Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

do i have a virus?


  • Please log in to reply

#1
mariaj

mariaj

    Member

  • Member
  • PipPip
  • 84 posts
hello, i hope someone will be able to help me out here. my home pc as been shutting down on its own randomly for the last couple of week. iv done a system restore that took me back over three weeks ago and still the same is happening. iv run AVG, CCleaner,Ad-aware,AVG Anti-spyware and also SuperAntispyware but nothing is correcting the problem. today its shut down roughly about 8 times and it asnt done it that many times in one day. I ran a cpu tempreture check and that showed up ok. i have the OTL report if anyone who thinks they can help me needs me to post it. here is my cpu, motherboard and graphics information just incase it helps. i dont know what other information i should be supplying sorry. many thanks

CPU
AMD Sempron 145
Cores 1
Threads 1
Name AMD Sempron 145
Code Name Sargas
Package Socket AM3 (938)
Technology 45nm
Specification AMD Sempron 145 Processor
Family F
Extended Family 10
Model 6
Extended Model 6
Stepping 3
Revision DA-C3
Instructions MMX (+), 3DNow! (+), SSE, SSE2, SSE3, SSE4A, AMD 64
Virtualization Supported, Disabled
Hyperthreading Not supported
Fan Speed 1858 RPM
Bus Speed 200.9 MHz
Rated Bus Speed 1004.5 MHz
Stock Core Speed 2800 MHz
Stock Bus Speed 200 MHz
Average Temperature 45 °C
Caches
L1 Data Cache Size 64 KBytes
L1 Instructions Cache Size 64 KBytes
L2 Unified Cache Size 1024 KBytes
Core 0


Motherboard
Manufacturer ECS
Model MCP61M-M3 (CPU 1)
Version 7.0
Chipset Vendor NVIDIA
Chipset Model MCP61
Chipset Revision A3
Southbridge Vendor NVIDIA
Southbridge Model MCP61
Southbridge Revision A2
System Temperature 30 °C
BIOS
Brand American Megatrends Inc.
Version 080015
Date 11/03/2010
Voltage
+3.3V 3.424 V
CPU CORE 1.312 V
VIN2 3.008 V
VIN3 1.247 V
VSB3V 3.424 V
CMOS BATTERY 2.864 V
PCI Data
Slot UNKNOWN
Slot Type UNKNOWN
Slot Usage In Use
Bus Width 32 bit
Slot Designation AGP
Slot Number 0
Slot PCI
Slot Type PCI
Slot Usage Available
Bus Width 32 bit
Slot Designation PCI1
Slot Number 1


Graphics
Monitor
Name HP L2045w on NVIDIA GeForce GT 430
Current Resolution 1680x1050 pixels
Work Resolution 1680x1010 pixels
State enabled, primary
Monitor Width 1680
Monitor Height 1050
Monitor BPP 32 bits per pixel
Monitor Frequency 59 Hz
Device \\.\DISPLAY1\Monitor0


GeForce GT 430


GPU GF108
Device ID 10DE-0DE1
Revision A2
Subvendor PNY (196E)
Series GeForce GT 400
Current Performance Level Level 1
Current GPU Clock 50 MHz
Current Memory Clock 135 MHz
Current Shader Clock 101 MHz
Voltage 0.880 V
Die Size 116 nm²
Release Date Oct 11, 2010
DirectX Support 11.0
OpenGL Support 5.0
Bus Interface PCI Express x16
Temperature 39 °C
Driver version 9.18.13.697
BIOS Version 70.08.29.00.52
ROPs 8
Shaders 96 unified
Memory Type DDR3
Physical Memory 1023 MB
Virtual Memory 2816 MB
Bus Width 64x2 (128 bit)
Filtering Modes 16x Anisotropic
Noise Level Quiet
Max Power Draw 49 Watts
Count of performance levels : 3
Level 1 - "Default"
GPU Clock 50 MHz
Memory Clock 135 MHz
Shader Clock 101 MHz
Level 2 - "2D Desktop"
GPU Clock 405 MHz
Memory Clock 324 MHz
Shader Clock 810 MHz
Level 3 - "3D Applications"
GPU Clock 700 MHz
Memory Clock 800 MHz
Shader Clock 1400 MHz
OpenGL
Version 4.2.0
Vendor NVIDIA Corporation
Renderer GeForce GT 430/PCIe/SSE2
GLU Version 1.2.2.0 Microsoft Corporation
Values
GL Extensions
  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,793 posts
  • MVP
Please post your OTL log (and the Extras log too if you got one.)

Also:

Download BlueScreenView
http://www.nirsoft.n...creen_view.html

Double click on BlueScreenView.exe file to run the program.
When scanning is done, go Edit, Select All.

Go File, Save Selected Items, and save the report as BSOD.txt.
Open BSOD.txt in Notepad, copy all content, and paste it into your next reply.


Right click on (My) Computer and select Manage (Continue) Then the Event Viewer. Next select Windows Logs. Right click on System and Clear Log, Clear. Repeat for Application.

Reboot.

Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator. Then type (with an Enter after each line).
sfc  /scannow

(This will check your critical system files. Does it complete without complaint?)


1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.

Get Process Explorer

http://live.sysinter...com/procexp.exe
Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator).

View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures


Click twice on the CPU column header to sort things by CPU usage with the big hitters at the top.

Wait a minute then:

File, Save As, Save. Open the file Procexp.txt on your desktop and copy and paste the text to a reply.


Ron
  • 0

#3
mariaj

mariaj

    Member

  • Topic Starter
  • Member
  • PipPip
  • 84 posts
OTL logfile created on: 29/01/2013 16:30:35 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Maria\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

4.00 Gb Total Physical Memory | 1.88 Gb Available Physical Memory | 46.91% Memory free
8.00 Gb Paging File | 5.26 Gb Available in Paging File | 65.80% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 148.95 Gb Total Space | 108.98 Gb Free Space | 73.17% Space Free | Partition Type: NTFS
Drive E: | 1397.26 Gb Total Space | 1145.69 Gb Free Space | 82.00% Space Free | Partition Type: NTFS

Computer Name: MARIA-PC | User Name: Maria | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - File not found --
PRC - [2013/01/29 16:29:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Maria\Downloads\OTL.exe
PRC - [2013/01/09 02:44:46 | 000,699,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_146_ActiveX.exe
PRC - [2012/12/24 15:47:28 | 001,191,768 | ---- | M] (Lavasoft Limited) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2012/12/24 15:47:27 | 001,737,728 | ---- | M] (Lavasoft Limited ) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2012/12/16 05:15:35 | 000,308,368 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2012/11/26 12:26:58 | 000,068,168 | ---- | M] (Simplygen) -- C:\Program Files (x86)\Protected Search\ProtectedSearch.exe
PRC - [2012/10/10 21:23:42 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012/10/02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012/08/13 02:24:48 | 005,167,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
PRC - [2012/07/31 02:37:02 | 002,596,984 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
PRC - [2012/07/27 20:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/02/14 03:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
PRC - [2011/08/04 16:08:56 | 000,593,032 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE
PRC - [2011/08/04 16:06:12 | 001,612,920 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
PRC - [2010/12/28 08:00:34 | 001,296,728 | ---- | M] (www.BitComet.com) -- C:\Program Files\BitComet\tools\BitCometService.exe
PRC - [2010/11/21 03:24:27 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
PRC - [2009/07/07 11:21:28 | 000,455,336 | ---- | M] () -- C:\Program Files (x86) (x86)\Lexmark X5400 Series\lxdvmon.exe
PRC - [2009/07/07 11:21:28 | 000,025,256 | ---- | M] () -- C:\Program Files (x86) (x86)\Lexmark X5400 Series\lxdvamon.exe
PRC - [2007/06/11 09:25:42 | 006,731,312 | ---- | M] (GRISOFT s.r.o.) -- C:\Program Files (x86)\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
PRC - [2007/05/30 12:31:10 | 000,312,880 | ---- | M] (GRISOFT s.r.o.) -- C:\Program Files (x86)\Grisoft\AVG Anti-Spyware 7.5\guard.exe
PRC - [2006/11/23 16:12:30 | 000,851,968 | ---- | M] () -- C:\Program Files (x86)\Creative\Sync Manager Unicode\CTSyncU.exe
PRC - [2006/03/08 07:56:00 | 000,278,528 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\MediaSource5\MtdAcqu.exe
PRC - [2004/11/22 12:28:10 | 000,200,704 | ---- | M] (Creative Technology Ltd) -- C:\Windows\SysWOW64\CTPdeSrv.exe


========== Modules (No Company Name) ==========

MOD - [2013/01/11 03:59:22 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\302207b4fa3083899fd8ab4db98cecc5\System.Management.ni.dll
MOD - [2013/01/11 03:53:52 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\865d2bf19a7af7fab8660a42d92550fe\System.Windows.Forms.ni.dll
MOD - [2013/01/11 03:53:44 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013/01/11 03:53:35 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\d908c91e24616e6b8d38c9da61038b25\Accessibility.ni.dll
MOD - [2013/01/11 03:52:45 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013/01/11 03:52:40 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll
MOD - [2013/01/11 03:52:33 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013/01/11 03:52:07 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2012/08/27 20:33:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/08/27 20:33:08 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2009/07/14 01:15:45 | 000,364,544 | ---- | M] () -- C:\Windows\SysWOW64\msjetoledb40.dll
MOD - [2009/07/07 11:21:28 | 000,455,336 | ---- | M] () -- C:\Program Files (x86) (x86)\Lexmark X5400 Series\lxdvmon.exe
MOD - [2009/07/07 11:21:28 | 000,025,256 | ---- | M] () -- C:\Program Files (x86) (x86)\Lexmark X5400 Series\lxdvamon.exe
MOD - [2007/10/08 03:59:24 | 000,036,864 | ---- | M] () -- C:\Program Files (x86) (x86)\Lexmark X5400 Series\app4r.monitor.core.dll
MOD - [2007/10/08 03:59:24 | 000,028,672 | ---- | M] () -- C:\Program Files (x86) (x86)\Lexmark X5400 Series\app4r.monitor.common.dll
MOD - [2007/10/08 03:58:32 | 000,057,344 | ---- | M] () -- C:\Program Files (x86) (x86)\Lexmark X5400 Series\app4r.devmons.mcmdevmon.dll
MOD - [2007/09/06 15:38:30 | 000,278,528 | ---- | M] () -- C:\Program Files (x86) (x86)\Lexmark X5400 Series\lxdvscw.dll
MOD - [2007/08/10 01:12:14 | 000,011,776 | ---- | M] () -- C:\Program Files (x86) (x86)\Lexmark X5400 Series\app4r.devmons.mcmdevmon.autoplayutil.dll
MOD - [2007/07/20 06:30:02 | 000,188,416 | ---- | M] () -- C:\Program Files (x86) (x86)\Lexmark X5400 Series\lxdvdatr.dll
MOD - [2006/11/23 16:12:30 | 000,851,968 | ---- | M] () -- C:\Program Files (x86)\Creative\Sync Manager Unicode\CTSyncU.exe
MOD - [2006/10/19 08:27:06 | 000,188,416 | ---- | M] () -- C:\Program Files (x86)\Creative\Sync Manager Unicode\CTSyncRs.crl
MOD - [2004/11/22 12:28:12 | 000,028,672 | ---- | M] () -- C:\Windows\SysWOW64\PdeSrvps.dll


