)
DRV:64bit: - [2006/09/29 17:51:44 | 000,023,040 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\secdrv.sys -- (secdrv)
DRV:64bit: - [2006/09/19 05:42:33 | 000,014,720 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\brusbser.sys -- (BrUsbSer)
DRV:64bit: - [2006/09/18 15:30:18 | 000,047,104 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\brserwdm.sys -- (BrSerWdm)
DRV:64bit: - [2006/09/18 15:30:18 | 000,014,976 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV:64bit: - [2006/09/18 15:30:15 | 000,018,432 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\brfiltlo.sys -- (BrFiltLo)
DRV:64bit: - [2006/09/18 15:30:15 | 000,008,704 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2007/02/15 18:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2003/09/15 10:57:35 | 000,009,728 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\ElbyCDIO.sys -- (ElbyCDIO)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cnnb
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{66D6D3B3-3F04-4A04-B274-6301C0874A87}: "URL" = http://search.live.c...ms}&FORM=HPNTDF
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cnnb
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{66D6D3B3-3F04-4A04-B274-6301C0874A87}: "URL" = http://search.live.c...ms}&FORM=HPNTDF

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.startpage.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {018FD540-75AB-4000-A206-65664BBD9E54}
IE - HKCU\..\SearchScopes\{018FD540-75AB-4000-A206-65664BBD9E54}: "URL" = http://search.avg.co...e}&iy=&ychte=us
IE - HKCU\..\SearchScopes\{3730E888-30A1-43FA-A6D2-509427C0CB46}: "URL" = http://www.amazon.co...y={searchTerms}
IE - HKCU\..\SearchScopes\{66D6D3B3-3F04-4A04-B274-6301C0874A87}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Jeannene\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Jeannene\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2009/06/01 00:24:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/02/18 19:10:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/01/13 12:06:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/01/20 16:27:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/01/19 08:28:31 | 000,000,000 | ---D | M]

[2013/01/20 16:27:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jeannene\AppData\Roaming\Mozilla\Extensions
[2013/01/20 16:27:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/01/16 14:11:06 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013/01/16 14:10:30 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013/01/16 14:10:30 | 000,002,058 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Jeannene\AppData\Local\Google\Chrome\Application\24.0.1312.52\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Jeannene\AppData\Local\Google\Chrome\Application\24.0.1312.52\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Jeannene\AppData\Local\Google\Chrome\Application\24.0.1312.52\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Jeannene\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: avast! WebRep = C:\Users\Jeannene\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Jeannene\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\