========== Services (SafeList) ==========

SRV:64bit: - [2012/12/14 06:49:04 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2012/01/20 09:03:36 | 000,093,696 | ---- | M] (ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM) [Auto | Running] -- C:\Windows\SysNative\PrintCtrl.exe -- (Printer Control)
SRV:64bit: - [2010/12/28 08:00:34 | 001,296,728 | ---- | M] (www.BitComet.com) [On_Demand | Running] -- C:\Program Files\BitComet\tools\BitCometService.exe -- (BITCOMET_HELPER_SERVICE)
SRV:64bit: - [2009/07/14 01:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/14 01:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013/01/09 02:44:48 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/12/24 15:47:27 | 001,737,728 | ---- | M] (Lavasoft Limited ) [Auto | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2012/11/09 08:57:43 | 000,711,112 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe -- (vToolbarUpdater13.2.0)
SRV - [2012/10/10 21:23:42 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/10/02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/08/13 02:24:48 | 005,167,736 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/07/27 20:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/05/09 22:15:12 | 000,048,128 | ---- | M] (UltiDev LLC) [Auto | Running] -- C:\Program Files (x86)\UltiDev\Web Server\UWS.HighPrivilegeUtilities.exe -- (UWS HiPriv Services)
SRV - [2012/05/09 22:15:10 | 000,064,512 | ---- | M] (UltiDev LLC) [Auto | Running] -- C:\Program Files (x86)\UltiDev\Web Server\UltiDev.WebServer.Monitor.exe -- (UltiDev Web Server Pro)
SRV - [2012/05/09 22:15:10 | 000,044,032 | ---- | M] (UltiDev LLC) [Auto | Running] -- C:\Program Files (x86)\UltiDev\Web Server\UWS.LowPrivilegeUtilities.exe -- (UWS LoPriv Services)
SRV - [2012/02/14 03:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 21:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007/05/30 12:31:10 | 000,312,880 | ---- | M] (GRISOFT s.r.o.) [Auto | Running] -- C:\Program Files (x86)\Grisoft\AVG Anti-Spyware 7.5\guard.exe -- (AVG Anti-Spyware Guard)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/11/09 08:57:43 | 000,030,568 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2012/09/19 10:02:08 | 000,102,368 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2012/08/24 14:43:16 | 000,384,352 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/26 02:21:28 | 000,291,680 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2012/07/09 12:42:54 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/04/19 03:50:26 | 000,028,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2012/03/01 06:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/31 03:46:48 | 000,036,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2011/12/23 12:32:14 | 000,047,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2011/12/23 12:32:04 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avgidsfiltera.sys -- (AVGIDSFilter)
DRV:64bit: - [2011/12/23 12:31:58 | 000,124,496 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2011/07/22 16:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/12 21:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2011/03/11 06:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 06:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/23 08:49:00 | 000,155,752 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2010/11/21 03:24:43 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010/11/21 03:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/21 03:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010/11/21 03:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010/11/21 03:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010/11/21 03:23:48 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2010/11/21 03:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/21 03:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/08/12 12:15:20 | 000,069,152 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\Lbd.sys -- (Lbd)
DRV:64bit: - [2010/08/12 11:07:50 | 000,350,952 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET)
DRV:64bit: - [2009/09/17 18:04:18 | 001,250,816 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2009/07/14 01:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 01:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 01:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 00:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009/06/10 20:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009/06/10 20:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 20:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 20:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 20:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2007/05/30 12:10:42 | 000,014,072 | ---- | M] (GRISOFT, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AvgAsC64.sys -- (AvgAsC64)
DRV:64bit: - [2007/05/14 15:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:64bit: - [2005/05/16 00:30:00 | 000,021,888 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ctpdusbx.sys -- (Jukebox3_x64)
DRV - [2012/12/24 15:47:44 | 000,017,152 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys -- (Lavasoft Kernexplorer)
DRV - [2009/07/14 01:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2007/05/30 12:10:42 | 000,012,024 | ---- | M] () [Kernel | System | Running] -- C:\Program Files (x86)\Grisoft\AVG Anti-Spyware 7.5\guard64.sys -- (AVG Anti-Spyware Driver)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certif...2937&bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.certif...2937&bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.certif...2937&bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.certif...e=true&tid=2937
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.certif...e=true&tid=2937
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certif...2937&bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://search.certif...2937&bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://search.certif...2937&bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://search.certif...e=true&tid=2937
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://search.certif...e=true&tid=2937
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://search.certif...q={searchTerms}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www.google.co.uk/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certif...2937&bs=true&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.certif...2937&bs=true&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.certif...2937&bs=true&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.certif...e=true&tid=2937
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-GB
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 50 FE 1C 84 83 54 CD 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certif...2937&bs=true&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://search.certif...2937&bs=true&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://search.certif...2937&bs=true&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://search.certif...e=true&tid=2937
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://search.certif...e=true&tid=2937
IE - HKCU\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No CLSID value found
IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...0001078d21636a5
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...GGNI_en-GBGB490
IE - HKCU\..\SearchScopes\{91607fa7-3c2f-4f90-93e3-d5337a6b0ac2}: "URL" = Playbryte-fa/search/redirect/?type=default&user_id=39dda5db-6247-4142-9e8a-badf1265fb0a&query={searchTerms}
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg....fr&d=2012-06-27 18:05:54&v=12.2.5.32&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.babylo...0001078d21636a5
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2012/09/11 08:01:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\ProgramData\AVG Secure Search\FireFoxExt\13.2.0.5 [2012/11/09 08:57:55 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{58bd07eb-0ee0-4df0-8121-dc9b693373df}: C:\ProgramData\Browser Manager\2.5.976.107\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension [2012/12/07 14:44:35 | 000,000,000 | ---D | M]

[2012/07/01 14:11:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maria\AppData\Roaming\Mozilla\Firefox\extensions
[2012/07/01 14:11:03 | 000,000,000 | ---D | M] (BitTorrentBar Community Toolbar) -- C:\Users\Maria\AppData\Roaming\Mozilla\Firefox\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
[2012/11/29 20:15:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maria\AppData\Roaming\Mozilla\Firefox\Profiles\extensions
[2012/12/13 17:57:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maria\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions
[2012/08/25 19:55:44 | 000,000,000 | ---D | M] (OneClickDownloader) -- C:\Users\Maria\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\[email protected]
[2012/11/29 20:15:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maria\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\searchplugins
[2012/12/13 17:57:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maria\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions
[2012/11/18 22:05:09 | 000,213,316 | ---- | M] () (No name found) -- C:\Users\Maria\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\[email protected]
[2012/10/13 17:27:00 | 000,037,914 | ---- | M] () (No name found) -- C:\Users\Maria\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi
[2012/10/13 17:27:00 | 000,037,914 | ---- | M] () (No name found) -- C:\Users\Maria\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi
[2012/07/12 13:05:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/11/29 20:15:15 | 000,003,269 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Web Search.xml

========== Chrome ==========

CHR - homepage:
CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: http://start.gamesag...play.com/?o=shp
CHR - Extension: No name found = C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmcccagmbagkpbdgpammblejlmiempb\
CHR - Extension: First user = C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Extensions\gladcbhcbkdeddbidiblppadjdjalidb\2.1\
CHR - Extension: No name found = C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24\
CHR - Extension: No name found = C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145\

O1 HOSTS File: ([2009/06/10 21:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll ()
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {b278d9f8-0fa9-465e-9938-0c392605d8e3} - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [PrintDisp] C:\Windows\SysNative\PrintDisp.exe (ActMask Co.,Ltd - http://www.all2pdf.com)
O4 - HKLM..\Run: [!AVG Anti-Spyware] C:\Program Files (x86)\Grisoft\AVG Anti-Spyware 7.5\avgas.exe (GRISOFT s.r.o.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [lxdvamon] C:\Program Files (x86) (x86)\Lexmark X5400 Series\lxdvamon.exe ()
O4 - HKLM..\Run: [lxdvmon.exe] C:\Program Files (x86) (x86)\Lexmark X5400 Series\lxdvmon.exe ()
O4 - HKLM..\Run: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean File not found
O4 - HKCU..\Run: [BitComet] C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O4 - HKCU..\Run: [CTSyncU.exe] C:\Program Files (x86)\Creative\Sync Manager Unicode\CTSyncU.exe ()
O4 - HKCU..\Run: [MtdAcqu] C:\Program Files (x86)\Creative\MediaSource5\MtdAcqu.exe (Creative Technology Ltd)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8:64bit: - Extra context menu item: &D&ownload &with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8:64bit: - Extra context menu item: &D&ownload all with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &D&ownload &with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &D&ownload all with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O9:64bit: - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: MARIA-PC ([]file in Trusted sites)
O15 - HKCU\..Trusted Domains: MARIA-PC ([]http in Trusted sites)
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creat...102/CTSUEng.cab (Creative Software AutoUpdate)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creat...13/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creat...10926/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2EAA0504-CAA8-4EFA-8AE9-157D25CC463F}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{47DF5E8B-3C38-4A49-8AE4-17BA667E0764}: DhcpNameServer = 192.168.42.129
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll ()
O20 - AppInit_DLLs: (c:\progra~3\browse~1\25976~1.107\{c16c1~1\mngr.dll) - File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {57B86673-276A-48B2-BAE7-C6DBB3020EB8} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/01/29 16:21:54 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{CEE2EDA0-E652-41D9-A463-CF6DADEA3439}
[2013/01/29 13:04:08 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{65246282-C181-4425-8DED-A4E1253AFBE4}
[2013/01/29 10:07:30 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{B83E2A00-3E53-44ED-836A-8C9A8ED2E99C}
[2013/01/29 09:59:39 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{D24C1401-5812-4168-B9EA-7C2CA7AFA617}
[2013/01/28 21:43:06 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{E716571A-E193-4D7F-9F6A-B3B1D8B22498}
[2013/01/28 09:01:49 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{27AB5A39-01AB-463D-9CE4-FA186A4E38B1}
[2013/01/27 21:01:13 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{7A94EC17-43F9-40C4-A62B-890E9000A3ED}
[2013/01/27 09:00:35 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{92A14130-D930-466C-B86F-4BBE84743726}
[2013/01/26 21:00:13 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{28D92090-C799-4240-8D67-36294CFBFA74}
[2013/01/26 08:59:42 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{2F53974D-24E7-42BB-8ABD-FA20BB113448}
[2013/01/25 20:59:28 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{C99A2AD4-1988-4FEE-8A22-97821FEC8F09}
[2013/01/25 08:59:11 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{8051CAA5-D9CE-4719-8688-8BE32C326F79}
[2013/01/24 20:58:46 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{C98161FE-F877-4C1F-96BF-827B620A6A3A}
[2013/01/24 08:58:30 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{D89E7547-1159-4AEB-A071-65D5DAA057A8}
[2013/01/24 00:08:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Oberon Media
[2013/01/24 00:08:01 | 000,000,000 | ---D | C] -- C:\Program Files\Core Temp
[2013/01/24 00:06:32 | 000,000,000 | ---D | C] -- C:\ProgramData\APN
[2013/01/23 20:57:51 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{E56D18CC-D84B-47E2-8FBB-6DF08660A79D}
[2013/01/23 15:29:45 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Roaming\ExpressFiles
[2013/01/23 14:56:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpeedyPC Software
[2013/01/23 08:57:36 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{5E43F8EB-CC7B-46FE-9A68-21D4C9F0B2A9}
[2013/01/23 03:19:31 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{6DFFB077-13D0-435B-9D39-C9203F91DFAB}
[2013/01/22 12:04:35 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{46E3DDFB-A00C-4E63-A81A-F27C46C7D991}
[2013/01/22 00:04:13 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{79D28180-E19B-431C-A97A-4A6ECC1FB9C9}
[2013/01/21 12:03:38 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{F2F6042E-8919-4495-9656-C5F45DF3ECA0}
[2013/01/20 21:50:27 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{3ED34A04-9AEA-41CD-B7D9-077214A75410}
[2013/01/20 09:50:01 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{83CF9621-7D5D-413F-A142-DA06A6D2BF84}
[2013/01/19 21:49:43 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{D923A53F-C29E-412D-95AF-8E781E303799}
[2013/01/19 09:49:29 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{B1CF1034-93F8-4EEA-80B5-E19CB86DBC9D}
[2013/01/18 21:49:08 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{0AE9B0E4-FB85-484B-9B32-0E20F7E15CCA}
[2013/01/18 09:48:40 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{4C501722-561F-42E0-B104-86E863313DED}
[2013/01/17 21:48:23 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{770B40D0-C8B7-4BC0-8077-40B256B6A694}
[2013/01/17 09:47:05 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{1005EB38-76BF-4215-8D19-A293B38562DD}
[2013/01/16 21:46:08 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{19B8CBD4-9B26-4EEB-A4E6-8A4C4EB9087E}
[2013/01/16 09:45:33 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{241B08ED-C5AC-4593-A73C-7AB8E8BF644F}
[2013/01/15 21:45:00 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{0B2A3303-1759-4045-B3E4-8C701B584560}
[2013/01/15 09:44:46 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{2237CE4A-C3AE-4114-A84A-17F29E354D75}
[2013/01/14 19:44:08 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2013/01/14 19:44:06 | 000,000,000 | R--D | C] -- C:\Users\Maria\Podcasts
[2013/01/14 19:36:54 | 000,000,000 | ---D | C] -- C:\Program Files\Zune
[2013/01/14 14:50:34 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{CDB89AB3-828C-4756-8F9E-CA6C2CB99465}
[2013/01/14 02:50:21 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{F42792AC-6027-4150-B1A9-170F10572549}
[2013/01/13 14:49:58 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{C8D1775C-A2F8-4C00-9DD1-2972FB3D98B8}
[2013/01/13 02:49:34 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{13DDC374-9E98-4CC4-B869-07243F5CAF5D}
[2013/01/12 14:49:15 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{BFC02536-52F4-4878-8C74-EE44A01EE517}
[2013/01/12 02:48:56 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{D29D29DB-6835-452F-8F8E-483C6DF126CD}
[2013/01/11 14:48:30 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{3906CD8F-EA53-4C05-AACE-2297E580E691}
[2013/01/11 02:47:43 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{4B3416CF-A999-4B24-8DE2-D410C6A3692E}
[2013/01/10 14:47:27 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{548456A8-D3FA-485C-A547-B4EBAB2CA4B9}
[2013/01/10 02:46:56 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{83ACD073-0755-4B7C-B694-C730991DF76E}
[2013/01/09 14:46:34 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{9A172BBA-922A-4857-90F6-276AC4F33FFF}
[2013/01/09 02:46:13 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{F32CE926-3292-41E2-BC56-9135692C2F87}
[2013/01/08 14:45:44 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{2AD2D624-2DB2-4B85-99F7-77A211420702}
[2013/01/08 02:45:30 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{64F51B91-4184-42EB-9DB4-50E3D4B76754}
[2013/01/07 14:44:54 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{652EAA35-3780-44D4-8C53-BC43CA1C240D}
[2013/01/07 02:44:35 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{DBC335B4-AB4C-4EEB-8087-A3CAD621C5E2}
[2013/01/06 14:44:13 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{4CD17D0E-C720-4195-993E-6D3BDDBE34DE}
[2013/01/06 02:43:50 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{FA3E709E-85D3-46C5-BCF2-4EAF4B527F94}
[2013/01/05 14:43:03 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{78B7C3E0-C256-41AD-9D01-84234DBAF02C}
[2013/01/05 02:42:23 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{DC8E0DF8-600A-41B5-B896-55804F6BB60A}
[2013/01/04 20:35:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Caphyon
[2013/01/04 20:34:31 | 000,000,000 | ---D | C] -- C:\ProgramData\UltiDev
[2013/01/04 20:34:31 | 000,000,000 | ---D | C] -- C:\Program Files\UltiDev
[2013/01/04 20:34:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltiDev
[2013/01/04 20:34:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\UltiDev
[2013/01/04 20:26:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 9.0
[2013/01/04 20:26:33 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server
[2013/01/04 20:26:33 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\1033
[2013/01/04 20:26:33 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\1033
[2013/01/04 20:17:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2008
[2013/01/04 20:16:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server
[2013/01/04 18:56:56 | 000,000,000 | ---D | C] -- C:\Program Files\Speccy
[2013/01/04 15:31:16 | 000,000,000 | ---D | C] -- C:\Users\Maria\Documents\Microsoft Windows Vista Ultimate SP2 (32 Bit) Integrated December 2010 - Cool Release
[2013/01/04 14:42:10 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{DA66E36C-C173-4457-B624-9CB755B4DEC3}
[2013/01/04 02:39:27 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{E714AC37-568B-4600-8723-0028EC6686FF}
[2013/01/03 20:46:04 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\LG Electronics
[2013/01/03 20:44:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2013/01/03 19:58:43 | 000,000,000 | ---D | C] -- C:\ProgramData\LGMOBILEAX
[2013/01/03 14:39:01 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{DE5F7AC4-17AB-4CE5-A549-73A19059E6D9}
[2013/01/03 02:38:48 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{9305E3AD-A04F-4798-812E-DE1E7D09CFE8}
[2013/01/02 14:38:22 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{41B6C7A8-DEED-44EA-A427-8D94CD1D30FC}
[2013/01/02 02:38:02 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{7E2AB1F3-F508-4BCE-B5E2-C58737B01262}
[2013/01/01 14:37:47 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{AE005CAF-C6C3-4947-8DD2-1A403B1BF2FE}
[2013/01/01 02:37:18 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{AD1D8FE2-96A8-499E-9627-FB38D4F16541}
[2012/12/31 14:36:53 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{EAA707E7-E546-4483-BE6C-6145170D6F63}
[2012/12/31 08:26:33 | 000,000,000 | ---D | C] -- C:\Users\Maria\Documents\Jack.Reacher.2012.DVDrip.x264.YIFY
[2012/12/31 02:36:33 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{7D836500-4DAE-4B00-A2A4-9290284B7B88}
[2012/08/12 12:45:54 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Maria\AppData\Roaming\pcouffin.sys
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/01/29 16:37:01 | 000,001,095 | ---- | M] () -- C:\Users\Maria\Desktop\OTL - Shortcut.lnk
[2013/01/29 16:29:52 | 108,162,288 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2013/01/29 16:27:34 | 000,022,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/01/29 16:27:34 | 000,022,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/01/29 16:25:26 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/01/29 16:18:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/01/29 16:17:55 | 3220,725,760 | -HS- | M] () -- C:\hiberfil.sys
[2013/01/26 19:17:52 | 000,021,504 | ---- | M] () -- C:\Users\Maria\Documents\sorrow.pub
[2013/01/26 19:17:17 | 000,007,168 | ---- | M] () -- C:\Users\Maria\Documents\Biz1Logo.jsp
[2013/01/26 11:11:04 | 003,346,873 | ---- | M] () -- C:\Users\Maria\Documents\The Book Of Wisdom.pdf
[2013/01/24 10:39:13 | 000,734,655 | ---- | M] () -- C:\Users\Maria\Documents\LifePurposeTips The One Question.pdf
[2013/01/23 21:00:47 | 000,036,352 | ---- | M] () -- C:\Users\Maria\Documents\THE SELF-REFLECTION MANIFESTO....pub
[2013/01/22 21:25:51 | 000,427,871 | ---- | M] () -- C:\Users\Maria\Documents\underrated stress tips 5.pdf
[2013/01/21 16:29:10 | 003,176,014 | ---- | M] () -- C:\Users\Maria\Documents\Most Inspiring Quotes of All Time.pdf
[2013/01/21 16:28:38 | 001,160,427 | ---- | M] () -- C:\Users\Maria\Documents\101 Things To Do Before You Die.pdf
[2013/01/21 16:08:26 | 000,867,943 | ---- | M] () -- C:\Users\Maria\Documents\start over create the life you want.pdf
[2013/01/17 14:12:00 | 000,001,057 | ---- | M] () -- C:\Users\Maria\AppData\Roaming\vso_ts_preview.xml
[2013/01/17 09:23:08 | 000,269,563 | ---- | M] () -- C:\Users\Public\Documents\Prosperity Points.pdf
[2013/01/14 19:14:15 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/01/14 18:43:15 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/01/14 08:34:34 | 000,000,064 | ---- | M] () -- C:\Windows\SysWow64\rp_stats.dat
[2013/01/14 08:34:34 | 000,000,044 | ---- | M] () -- C:\Windows\SysWow64\rp_rules.dat
[2013/01/12 17:06:31 | 000,306,252 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm
[2013/01/11 03:37:17 | 000,414,848 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/01/11 03:17:29 | 000,858,182 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/01/11 03:17:29 | 000,718,014 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/01/11 03:17:29 | 000,146,516 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/01/11 03:17:15 | 000,858,182 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/01/06 13:00:00 | 000,000,645 | ---- | M] () -- C:\Users\Maria\Desktop\Photos - Shortcut.lnk
[2013/01/05 14:56:58 | 000,096,768 | ---- | M] () -- C:\Users\Maria\Documents\engagment poem.pub
[2013/01/05 14:46:29 | 000,096,768 | ---- | M] () -- C:\Users\Maria\Documents\engagment poem 2.pub
[2013/01/04 18:56:57 | 000,000,796 | ---- | M] () -- C:\Users\Public\Desktop\Speccy.lnk
[2013/01/03 20:50:00 | 000,002,413 | ---- | M] () -- C:\Windows\SysWow64\lgAxconfig.ini
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/01/26 19:17:16 | 000,021,504 | ---- | C] () -- C:\Users\Maria\Documents\sorrow.pub
[2013/01/26 19:17:16 | 000,007,168 | ---- | C] () -- C:\Users\Maria\Documents\Biz1Logo.jsp
[2013/01/26 11:11:03 | 003,346,873 | ---- | C] () -- C:\Users\Maria\Documents\The Book Of Wisdom.pdf
[2013/01/24 10:39:13 | 000,734,655 | ---- | C] () -- C:\Users\Maria\Documents\LifePurposeTips The One Question.pdf
[2013/01/23 18:37:59 | 000,036,352 | ---- | C] () -- C:\Users\Maria\Documents\THE SELF-REFLECTION MANIFESTO....pub
[2013/01/22 21:25:51 | 000,427,871 | ---- | C] () -- C:\Users\Maria\Documents\underrated stress tips 5.pdf
[2013/01/21 16:29:10 | 003,176,014 | ---- | C] () -- C:\Users\Maria\Documents\Most Inspiring Quotes of All Time.pdf
[2013/01/21 16:28:38 | 001,160,427 | ---- | C] () -- C:\Users\Maria\Documents\101 Things To Do Before You Die.pdf
[2013/01/21 16:08:26 | 000,867,943 | ---- | C] () -- C:\Users\Maria\Documents\start over create the life you want.pdf
[2013/01/17 09:22:58 | 000,269,563 | ---- | C] () -- C:\Users\Public\Documents\Prosperity Points.pdf
[2013/01/06 13:00:00 | 000,000,645 | ---- | C] () -- C:\Users\Maria\Desktop\Photos - Shortcut.lnk
[2013/01/05 14:31:35 | 000,096,768 | ---- | C] () -- C:\Users\Maria\Documents\engagment poem 2.pub
[2013/01/04 20:13:23 | 000,858,182 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/01/04 18:56:57 | 000,000,796 | ---- | C] () -- C:\Users\Public\Desktop\Speccy.lnk
[2013/01/03 19:58:52 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\CommonDL.dll
[2013/01/03 19:58:52 | 000,002,413 | ---- | C] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2012/12/30 16:41:43 | 000,096,768 | ---- | C] () -- C:\Users\Maria\Documents\engagment poem.pub
[2012/12/24 15:48:11 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat
[2012/12/24 15:48:11 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat
[2012/12/13 17:58:51 | 000,153,088 | ---- | C] () -- C:\Windows\SysWow64\unrar3.dll
[2012/12/13 17:58:51 | 000,075,264 | ---- | C] () -- C:\Windows\SysWow64\unacev2.dll
[2012/12/13 06:50:32 | 000,107,384 | ---- | C] () -- C:\Users\Maria\AppData\Roaming\Switch.dmp
[2012/11/29 20:15:21 | 000,015,432 | ---- | C] () -- C:\Windows\Launcher.exe
[2012/11/25 17:34:45 | 001,391,616 | ---- | C] () -- C:\Windows\SysWow64\ActPDF.dll
[2012/11/20 17:59:42 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012/08/12 12:45:54 | 000,099,384 | ---- | C] () -- C:\Users\Maria\AppData\Roaming\inst.exe
[2012/08/12 12:45:54 | 000,007,859 | ---- | C] () -- C:\Users\Maria\AppData\Roaming\pcouffin.cat
[2012/08/12 12:45:54 | 000,001,167 | ---- | C] () -- C:\Users\Maria\AppData\Roaming\pcouffin.inf
[2012/08/10 22:03:57 | 000,001,057 | ---- | C] () -- C:\Users\Maria\AppData\Roaming\vso_ts_preview.xml
[2012/07/13 11:33:40 | 000,000,632 | RHS- | C] () -- C:\Users\Maria\ntuser.pol
[2012/07/12 13:15:21 | 000,149,504 | ---- | C] () -- C:\Windows\UNWISE.EXE
[2012/07/12 13:15:21 | 000,028,672 | ---- | C] () -- C:\Windows\SysWow64\PdeSrvps.dll
[2012/07/08 12:33:44 | 000,000,582 | ---- | C] () -- C:\Windows\WinInit.Ini
[2012/07/07 18:49:14 | 001,661,952 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdvserv.dll
[2012/07/07 18:49:14 | 001,502,720 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdvusb1.dll
[2012/07/07 18:49:14 | 000,977,408 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdvpmui.dll
[2012/07/07 18:49:14 | 000,885,248 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdvlmpm.dll
[2012/07/07 18:49:14 | 000,671,744 | ---- | C] ( ) -- C:\Windows\SysWow64\LXDVhcp.dll
[2012/07/07 18:49:14 | 000,541,696 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdvinpa.dll
[2012/07/07 18:49:14 | 000,524,800 | ---- | C] () -- C:\Windows\SysWow64\LXDVinst.dll
[2012/07/07 18:49:14 | 000,510,464 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdviesc.dll
[2012/07/07 18:49:14 | 000,047,104 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdvprox.dll
[2012/07/07 18:49:13 | 001,472,512 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdvcomc.dll
[2012/07/07 18:49:13 | 001,070,592 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdvhbn3.dll
[2012/07/07 18:49:13 | 001,044,136 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdvcoms.exe
[2012/07/07 18:49:13 | 000,602,792 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdvcfg.exe
[2012/07/07 18:49:13 | 000,562,688 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdvcomm.dll
[2012/07/07 18:49:13 | 000,519,336 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdvih.exe
[2012/07/07 18:49:13 | 000,299,520 | ---- | C] () -- C:\Windows\SysWow64\lxdvgrd.dll