O1 HOSTS File: ([2013/01/18 17:16:00 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll File not found
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CloneCDTray] C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [UCam_Menu] C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePDIRShortCut] C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: amazon.com ([payments] https in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{36E75DF6-6745-4FA5-953C-181729413414}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7B7054C4-04E4-4870-8ED3-5CC837DC262C}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\Jeannene\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Jeannene\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/01/21 16:40:02 | 000,000,000 | ---D | C] -- C:\Program Files\IDT
[2013/01/20 16:27:10 | 000,000,000 | ---D | C] -- C:\Users\Jeannene\AppData\Roaming\Mozilla
[2013/01/20 16:27:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2013/01/20 13:41:23 | 000,473,088 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\drivers\stwrt64.sys
[2013/01/20 13:41:22 | 000,532,480 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stapi64.dll
[2013/01/20 13:41:22 | 000,430,592 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stcplx64.dll
[2013/01/19 19:24:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital Corporation
[2013/01/19 19:24:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Western Digital Corporation
[2013/01/19 19:11:55 | 000,000,000 | ---D | C] -- C:\Users\Jeannene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
[2013/01/19 19:11:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
[2013/01/19 19:11:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpeedFan
[2013/01/19 10:06:32 | 004,778,720 | ---- | C] (Piriform Ltd) -- C:\Users\Jeannene\Desktop\spsetup119.exe
[2013/01/19 09:54:58 | 002,712,200 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Users\Jeannene\Desktop\procexp.exe
[2013/01/19 08:28:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/01/18 22:34:55 | 000,000,000 | ---D | C] -- C:\Users\Jeannene\AppData\Local\Macromedia
[2013/01/18 21:41:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NirSoft
[2013/01/18 21:30:17 | 000,000,000 | ---D | C] -- C:\backupres
[2013/01/18 18:33:00 | 000,350,915 | ---- | C] (Farbar) -- C:\Users\Jeannene\Desktop\FSS.exe
[2013/01/18 18:19:39 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/01/18 17:45:00 | 000,000,000 | ---D | C] -- C:\Users\Jeannene\AppData\Roaming\Malwarebytes
[2013/01/18 17:44:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/01/18 17:44:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/01/18 17:44:45 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013/01/18 17:44:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/01/18 17:42:21 | 010,156,344 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Jeannene\Desktop\mbam-setup-1.70.0.1100.exe
[2013/01/18 17:22:40 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Jeannene\Desktop\tdsskiller.exe
[2013/01/18 17:19:30 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013/01/18 17:04:26 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013/01/18 17:04:26 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013/01/18 17:04:26 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013/01/18 16:57:35 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/01/18 16:57:06 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013/01/18 16:55:12 | 005,023,971 | R--- | C] (Swearware) -- C:\Users\Jeannene\Desktop\ComboFix.exe
[2013/01/18 15:28:17 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2013/01/18 15:08:14 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/01/18 14:00:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013/01/16 19:20:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EMET
[2013/01/13 16:33:52 | 000,000,000 | ---D | C] -- C:\Users\Jeannene\AppData\Roaming\SUPERAntiSpyware.com
[2013/01/13 16:33:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2013/01/13 16:33:41 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2013/01/13 12:06:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2013/01/13 12:06:40 | 000,370,288 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2013/01/13 12:06:40 | 000,025,232 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2013/01/13 12:06:38 | 000,059,728 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2013/01/13 12:06:38 | 000,044,272 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2013/01/13 12:06:37 | 000,984,144 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2013/01/13 12:06:36 | 000,285,328 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2013/01/13 12:06:36 | 000,071,600 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2013/01/13 12:06:16 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2013/01/13 12:06:16 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2013/01/13 12:05:59 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2013/01/13 12:05:59 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013/01/13 08:41:47 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Jeannene\Desktop\OTL.exe
[2013/01/11 21:33:14 | 000,000,000 | ---D | C] -- C:\Users\Jeannene\AppData\Local\MFAData
[2013/01/11 21:33:14 | 000,000,000 | ---D | C] -- C:\Users\Jeannene\AppData\Local\Avg2013
[2012/12/27 06:21:12 | 000,697,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/12/27 06:21:03 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012/12/25 20:06:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Browser Manager
[2012/12/25 17:42:35 | 000,773,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcr100.dll
[2012/12/25 17:39:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Wincert
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/01/21 19:19:01 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3282985124-3251388849-2966862995-1000UA.job
[2013/01/21 19:15:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/01/21 18:33:12 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/01/21 18:33:12 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/01/21 17:57:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/01/21 16:40:21 | 000,690,960 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/01/21 16:40:21 | 000,595,684 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/01/21 16:40:21 | 000,101,350 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/01/21 16:33:05 | 4193,210,368 | -HS- | M] () -- C:\hiberfil.sys