========== ZeroAccess Check ==========

[2009/07/14 04:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 05:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 04:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 01:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 03:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 01:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/06/27 17:29:38 | 000,000,000 | ---D | M] -- C:\Users\Maria\AppData\Roaming\5400 Series
[2012/10/24 15:36:06 | 000,000,000 | ---D | M] -- C:\Users\Maria\AppData\Roaming\AVG
[2012/06/29 22:57:21 | 000,000,000 | ---D | M] -- C:\Users\Maria\AppData\Roaming\AVG2012
[2012/09/09 11:53:59 | 000,000,000 | ---D | M] -- C:\Users\Maria\AppData\Roaming\Babylon
[2013/01/29 16:45:15 | 000,000,000 | ---D | M] -- C:\Users\Maria\AppData\Roaming\BitComet
[2012/07/18 20:40:49 | 000,000,000 | ---D | M] -- C:\Users\Maria\AppData\Roaming\Canon
[2012/07/05 16:52:11 | 000,000,000 | ---D | M] -- C:\Users\Maria\AppData\Roaming\CometPlayer
[2012/12/13 18:15:14 | 000,000,000 | ---D | M] -- C:\Users\Maria\AppData\Roaming\DriverCure
[2013/01/23 15:29:58 | 000,000,000 | ---D | M] -- C:\Users\Maria\AppData\Roaming\ExpressFiles
[2012/07/12 13:07:08 | 000,000,000 | ---D | M] -- C:\Users\Maria\AppData\Roaming\Fighters
[2012/12/01 12:46:46 | 000,000,000 | ---D | M] -- C:\Users\Maria\AppData\Roaming\FreeVideoConverter
[2012/12/13 22:10:53 | 000,000,000 | ---D | M] -- C:\Users\Maria\AppData\Roaming\Grisoft
[2012/08/11 16:26:17 | 000,000,000 | ---D | M] -- C:\Users\Maria\AppData\Roaming\ImgBurn
[2012/07/08 11:33:59 | 000,000,000 | ---D | M] -- C:\Users\Maria\AppData\Roaming\Lexmark Productivity Studio
[2012/11/20 17:07:49 | 000,000,000 | ---D | M] -- C:\Users\Maria\AppData\Roaming\Nullsoft
[2012/08/12 07:37:04 | 000,000,000 | ---D | M] -- C:\Users\Maria\AppData\Roaming\Optimizer Pro
[2012/12/13 17:58:49 | 000,000,000 | ---D | M] -- C:\Users\Maria\AppData\Roaming\Simply Super Software
[2012/11/25 16:45:08 | 000,000,000 | ---D | M] -- C:\Users\Maria\AppData\Roaming\Softplicity
[2012/12/13 18:15:14 | 000,000,000 | ---D | M] -- C:\Users\Maria\AppData\Roaming\SpeedyPC Software
[2012/07/05 16:53:14 | 000,000,000 | ---D | M] -- C:\Users\Maria\AppData\Roaming\tigerplayer
[2013/01/29 11:06:32 | 000,000,000 | ---D | M] -- C:\Users\Maria\AppData\Roaming\Vso
[2012/06/29 07:56:32 | 000,000,000 | ---D | M] -- C:\Users\Maria\AppData\Roaming\Windows Live Writer
[2012/07/12 16:38:06 | 000,000,000 | ---D | M] -- C:\Users\Maria\AppData\Roaming\X5400 Series
[2012/09/09 11:53:06 | 000,000,000 | ---D | M] -- C:\Users\Maria\AppData\Roaming\YourFileDownloader

========== Purity Check ==========



< End of report >


iv tried downloading the bluescreen but when its downloaded there is no exe file to run, i haverun it as an administer and it just comes up with a couple of white boxes but there isnt anything in them to click to start a scan?

im so sorry i seem to be useless because iv gone on to the event viewer and iv scrolled down on the log summery and i cannot seem to find windows logs or application?

i have managed to do the command prompt sfc scannow and that came up with no violations.


Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 30/01/2013 20:32:03

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 30/01/2013 15:42:29
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 30/01/2013 15:38:20
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 30/01/2013 07:13:17
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 29/01/2013 20:01:36
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 29/01/2013 16:17:37
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 29/01/2013 12:58:50
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 29/01/2013 10:01:04
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 29/01/2013 09:55:56
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 29/01/2013 09:54:22
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 29/01/2013 09:33:45
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 28/01/2013 21:56:03
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 28/01/2013 13:28:25
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 28/01/2013 11:37:42
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 28/01/2013 11:35:16
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 28/01/2013 08:32:18
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 23/01/2013 23:44:10
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 23/01/2013 23:40:34
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 23/01/2013 08:54:16
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 21/01/2013 14:05:31
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 21/01/2013 11:53:10
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 30/01/2013 15:42:45
Type: Error Category: 0
Event: 6008 Source: EventLog
The previous system shutdown at 15:39:35 on ?30/?01/?2013 was unexpected.

Log: 'System' Date/Time: 30/01/2013 15:38:41
Type: Error Category: 0
Event: 6008 Source: EventLog
The previous system shutdown at 15:11:47 on ?30/?01/?2013 was unexpected.

Log: 'System' Date/Time: 30/01/2013 10:52:51
Type: Error Category: 0
Event: 7011 Source: Service Control Manager
A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.

Log: 'System' Date/Time: 30/01/2013 07:13:33
Type: Error Category: 0
Event: 6008 Source: EventLog
The previous system shutdown at 07:11:36 on ?30/?01/?2013 was unexpected.

Log: 'System' Date/Time: 29/01/2013 21:43:23
Type: Error Category: 0
Event: 7011 Source: Service Control Manager
A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.

Log: 'System' Date/Time: 29/01/2013 20:02:00
Type: Error Category: 0
Event: 6008 Source: EventLog
The previous system shutdown at 19:19:07 on ?29/?01/?2013 was unexpected.

Log: 'System' Date/Time: 29/01/2013 14:13:24
Type: Error Category: 0
Event: 7011 Source: Service Control Manager
A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

Log: 'System' Date/Time: 29/01/2013 13:01:52
Type: Error Category: 0
Event: 7031 Source: Service Control Manager
The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Log: 'System' Date/Time: 29/01/2013 13:01:52
Type: Error Category: 0
Event: 7024 Source: Service Control Manager
The Windows Search service terminated with service-specific error %%-1073473535.

Log: 'System' Date/Time: 29/01/2013 13:00:50
Type: Error Category: 0
Event: 7031 Source: Service Control Manager
The Lavasoft Ad-Aware Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

Log: 'System' Date/Time: 29/01/2013 12:40:44
Type: Error Category: 0
Event: 7011 Source: Service Control Manager
A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.

Log: 'System' Date/Time: 29/01/2013 10:01:18
Type: Error Category: 0
Event: 6008 Source: EventLog
The previous system shutdown at 09:59:59 on ?29/?01/?2013 was unexpected.

Log: 'System' Date/Time: 29/01/2013 09:56:11
Type: Error Category: 0
Event: 6008 Source: EventLog
The previous system shutdown at 09:54:43 on ?29/?01/?2013 was unexpected.

Log: 'System' Date/Time: 29/01/2013 09:54:42
Type: Error Category: 0
Event: 6008 Source: EventLog
The previous system shutdown at 09:36:45 on ?29/?01/?2013 was unexpected.

Log: 'System' Date/Time: 29/01/2013 09:33:59
Type: Error Category: 0
Event: 6008 Source: EventLog
The previous system shutdown at 09:32:18 on ?29/?01/?2013 was unexpected.

Log: 'System' Date/Time: 28/01/2013 21:56:26
Type: Error Category: 0
Event: 6008 Source: EventLog
The previous system shutdown at 21:45:40 on ?28/?01/?2013 was unexpected.

Log: 'System' Date/Time: 28/01/2013 13:28:46
Type: Error Category: 0
Event: 6008 Source: EventLog
The previous system shutdown at 13:23:57 on ?28/?01/?2013 was unexpected.

Log: 'System' Date/Time: 28/01/2013 11:38:03
Type: Error Category: 0
Event: 6008 Source: EventLog
The previous system shutdown at 11:36:31 on ?28/?01/?2013 was unexpected.

Log: 'System' Date/Time: 28/01/2013 11:35:38
Type: Error Category: 0
Event: 6008 Source: EventLog
The previous system shutdown at 11:34:18 on ?28/?01/?2013 was unexpected.

Log: 'System' Date/Time: 28/01/2013 08:32:44
Type: Error Category: 0
Event: 6008 Source: EventLog
The previous system shutdown at 08:15:17 on ?28/?01/?2013 was unexpected.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 30/01/2013 19:04:31
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WUDFRd failed to load for the device WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_CANON&PROD_MG4100_SERIES&REV_0152#7&3855B569&0&10AAFE&0#.

Log: 'System' Date/Time: 30/01/2013 18:12:38
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name secure.shared.live.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 30/01/2013 18:12:07
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name ipv6.msftncsi.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 30/01/2013 15:43:10
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name ipv6.msftncsi.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 30/01/2013 15:39:07
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name ipv6.msftncsi.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 30/01/2013 15:09:57
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name ipv6.msftncsi.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 30/01/2013 11:06:42
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name dns.msftncsi.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 30/01/2013 10:53:01
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name ipv6.msftncsi.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 30/01/2013 07:28:17
Type: Warning Category: 0
Event: 4 Source: Microsoft-Windows-Kernel-Tm
The TransactionManager (TmId={617E23CE-6A2F-11E2-9BED-806E6F6E6963}, LogPath=\SystemRoot\System32\Config\TxR\{617e23cc-6a2f-11e2-9bed-806e6f6e6963}.TM) has failed to advance its log tail, due to the transaction (UOW={617E2415-6A2F-11E2-9BED-1078D21636A5}, Description='') being unresolved for some time. The transaction must be forced to resolve in order for the TransactionManager to continue to provide transactional services. Forcing the incorrect outcome may cause data corruption in any subordinate ResourceManagers or Transactionmanagers.

Log: 'System' Date/Time: 30/01/2013 07:14:04
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name ipv6.msftncsi.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 30/01/2013 07:10:40
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name ipv6.msftncsi.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 29/01/2013 20:16:36
Type: Warning Category: 0
Event: 4 Source: Microsoft-Windows-Kernel-Tm
The TransactionManager (TmId={617E23CE-6A2F-11E2-9BED-806E6F6E6963}, LogPath=\SystemRoot\System32\Config\TxR\{617e23cc-6a2f-11e2-9bed-806e6f6e6963}.TM) has failed to advance its log tail, due to the transaction (UOW={617E2415-6A2F-11E2-9BED-1078D21636A5}, Description='') being unresolved for some time. The transaction must be forced to resolve in order for the TransactionManager to continue to provide transactional services. Forcing the incorrect outcome may cause data corruption in any subordinate ResourceManagers or Transactionmanagers.

Log: 'System' Date/Time: 29/01/2013 20:02:29
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name ipv6.msftncsi.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 29/01/2013 17:34:27
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name dns.msftncsi.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 29/01/2013 17:28:17
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name dns.msftncsi.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 29/01/2013 14:13:31
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name ipv6.msftncsi.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 29/01/2013 12:59:57
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name ipv6.msftncsi.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 29/01/2013 11:59:25
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name dns.msftncsi.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 29/01/2013 10:41:00
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name dns.msftncsi.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 29/01/2013 10:27:44
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name messenger.hotmail.com timed out after none of the configured DNS servers responded.