[2013/01/21 15:58:08 | 542,476,557 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013/01/20 16:27:04 | 000,000,912 | ---- | M] () -- C:\Users\Jeannene\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/01/20 16:27:04 | 000,000,888 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/01/20 08:22:46 | 000,000,732 | ---- | M] () -- C:\Users\Jeannene\AppData\Local\d3d9caps64.dat
[2013/01/19 19:24:54 | 000,001,119 | ---- | M] () -- C:\Users\Public\Desktop\Data Lifeguard Diagnostic for Windows.lnk
[2013/01/19 19:11:56 | 000,000,846 | ---- | M] () -- C:\Users\Jeannene\Desktop\SpeedFan.lnk
[2013/01/19 19:11:54 | 000,000,045 | ---- | M] () -- C:\Windows\SysWow64\initdebug.nfo
[2013/01/19 10:06:47 | 004,778,720 | ---- | M] (Piriform Ltd) -- C:\Users\Jeannene\Desktop\spsetup119.exe
[2013/01/19 09:55:11 | 002,712,200 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Users\Jeannene\Desktop\procexp.exe
[2013/01/19 03:24:09 | 000,313,648 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/01/18 22:15:58 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/01/18 22:15:58 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/01/18 21:42:54 | 000,000,761 | ---- | M] () -- C:\Users\Jeannene\Desktop\BlueScreenView.lnk
[2013/01/18 20:52:20 | 000,574,677 | ---- | M] () -- C:\Users\Jeannene\Desktop\adwcleaner.exe
[2013/01/18 20:03:27 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013/01/18 18:33:01 | 000,350,915 | ---- | M] (Farbar) -- C:\Users\Jeannene\Desktop\FSS.exe
[2013/01/18 18:24:01 | 000,061,440 | ---- | M] ( ) -- C:\Users\Jeannene\Desktop\VEW.exe
[2013/01/18 18:18:53 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForJeannene.job
[2013/01/18 17:44:46 | 000,000,948 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/01/18 17:42:41 | 010,156,344 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Jeannene\Desktop\mbam-setup-1.70.0.1100.exe
[2013/01/18 17:22:49 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Jeannene\Desktop\tdsskiller.exe
[2013/01/18 17:16:00 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013/01/18 16:55:22 | 005,023,971 | R--- | M] (Swearware) -- C:\Users\Jeannene\Desktop\ComboFix.exe
[2013/01/18 15:14:07 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013/01/18 15:14:01 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2013/01/16 16:22:16 | 000,002,059 | ---- | M] () -- C:\Users\Jeannene\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/01/16 16:22:16 | 000,002,057 | ---- | M] () -- C:\Users\Jeannene\Desktop\Google Chrome.lnk
[2013/01/13 16:52:40 | 005,636,096 | ---- | M] () -- C:\Windows\ocsetup_install_MicrosoftWindowsPowerShell.etl
[2013/01/13 16:52:39 | 000,196,608 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.perf
[2013/01/13 16:52:39 | 000,065,536 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.dpx
[2013/01/13 16:33:49 | 000,001,655 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2013/01/13 12:06:41 | 000,006,756 | ---- | M] () -- C:\Users\Jeannene\AppData\Local\d3d9caps.dat
[2013/01/13 08:42:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jeannene\Desktop\OTL.exe
[2013/01/09 14:04:59 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3282985124-3251388849-2966862995-1000Core.job
[2013/01/07 21:29:06 | 000,010,258 | ---- | M] () -- C:\Users\Jeannene\AppData\Roaming\wklnhst.dat
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/01/21 16:33:05 | 4193,210,368 | -HS- | C] () -- C:\hiberfil.sys
[2013/01/20 16:27:04 | 000,000,912 | ---- | C] () -- C:\Users\Jeannene\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/01/20 16:27:04 | 000,000,900 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013/01/20 16:27:04 | 000,000,888 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/01/19 19:24:54 | 000,001,119 | ---- | C] () -- C:\Users\Public\Desktop\Data Lifeguard Diagnostic for Windows.lnk
[2013/01/19 19:11:56 | 000,000,846 | ---- | C] () -- C:\Users\Jeannene\Desktop\SpeedFan.lnk
[2013/01/19 19:11:53 | 000,000,045 | ---- | C] () -- C:\Windows\SysWow64\initdebug.nfo
[2013/01/18 21:42:40 | 000,000,761 | ---- | C] () -- C:\Users\Jeannene\Desktop\BlueScreenView.lnk
[2013/01/18 20:52:18 | 000,574,677 | ---- | C] () -- C:\Users\Jeannene\Desktop\adwcleaner.exe
[2013/01/18 20:22:44 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/01/18 18:23:41 | 000,061,440 | ---- | C] ( ) -- C:\Users\Jeannene\Desktop\VEW.exe
[2013/01/18 17:44:46 | 000,000,948 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/01/18 17:04:26 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013/01/18 17:04:26 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013/01/18 17:04:26 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013/01/18 17:04:26 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013/01/18 17:04:26 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013/01/18 16:06:08 | 542,476,557 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2013/01/13 16:51:24 | 005,636,096 | ---- | C] () -- C:\Windows\ocsetup_install_MicrosoftWindowsPowerShell.etl
[2013/01/13 16:51:24 | 000,196,608 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.perf
[2013/01/13 16:51:24 | 000,065,536 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.dpx
[2013/01/13 16:33:49 | 000,001,655 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2013/01/13 12:06:41 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013/01/13 12:06:36 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2013/01/11 17:11:51 | 000,000,732 | ---- | C] () -- C:\Users\Jeannene\AppData\Local\d3d9caps64.dat
[2012/08/27 15:38:00 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib
[2009/09/17 23:03:21 | 000,010,258 | ---- | C] () -- C:\Users\Jeannene\AppData\Roaming\wklnhst.dat
[2009/08/23 18:17:12 | 003,110,453 | ---- | C] () -- C:\Users\Jeannene\Burning CDGs From Any Drive.zip
[2009/08/17 23:22:08 | 000,006,756 | ---- | C] () -- C:\Users\Jeannene\AppData\Local\d3d9caps.dat
[2009/07/26 14:34:25 | 000,020,480 | ---- | C] () -- C:\Users\Jeannene\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2006/11/02 09:30:40 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 11:59:03 | 012,899,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 11:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/04/11 01:11:14 | 000,891,392 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\SysWow64\wbem\fastprox.dll -- [2009/04/11 00:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2008/01/20 20:50:58 | 000,513,024 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\SysWow64\wbem\wbemess.dll