Process PID CPU Private Bytes Working Set Verified Signer
AAWTray.exe 3952 2,056 K 1,352 K (Verified) Lavasoft Limited
armsvc.exe 1776 1,124 K 168 K (Verified) Adobe Systems
audiodg.exe 2124 15,476 K 16,260 K (Unable to verify) (null)
avgcsrva.exe 5584 5,520 K 6,508 K (Unable to verify) (null)
avgcsrva.exe 396 24,828 K 388 K (Unable to verify) (null)
avgemca.exe 3004 4,360 K 3,088 K (Unable to verify) (null)
BJMYPRT.EXE 3428 1,440 K 748 K (Verified) Canon Inc.
CTPdeSrv.exe 4560 1,596 K 1,384 K (Verified) Microsoft Windows Hardware Compatibility Publisher
CTSyncU.exe 3968 7,144 K 2,848 K (Unable to verify)
dllhost.exe 4288 2,140 K 2,660 K (Unable to verify) (null)
FlashUtil32_11_5_502_146_ActiveX.exe 6952 12,900 K 24,512 K (Verified) Adobe Systems Incorporated
GoogleToolbarUser_32.exe 7068 5,172 K 3,380 K (Verified) Google Inc
guard.exe 1852 28,932 K 1,340 K (Verified) GRISOFT LTD
lsm.exe 752 2,532 K 2,132 K (Unable to verify) (null)
lxdvamon.exe 3636 14,564 K 6,460 K (Verified) Lexmark International
mDNSResponder.exe 1920 1,976 K 2,580 K (Verified) Apple Inc.
MtdAcqu.exe 3900 5,900 K 2,176 K (Unable to verify) Creative Technology Ltd
nvSCPAPISvr.exe 972 2,640 K 1,372 K (Verified) NVIDIA Corporation
nvtray.exe 4076 6,272 K 6,112 K (Verified) NVIDIA Corporation
nvvsvc.exe 952 2,180 K 2,652 K (Verified) NVIDIA Corporation
NvXDSync.exe 1428 6,760 K 9,216 K (Unable to verify) (null)
ONENOTEM.EXE 2408 980 K 600 K (Verified) Microsoft Corporation
PrintCtrl.exe 1280 1,076 K 128 K (Unable to verify) ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM
PrintDisp.exe 1708 1,584 K 736 K (Unable to verify) (null)
PrintDisp.exe 3784 1,820 K 1,580 K (Unable to verify) ActMask Co.,Ltd - http://www.all2pdf.com
procexp.exe 3108 2,416 K 6,636 K (Verified) Microsoft Corporation
ProtectedSearch.exe 3776 15,524 K 1,820 K (Unable to verify) (null)
services.exe 716 7,408 K 5,664 K (Unable to verify) (null)
smss.exe 272 372 K 68 K (Unable to verify) (null)
splwow64.exe 5336 3,004 K 5,360 K (Verified) Microsoft Windows
sqlbrowser.exe 1572 1,456 K 180 K (Verified) Microsoft Corporation
sqlservr.exe 1996 51,360 K 1,352 K (Verified) Microsoft Corporation
sqlwriter.exe 1688 1,676 K 1,272 K (Verified) Microsoft Corporation
svchost.exe 3740 2,360 K 2,804 K (Verified) Microsoft Windows
svchost.exe 748 36,280 K 26,820 K (Verified) Microsoft Windows
taskeng.exe 2572 1,612 K 2,252 K (Unable to verify) (null)
taskeng.exe 3472 1,860 K 1,320 K (Unable to verify) (null)
taskhost.exe 2420 5,320 K 4,840 K (Unable to verify) (null)
taskhost.exe 1300 8,252 K 5,316 K (Verified) Microsoft Windows
unsecapp.exe 2916 1,328 K 1,640 K (Unable to verify) (null)
UWS.HighPrivilegeUtilities.exe 2160 21,996 K 252 K (Unable to verify) UltiDev LLC
UWS.LowPrivilegeUtilities.exe 2440 24,432 K 256 K (Unable to verify) UltiDev LLC
wininit.exe 656 1,332 K 140 K (Unable to verify) (null)
winlogon.exe 764 2,484 K 1,780 K (Unable to verify) (null)
WLIDSVCM.EXE 2600 1,008 K 124 K (Unable to verify) (null)
WmiPrvSE.exe 6880 2,764 K 1,792 K (Unable to verify) (null)
WmiPrvSE.exe 2172 2,936 K 2,084 K (Unable to verify) (null)
WUDFHost.exe 6804 1,824 K 5,944 K (Unable to verify) (null)
nvvsvc.exe 1440 < 0.01 4,828 K 3,388 K (Unable to verify) (null)
iTunesHelper.exe 4324 < 0.01 3,432 K 2,680 K (Verified) Apple Inc.
spoolsv.exe 1604 < 0.01 7,344 K 9,200 K (Verified) Microsoft Windows
conhost.exe 3504 < 0.01 1,068 K 360 K (Unable to verify) (null)
conhost.exe 3648 < 0.01 1,072 K 360 K (Unable to verify) (null)
avgrsa.exe 352 < 0.01 31,128 K 592 K (Unable to verify) (null)
svchost.exe 1040 < 0.01 146,120 K 145,932 K (Verified) Microsoft Windows
svchost.exe 1204 < 0.01 9,456 K 12,244 K (Verified) Microsoft Windows
svchost.exe 6124 < 0.01 9,768 K 10,540 K (Verified) Microsoft Windows
WLIDSVC.EXE 2492 < 0.01 7,460 K 8,304 K (Unable to verify) (null)
svchost.exe 100 0.01 6,232 K 6,904 K (Verified) Microsoft Windows
VDeck.exe 3032 0.01 11,940 K 7,184 K (Unable to verify) VIA
svchost.exe 2084 0.01 7,728 K 6,392 K (Verified) Microsoft Windows
avgtray.exe 3024 0.01 7,412 K 10,084 K (Verified) AVG Technologies CZ
daemonu.exe 6960 0.01 2,452 K 1,440 K (Verified) NVIDIA Corporation
svchost.exe 1068 0.01 24,428 K 22,400 K (Verified) Microsoft Windows
AppleMobileDeviceService.exe 1808 0.01 2,812 K 2,344 K (Verified) Apple Inc.
SASCORE64.EXE 1756 0.01 1,984 K 236 K (Unable to verify) (null)
wlcomm.exe 5896 0.01 12,760 K 54,736 K (Verified) Microsoft Corporation
csrss.exe 612 0.01 2,020 K 1,940 K (Unable to verify) (null)
SearchIndexer.exe 5056 0.01 44,312 K 20,328 K (Verified) Microsoft Windows
CNSEUPDT.EXE 3284 0.01 2,744 K 996 K (Verified) Canon Inc.
svchost.exe 1328 0.02 13,992 K 9,884 K (Verified) Microsoft Windows
iexplore.exe 6424 0.02 24,936 K 32,424 K (Verified) Microsoft Windows
avgwdsvc.exe 1876 0.02 9,364 K 10,232 K (Verified) AVG Technologies
AAWService.exe 1412 0.02 70,824 K 42,772 K (Unable to verify) Lavasoft Limited
CNSEMAIN.EXE 4188 0.03 43,840 K 42,292 K (Verified) Canon Inc.
explorer.exe 3112 0.03 49,976 K 65,428 K (Verified) Microsoft Windows
iPodService.exe 4968 0.04 2,352 K 2,276 K (Verified) Apple Inc.
avgidsagent.exe 2664 0.04 16,428 K 15,304 K (Verified) AVG Technologies CZ
wlmail.exe 2632 0.04 86,608 K 183,280 K (Verified) Microsoft Corporation
svchost.exe 1644 0.04 14,368 K 12,204 K (Verified) Microsoft Windows
svchost.exe 1960 0.05 7,288 K 10,736 K (Verified) Microsoft Windows
UWS.AppHost.Clr2.AnyCpu.exe 3492 0.05 50,940 K 19,100 K (Unable to verify) (null)
lsass.exe 744 0.07 6,880 K 8,808 K (Verified) Microsoft Windows
iexplore.exe 6780 0.07 179,444 K 182,540 K (Verified) Microsoft Windows
UltiDev.WebServer.Monitor.exe 2580 0.07 30,780 K 7,732 K (Unable to verify) UltiDev LLC
BitCometService.exe 4100 0.09 1,632 K 1,092 K (Verified) Shanghai Comet Network Technology
svchost.exe 888 0.09 4,260 K 4,664 K (Verified) Microsoft Windows
SUPERANTISPYWARE.EXE 2872 0.10 199,168 K 776 K (Verified) SuperAdBlocker.com
avgas.exe 4312 0.32 39,760 K 2,988 K (Verified) GRISOFT LTD
System 4 0.75 404 K 644 K
avgnsa.exe 2996 1.06 9,956 K 9,640 K (Unable to verify) (null)
wmpnetwk.exe 5132 1.25 12,940 K 15,104 K (Verified) Microsoft Windows
csrss.exe 668 1.37 2,644 K 16,660 K (Unable to verify) (null)
dwm.exe 1296 1.68 74,112 K 74,080 K (Verified) Microsoft Windows
BitComet.exe 3452 2.60 72,420 K 65,644 K (Verified) Shanghai Comet Network Technology
Interrupts n/a 3.07 0 K 0 K
procexp64.exe 5880 5.44 24,156 K 44,520 K (Verified) Sysinternals
System Idle Process 0 32.66 0 K 24 K
UWS.AppHost.Clr2.AnyCpu.exe 3624 48.79 387,924 K 343,900 K (Unable to verify) (null)




i am sorry i have not been able to do those two other things that you have suggested, i really do appriciate all of your advice, many thanks maria
  • 0

#4
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,793 posts
  • MVP
Copy the text in the code box by highlighting and Ctrl + c

:OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certif...2937&bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.certif...2937&bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.certif...2937&bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.certif...e=true&tid=2937
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.certif...e=true&tid=2937
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certif...2937&bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://search.certif...2937&bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://search.certif...2937&bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://search.certif...e=true&tid=2937
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://search.certif...e=true&tid=2937
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://search.certif...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certif...2937&bs=true&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.certif...2937&bs=true&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.certif...2937&bs=true&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.certif...e=true&tid=2937
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certif...2937&bs=true&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://search.certif...2937&bs=true&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://search.certif...2937&bs=true&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://search.certif...e=true&tid=2937
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://search.certif...e=true&tid=2937
IE - HKCU\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No CLSID value found
IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...0001078d21636a5
IE - HKCU\..\SearchScopes\{91607fa7-3c2f-4f90-93e3-d5337a6b0ac2}: "URL" = Playbryte-fa/search/redirect/?type=default&user_id=39dda5db-6247-4142-9e8a-badf1265fb0a&query={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.babylo...0001078d21636a5
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{58bd07eb-0ee0-4df0-8121-dc9b693373df}: C:\ProgramData\Browser Manager\2.5.976.107\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension [2012/12/07 14:44:35 | 000,000,000 | ---D | M]
[2012/07/01 14:11:03 | 000,000,000 | ---D | M] (BitTorrentBar Community Toolbar) -- C:\Users\Maria\AppData\Roaming\Mozilla\Firefox\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
[2012/11/29 20:15:17 | 000,000,000 | ---D | M] (No name found) -- C:\U[2012/08/25 19:55:44 | 000,000,000 | ---D | M] (OneClickDownloader) -- C:\Users\Maria\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\[email protected]
[2012/10/13 17:27:00 | 000,037,914 | ---- | M] () (No name found) -- C:\Users\Maria\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi
[2012/10/13 17:27:00 | 000,037,914 | ---- | M] () (No name found) -- C:\Users\Maria\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)
O3 - HKLM\..\Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {b278d9f8-0fa9-465e-9938-0c392605d8e3} - No CLSID value found.
O4 - HKLM..\Run: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean File not found
O4 - HKCU..\Run: [BitComet] C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8:64bit: - Extra context menu item: &D&ownload &with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8:64bit: - Extra context menu item: &D&ownload all with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &D&ownload &with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &D&ownload all with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)
O15 - HKCU\..Trusted Domains: MARIA-PC ([]file in Trusted sites)
O15 - HKCU\..Trusted Domains: MARIA-PC ([]http in Trusted sites)
O20 - AppInit_DLLs: (c:\progra~3\browse~1\25976~1.107\{c16c1~1\mngr.dll) - File not found

:files
sc config "BITCOMET_HELPER_SERVICE" start= disabled /c
sc config "UWS HiPriv Services" start= disabled /c
sc config "UltiDev Web Server Pro" start= disabled /c
sc config "UWS LoPriv Services" start= disabled /c
C:\Program Files (x86)\UltiDev
C:\ProgramData\Caphyon
C:\ProgramData\UltiDev
C:\Program Files\UltiDev
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltiDev
c:\progra~3\browse~1
C:\Program Files\BitComet
C:\Users\Maria\AppData\Roaming\Babylon
C:\Users\Maria\AppData\Roaming\BitComet
C:\Users\Maria\AppData\Roaming\CometPlayer


:Commands
[EMPTYTEMP]
[purity]
[Reboot]


then Rightclick on OTL and select Run As Administrator to start. Under the Custom Scans/Fixes box at the bottom, paste (ctrl +v) the text. Verify that you got it all and Then click the RUN FIX button (NOT THE QUICK SCAN button!) at the top
Let the program run unhindered, OTL will reboot the PC when it is done. Save the log and copy and paste it into a reply.
It appears that Old Timer is now hiding the log in c:\_OTL\MovedFiles\01302013-some number.log so look there if you don't see it.

Download the adwCleaner

  • Run the Tool
    Windows Vista and Windows 7 users:
    Right click in the adwCleaner.exe and select the option
    Posted Image
  • Select the Delete button.
  • When the scan completes, it will open a notepad windows.
  • Please, copy the content of this file in your next reply.


Copy the text in the code box:

DRIVES
nnetsvcs
%SYSTEMDRIVE%\*.exe
%systemroot%\assembly\GAC_32\*.ini
%systemroot%\assembly\GAC_64\*.ini
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.exe
%APPDATA%\*.
/md5start
rsvpsp.dll
pnrpnsp.dll 
nwprovau.dll
nlaapi.dll
napinsp.dll
mswsock.dll
winrnr.dll
wshelper.dll
services.exe
atapi.sys
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
csrss.exe
PrintIsolationHost.exe
consrv.dll
user32.dll
/md5stop
C:\Windows\assembly\tmp\U\*.* /s
%systemroot%\*. /mp /s
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%ProgramFiles%\WINDOWS NT\*.* /s
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemdrive%\$Recycle.Bin|@;true;true;true /fp 
CREATERESTOREPOINT

Run OTL (Vista or Win 7 => right click and Run As Administrator)

Paste (Ctrl + v) the copied text in the box where it says Custom Scan/Fixes

Select the All option in the Extra Registry group then Run Scan.

You should get two logs. Please copy and paste both of them.



iv tried downloading the bluescreen but when its downloaded there is no exe file to run, i haverun it as an administer and it just comes up with a couple of white boxes but there isnt anything in them to click to start a scan?


That's because it's a zip file. You have to unzip it first. You need to be in the folder where the file is so if you use Firefox, right click on it and
Open Containing Folder. That will switch you to the right folder and the file will be highlighted. Right click on it and Extract All. That will create a folder of the same name in the same folder. Inside the folder will be the executable. Right click on it and run as admin.


im so sorry i seem to be useless because iv gone on to the event viewer and iv scrolled down on the log summery and i cannot seem to find windows logs or application?


Perhaps this picture will help:

[attachment=62823:eventlog.jpg]

Let's also run TDSSKiller and MBAM:

Download TDSSKiller:
http://support.kaspe.../tdsskiller.exe
Save it to your desktop then run it by right clicking and Run As Admin.


If TDSSKiller alerts you that the system needs to reboot, please consent.

Run TDSSKiller again but this time:
before you hit the Scan hit Change Parameters and check the two items under Additional Options. OK then Scan.
In this mode it is prone to false positives so do not change the SKIP option to DELETE unless it says TDSS.
When done, a log file should be created on your C: drive named "TDSSKiller.txt" please copy and paste the contents in your next reply.



Malwarebytes' Anti-Malware
:!: If you have a previous version of MalwareBytes', remove it via Add or Remove Programs and download a fresh copy. :!:
http://www.malwareby...lwarebytes_free

SAVE Malwarebytes' Anti-Malware to your desktop.

* Right-click mbam-setup.exe and select Run As Administrator to start the program.
* follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.

* Be sure that everything is checked, and click Remove Selected.

* When completed, a log will open in Notepad. Please save it to a convenient location.
* The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
* Post that log back here.

This next step will take a long time so go ahead and post your logs from the above.

Your AVG anti-virus looks like it is way out of date so let's replace it with the free Avast.


Download and save the AVG removal tool
http://download.avg....6_2011_1184.exe

Download and save the free Avast installer.
http://www.avast.com...ivirus-download
Uninstall AVG

Run the Avg Remover

Reboot

Install Avast. (Register when it asks you - they will try to talk you in to buying the full product but the free version is what we want.)
Once you have it installed and it has updated:

Click on the Avast ball. Then click on Scan Computer, then on
Boot-Time Scan then on Settings. Change the Ask at the bottom to Move to Chest. OK then Schedule Now. Reboot and let it run a scan. It will take hours so you may want to let it run while you sleep. (Make sure you mute the speakers before you run it or it will wake you up when windwos finally starts).
Once it finishes it should load windows. Click on the Avast ball and then on Scan Logs, select the Boot-time scan report then View Results. How many did it find? A text version of the file can be found at:
C:\ProgramData\Avast Software\Avast\report\aswboot.txt If it found anything, please copy and paste aswboot.txt into a reply. If this scan completes successfully then your PC is probably OK and it is something in the software (if it is still happening after the above scans.)
  • 0

#5
mariaj

mariaj

    Member

  • Topic Starter
  • Member
  • PipPip
  • 84 posts
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\Default_Search_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\Search Bar| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\Search Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\Start Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\Start Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Default_Page_URL| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Search\\Default_Search_URL| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Search\\Search Bar| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Search\\Search Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Search\\Start Default_Page_URL| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Search\\Start Page| /E : value set successfully!
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{88c7f2aa-f93f-432c-8f0e-b7d85967a527} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\ not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{91607fa7-3c2f-4f90-93e3-d5337a6b0ac2}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{91607fa7-3c2f-4f90-93e3-d5337a6b0ac2}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry value HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{58bd07eb-0ee0-4df0-8121-dc9b693373df} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{58bd07eb-0ee0-4df0-8121-dc9b693373df}\ not found.
C:\ProgramData\Browser Manager\2.5.976.107\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content folder moved successfully.
C:\ProgramData\Browser Manager\2.5.976.107\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components folder moved successfully.
C:\ProgramData\Browser Manager\2.5.976.107\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension folder moved successfully.
C:\Users\Maria\AppData\Roaming\Mozilla\Firefox\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\searchplugin folder moved successfully.
C:\Users\Maria\AppData\Roaming\Mozilla\Firefox\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\Plugins folder moved successfully.
C:\Users\Maria\AppData\Roaming\Mozilla\Firefox\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\modules folder moved successfully.
C:\Users\Maria\AppData\Roaming\Mozilla\Firefox\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\META-INF folder moved successfully.
C:\Users\Maria\AppData\Roaming\Mozilla\Firefox\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\defaults folder moved successfully.
C:\Users\Maria\AppData\Roaming\Mozilla\Firefox\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\components folder moved successfully.
C:\Users\Maria\AppData\Roaming\Mozilla\Firefox\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\chrome folder moved successfully.
C:\Users\Maria\AppData\Roaming\Mozilla\Firefox\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527} folder moved successfully.
Folder C:\U[2012/08/25 19:55:44 | 000,000,000 | ---D | M] (OneClickDownloader) -- C:\Users\Maria\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\[email protected]\ not found.
C:\Users\Maria\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi moved successfully.
C:\Users\Maria\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}\ deleted successfully.
C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{98889811-442D-49dd-99D7-DC866BE87DBC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98889811-442D-49dd-99D7-DC866BE87DBC}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{b278d9f8-0fa9-465e-9938-0c392605d8e3} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b278d9f8-0fa9-465e-9938-0c392605d8e3}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Spybot-S&D Cleaning deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\BitComet deleted successfully.
C:\Program Files\BitComet\BitComet.exe moved successfully.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\&D&ownload &with BitComet\ deleted successfully.
File C:\Program Files\BitComet\BitComet.exe not found.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\&D&ownload all with BitComet\ deleted successfully.
File C:\Program Files\BitComet\BitComet.exe not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\&D&ownload &with BitComet\ not found.
File C:\Program Files\BitComet\BitComet.exe not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\&D&ownload all with BitComet\ not found.
File C:\Program Files\BitComet\BitComet.exe not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A}\ not found.
File C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\MARIA-PC\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\MARIA-PC\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:c:\progra~3\browse~1\25976~1.107\{c16c1~1\mngr.dll deleted successfully.
========== FILES ==========
< sc config "BITCOMET_HELPER_SERVICE" start= disabled /c >
[SC] ChangeServiceConfig SUCCESS
C:\Users\Maria\Downloads\cmd.bat deleted successfully.
C:\Users\Maria\Downloads\cmd.txt deleted successfully.
< sc config "UWS HiPriv Services" start= disabled /c >
[SC] ChangeServiceConfig SUCCESS
C:\Users\Maria\Downloads\cmd.bat deleted successfully.
C:\Users\Maria\Downloads\cmd.txt deleted successfully.
< sc config "UltiDev Web Server Pro" start= disabled /c >
[SC] ChangeServiceConfig SUCCESS
C:\Users\Maria\Downloads\cmd.bat deleted successfully.
C:\Users\Maria\Downloads\cmd.txt deleted successfully.
< sc config "UWS LoPriv Services" start= disabled /c >
[SC] ChangeServiceConfig SUCCESS
C:\Users\Maria\Downloads\cmd.bat deleted successfully.
C:\Users\Maria\Downloads\cmd.txt deleted successfully.
C:\Program Files (x86)\UltiDev\Web Server\Visual Studio AddRef folder moved successfully.
C:\Program Files (x86)\UltiDev\Web Server\Redist\Visual Studio\en folder moved successfully.
C:\Program Files (x86)\UltiDev\Web Server\Redist\Visual Studio folder moved successfully.
C:\Program Files (x86)\UltiDev\Web Server\Redist\InstallShield folder moved successfully.
C:\Program Files (x86)\UltiDev\Web Server\Redist\Advanced Installer folder moved successfully.
C:\Program Files (x86)\UltiDev\Web Server\Redist folder moved successfully.
C:\Program Files (x86)\UltiDev\Web Server\Redirector\Images folder moved successfully.
C:\Program Files (x86)\UltiDev\Web Server\Redirector\bin folder moved successfully.
C:\Program Files (x86)\UltiDev\Web Server\Redirector folder moved successfully.
Folder move failed. C:\Program Files (x86)\UltiDev\Web Server scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\UltiDev scheduled to be moved on reboot.
C:\ProgramData\Caphyon\Advanced Installer\Prerequisites\UltiDev Web Server Pro folder moved successfully.
C:\ProgramData\Caphyon\Advanced Installer\Prerequisites folder moved successfully.
C:\ProgramData\Caphyon\Advanced Installer folder moved successfully.
C:\ProgramData\Caphyon folder moved successfully.
C:\ProgramData\UltiDev\WebServer folder moved successfully.
C:\ProgramData\UltiDev\Cassini folder moved successfully.
C:\ProgramData\UltiDev folder moved successfully.
C:\Program Files\UltiDev\Web Server folder moved successfully.
C:\Program Files\UltiDev folder moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltiDev\Web Server Pro\Interactive Dev & Test Server folder moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltiDev\Web Server Pro folder moved successfully.
Folder move failed. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltiDev scheduled to be moved on reboot.
c:\progra~3\Browser Manager\2.5.976.107\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings folder moved successfully.
c:\progra~3\Browser Manager\2.5.976.107\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8} folder moved successfully.
c:\progra~3\Browser Manager\2.5.976.107 folder moved successfully.
c:\progra~3\Browser Manager folder moved successfully.
C:\Program Files\BitComet\tools folder moved successfully.
C:\Program Files\BitComet\rules folder moved successfully.
C:\Program Files\BitComet\lang folder moved successfully.
C:\Program Files\BitComet folder moved successfully.
C:\Users\Maria\AppData\Roaming\Babylon folder moved successfully.
C:\Users\Maria\AppData\Roaming\BitComet\torrents folder moved successfully.
C:\Users\Maria\AppData\Roaming\BitComet\share folder moved successfully.
C:\Users\Maria\AppData\Roaming\BitComet\rules folder moved successfully.
C:\Users\Maria\AppData\Roaming\BitComet\fav folder moved successfully.
Folder move failed. C:\Users\Maria\AppData\Roaming\BitComet\cache scheduled to be moved on reboot.
C:\Users\Maria\AppData\Roaming\BitComet\archive folder moved successfully.
Folder move failed. C:\Users\Maria\AppData\Roaming\BitComet scheduled to be moved on reboot.
C:\Users\Maria\AppData\Roaming\CometPlayer\skin folder moved successfully.
C:\Users\Maria\AppData\Roaming\CometPlayer folder moved successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 01302013_213200