========== Custom Scans ==========

< MD5 for: MRAID35X.SYS >
[2006/11/02 06:02:24 | 000,039,016 | ---- | M] (LSI Logic Corporation) MD5=3C200630A89EF2C0864D515B7A75802E -- C:\Windows\SysNative\drivers\Mraid35x.sys

< MD5 for: TCPIP.SYS >
[2010/06/16 11:14:29 | 001,424,264 | ---- | M] (Microsoft Corporation) MD5=0011810B5211FDACD784DE585262ECFE -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_119c298735134c99\tcpip.sys
[2010/04/06 02:35:06 | 001,423,752 | ---- | M] (Microsoft Corporation) MD5=150C1A66A7094F84560519261A309BC6 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22377_none_11681899353a0dd5\tcpip.sys
[2011/06/17 14:14:30 | 001,424,272 | ---- | M] (Microsoft Corporation) MD5=19A7321E3A5F1DDB215D2815DCC8F8E4 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22662_none_116decc535366aa6\tcpip.sys
[2011/09/20 15:06:18 | 001,426,304 | ---- | M] (Microsoft Corporation) MD5=2CC45D932BD193CD4117321D469AD6B2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18519_none_1121619c1be9f088\tcpip.sys
[2009/12/08 12:22:57 | 001,199,616 | ---- | M] (Microsoft Corporation) MD5=2F822AF5E70467F827F5B4010A7FD57F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_bb7549d64ac6920e\tcpip.sys
[2010/02/18 09:01:57 | 001,420,688 | ---- | M] (Microsoft Corporation) MD5=30C4ABC8075DEA44D7E775D434AF1753 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_0f2e179c1ecd900b\tcpip.sys
[2009/08/14 08:44:27 | 001,200,640 | ---- | M] (Microsoft Corporation) MD5=34B30202AECCB530FDDC6C6CCFA2FB46 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_bbc5fabc4a894d2a\tcpip.sys
[2010/02/18 06:25:21 | 001,200,640 | ---- | M] (Microsoft Corporation) MD5=396CF3FD8D2A4FDF55570C01894DB9DF -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_bba931004aa006ed\tcpip.sys
[2009/08/14 12:05:16 | 001,418,840 | ---- | M] (Microsoft Corporation) MD5=3BCD46BE9988B09D3510A0EF54F0D65B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_0f32e3e61ecadee9\tcpip.sys
[2010/02/18 09:04:06 | 001,414,032 | ---- | M] (Microsoft Corporation) MD5=4680D08A2E8A2509CD9B751D7AF59606 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_0fabe61737f42f96\tcpip.sys
[2012/03/30 06:45:03 | 001,423,744 | ---- | M] (Microsoft Corporation) MD5=46D448E9117464E4D3BBF36D7E3FA48E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18604_none_112731fc1be6530b\tcpip.sys
[2010/02/18 08:22:15 | 001,423,752 | ---- | M] (Microsoft Corporation) MD5=4AD4600DF1F09EE7462152C061B683C8 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_118286a1352721f8\tcpip.sys
[2011/06/17 14:14:30 | 001,427,344 | ---- | M] (Microsoft Corporation) MD5=4DAD14118FBCF7C609F2A4CE21FBCC5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18484_none_10d0aed01c273845\tcpip.sys
[2011/09/20 15:06:18 | 001,423,744 | ---- | M] (Microsoft Corporation) MD5=73BED5067ED53A9DF05FA8EAB42578D0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22719_none_11ab004d35078d79\tcpip.sys
[2009/08/14 10:42:31 | 001,413,208 | ---- | M] (Microsoft Corporation) MD5=74B776CA1B328095FE23A3306B1613A3 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_0f6c030d3823f645\tcpip.sys
[2008/01/20 20:51:16 | 001,421,368 | ---- | M] (Microsoft Corporation) MD5=7A1183FBB802F5ABAD7FA18BC67E0858 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_0f3cadd61ec3b22c\tcpip.sys
[2010/02/18 06:27:40 | 001,198,080 | ---- | M] (Microsoft Corporation) MD5=7B0B928E318CADC23C87226BE0A1097D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_bc37d12363b92291\tcpip.sys
[2010/06/16 10:40:37 | 001,420,176 | ---- | M] (Microsoft Corporation) MD5=7D86275FB640011B372FD566C0EAFA8D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_0ede67001f09ee46\tcpip.sys
[2009/12/08 14:59:37 | 001,418,840 | ---- | M] (Microsoft Corporation) MD5=8C94F5E4F9DE14A495BAA86F643CF31D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_0ef8061a1ef61e99\tcpip.sys
[2009/05/31 23:08:26 | 001,421,368 | ---- | M] (Microsoft Corporation) MD5=8E041924441FF8755E5B4F135C8C3767 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_0efecf2c1ef1a5d7\tcpip.sys
[2010/04/05 11:13:35 | 001,414,024 | ---- | M] (Microsoft Corporation) MD5=8E7CD6BA2F09B46CE72D308F166C0B12 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22665_none_0f8a7609380d6a12\tcpip.sys
[2010/06/16 11:11:35 | 001,426,816 | ---- | M] (Microsoft Corporation) MD5=973658A2EA9C06B2976884B9046DFC6C -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_10d97a5c1c20ef58\tcpip.sys
[2009/04/11 01:15:48 | 001,426,408 | ---- | M] (Microsoft Corporation) MD5=99D07AD0EF2C535610F6573C29BC045E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_112826e21be57d78\tcpip.sys
[2009/08/14 10:39:38 | 001,425,992 | ---- | M] (Microsoft Corporation) MD5=A7BFF59C2F610F62E6C292074FF36A1E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_10c2d66e1c321395\tcpip.sys
[2012/03/30 06:45:03 | 001,422,720 | ---- | M] (Microsoft Corporation) MD5=AC8D5728E6AD6A7C4819D9A67008337A -- C:\Windows\erdnt\cache64\tcpip.sys
[2012/03/30 06:45:03 | 001,422,720 | ---- | M] (Microsoft Corporation) MD5=AC8D5728E6AD6A7C4819D9A67008337A -- C:\Windows\SysNative\drivers\tcpip.sys
[2012/03/30 06:45:03 | 001,422,720 | ---- | M] (Microsoft Corporation) MD5=AC8D5728E6AD6A7C4819D9A67008337A -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22828_none_119f31fd35108d3a\tcpip.sys
[2010/02/18 08:28:06 | 001,427,336 | ---- | M] (Microsoft Corporation) MD5=B4B7B375FDD672AF79B0CBE9B9A48B47 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_112c2bd61be1dd22\tcpip.sys
[2009/12/08 12:21:46 | 001,196,032 | ---- | M] (Microsoft Corporation) MD5=BB6FB43B431CCAD6FC367648C87205C0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_bc00bf5763e297c8\tcpip.sys
[2009/12/08 15:13:33 | 001,411,656 | ---- | M] (Microsoft Corporation) MD5=D1A6D398865E0686533E13DD2558D64B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_0f81a4cb3813bb8a\tcpip.sys
[2010/06/16 17:28:33 | 001,414,544 | ---- | M] (Microsoft Corporation) MD5=D43D5336BE9DD93E02EE124297295713 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_0fbe86f737e6a8d6\tcpip.sys
[2009/08/14 10:32:21 | 001,424,952 | ---- | M] (Microsoft Corporation) MD5=D45D67A18C9FD4CC637BC9D4585C0646 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_11acc42135079bb6\tcpip.sys
[2009/08/15 16:55:23 | 001,196,032 | ---- | M] (Microsoft Corporation) MD5=D4E30E6BADFF21865C3A075457CF9C00 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_bc4f6fa963a72036\tcpip.sys
[2009/12/08 14:22:19 | 001,425,480 | ---- | M] (Microsoft Corporation) MD5=E52F99B1160A1A1DE83223379D2C1828 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18160_none_10e247ce1c1aa392\tcpip.sys
[2009/12/08 14:04:59 | 001,423,944 | ---- | M] (Microsoft Corporation) MD5=EE84432AD7DCADE2931528C319C55097 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22283_none_1159459f3545c743\tcpip.sys
[2009/05/31 23:08:26 | 001,421,368 | ---- | M] (Microsoft Corporation) MD5=F10A60005FB50698E33A1940C6EBB010 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_0f8c6d1f380baafd\tcpip.sys

========== Alternate Data Streams ==========

@Alternate Data Stream - 116 bytes -> C:\ProgramData\Temp:13D63198
@Alternate Data Stream - 104 bytes -> C:\ProgramData\Temp:D1B5B4F1

< End of report >

#56
beejee

Posted 21 January 2013 - 07:53 PM

Member

Topic Starter
Member
48 posts

BIOS done

"Then let's make sure we have the latest chipset utility:

http://www.intel.com.../support/detect"

Mozilla Firefox*, Google Chrome*, and Safari*

Make sure you have the latest version of Java* installed.
Click Check your system for the latest updates to run the Intel® Driver Update Utility again.

Am I suppose to install Java?

#57
RKinner

Posted 22 January 2013 - 02:08 AM

Malware Expert

Expert
24,622 posts

Sounds like Intel uses Java to check your drivers so install the latest java from java.com. You can uninstall it later. Don't let them foist the ask or yahoo toolbars or McAfee Security scan on you.

You can zip up the .dmp file and then attach the zip file. If you need a program to do zip files then 7-zip is good. http://www.7zip.com/

#58
beejee

Posted 22 January 2013 - 04:16 PM

Member

Topic Starter
Member
48 posts

"Then let's make sure we have the latest chipset utility:

http://www.intel.com.../support/detect"

I tried to run this but it keeps saying the driver update utility failed to load. I downloaded java and tried again. I'm using Firefox.

"The Intel Driver Update Utility installation failed. Possible web brower compatibility, firewall, or installation issue detected. Seleck OK to troubleshoot issue."

To troubleshoot:
Mozilla Firefox*, Google Chrome*, and Apple Safari*
1. Make sure you have the latest version of Java* installed.
2. Click Check your system for the latest updates to run the Intel® Driver Update Utility again.

I did all this but I still get a dialogue box with the message above.

I don't seem to be able to figure out how to zip these files:
C:\Windows\Minidump\Mini012113-01.dmp

and

C:\Windows\Minidump\Mini012013-01.dmp

and attach for you. I thought I figured it out but it says "You aren't permitted to upload this kind of file"