Files\Folders moved on Reboot...
C:\Program Files (x86)\UltiDev\Web Server folder moved successfully.
C:\Program Files (x86)\UltiDev folder moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltiDev folder moved successfully.
C:\Users\Maria\AppData\Roaming\BitComet\cache folder moved successfully.
C:\Users\Maria\AppData\Roaming\BitComet folder moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot.# AdwCleaner v2.109 - Logfile created 01/30/2013 at 21:38:34
# Updated 26/01/2013 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)
# User : Maria - MARIA-PC
# Boot Mode : Normal
# Running from : C:\Users\Maria\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6KQ07MIO\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Program Files (x86)\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\OApps
Folder Deleted : C:\Program Files (x86)\Playbryte
Folder Deleted : C:\Program Files (x86)\Protected Search
Folder Deleted : C:\Program Files (x86)\Smartdl
Folder Deleted : C:\Program Files (x86)\Zoom Downloader
Folder Deleted : C:\ProgramData\APN
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\ProgramData\InstallMate
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Protected Search
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zoom Downloader
Folder Deleted : C:\ProgramData\Premium
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\Users\Maria\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Maria\AppData\Local\Conduit
Folder Deleted : C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Folder Deleted : C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Folder Deleted : C:\Users\Maria\AppData\Local\Wajam
Folder Deleted : C:\Users\Maria\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\Maria\AppData\LocalLow\BabylonToolbar
Folder Deleted : C:\Users\Maria\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Maria\AppData\LocalLow\Playbryte
Folder Deleted : C:\Users\Maria\AppData\LocalLow\Toolbar4
Folder Deleted : C:\Users\Maria\AppData\Roaming\Optimizer Pro
Folder Deleted : C:\Users\Maria\AppData\Roaming\yourfiledownloader

***** [Registry] *****

Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\IGearSettings
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{61E0EF7A-9BC0-45EA-9B2F-F3E9F02692BD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{61E0EF7A-9BC0-45EA-9B2F-F3E9F02692BD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\ProtectedSearch
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\YourFileDownloader
Key Deleted : HKCU\Software\96d68bb569ed15
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\Playbryte
Key Deleted : HKLM\SOFTWARE\Wow6432Node\96d68bb569ed15
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{61E0EF7A-9BC0-45EA-9B2F-F3E9F02692BD}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EFDCAF05-D29C-4D4D-9836-8CDCD606A6B2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\kincjchfokkeneeofpeefomkikfkiedl
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pmlghpafmmnmmkjdhacccolfgnkiboco
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{250BECD2-5C43-48CF-A3C6-666338526D67}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{61E0EF7A-9BC0-45EA-9B2F-F3E9F02692BD}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Playbryte
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Protected Search_is1
Key Deleted : HKLM\Software\YourFileDownloader
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFDCAF05-D29C-4D4D-9836-8CDCD606A6B2}
Key Deleted : HKLM\SOFTWARE\Tarma Installer
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [[email protected]]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [12051 octets] - [30/01/2013 21:38:34]

########## EOF - C:\AdwCleaner[S1].txt - [12112 octets] ##########



OTL logfile created on: 30/01/2013 21:47:47 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Maria\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

4.00 Gb Total Physical Memory | 2.07 Gb Available Physical Memory | 51.77% Memory free
8.00 Gb Paging File | 5.74 Gb Available in Paging File | 71.79% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 148.95 Gb Total Space | 107.98 Gb Free Space | 72.49% Space Free | Partition Type: NTFS
Drive E: | 1397.26 Gb Total Space | 1145.69 Gb Free Space | 82.00% Space Free | Partition Type: NTFS

Computer Name: MARIA-PC | User Name: Maria | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - File not found --
PRC - [2013/01/29 16:29:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Maria\Downloads\OTL.exe
PRC - [2013/01/09 02:44:46 | 000,699,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_146_ActiveX.exe
PRC - [2012/12/24 15:47:28 | 001,191,768 | ---- | M] (Lavasoft Limited) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2012/12/24 15:47:27 | 001,737,728 | ---- | M] (Lavasoft Limited ) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2012/12/16 05:15:35 | 000,308,368 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2012/10/10 21:23:42 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012/10/02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012/08/13 02:24:48 | 005,167,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
PRC - [2012/07/31 02:37:02 | 002,596,984 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
PRC - [2012/07/27 20:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/02/14 03:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
PRC - [2011/08/04 16:08:56 | 000,593,032 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE
PRC - [2011/08/04 16:06:12 | 001,612,920 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
PRC - [2009/07/07 11:21:28 | 000,455,336 | ---- | M] () -- C:\Program Files (x86) (x86)\Lexmark X5400 Series\lxdvmon.exe
PRC - [2009/07/07 11:21:28 | 000,025,256 | ---- | M] () -- C:\Program Files (x86) (x86)\Lexmark X5400 Series\lxdvamon.exe
PRC - [2007/06/11 09:25:42 | 006,731,312 | ---- | M] (GRISOFT s.r.o.) -- C:\Program Files (x86)\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
PRC - [2007/05/30 12:31:10 | 000,312,880 | ---- | M] (GRISOFT s.r.o.) -- C:\Program Files (x86)\Grisoft\AVG Anti-Spyware 7.5\guard.exe
PRC - [2006/11/23 16:12:30 | 000,851,968 | ---- | M] () -- C:\Program Files (x86)\Creative\Sync Manager Unicode\CTSyncU.exe
PRC - [2006/03/08 07:56:00 | 000,278,528 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\MediaSource5\MtdAcqu.exe
PRC - [2004/11/22 12:28:10 | 000,200,704 | ---- | M] (Creative Technology Ltd) -- C:\Windows\SysWOW64\CTPdeSrv.exe


========== Modules (No Company Name) ==========

MOD - [2013/01/11 03:53:52 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\865d2bf19a7af7fab8660a42d92550fe\System.Windows.Forms.ni.dll
MOD - [2013/01/11 03:53:44 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013/01/11 03:53:35 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\d908c91e24616e6b8d38c9da61038b25\Accessibility.ni.dll
MOD - [2013/01/11 03:52:45 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013/01/11 03:52:40 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll
MOD - [2013/01/11 03:52:33 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013/01/11 03:52:07 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2012/08/27 20:33:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/08/27 20:33:08 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2009/07/14 01:15:45 | 000,364,544 | ---- | M] () -- C:\Windows\SysWOW64\msjetoledb40.dll
MOD - [2009/07/07 11:21:28 | 000,455,336 | ---- | M] () -- C:\Program Files (x86) (x86)\Lexmark X5400 Series\lxdvmon.exe
MOD - [2009/07/07 11:21:28 | 000,025,256 | ---- | M] () -- C:\Program Files (x86) (x86)\Lexmark X5400 Series\lxdvamon.exe
MOD - [2007/10/08 03:59:24 | 000,036,864 | ---- | M] () -- C:\Program Files (x86) (x86)\Lexmark X5400 Series\app4r.monitor.core.dll
MOD - [2007/10/08 03:59:24 | 000,028,672 | ---- | M] () -- C:\Program Files (x86) (x86)\Lexmark X5400 Series\app4r.monitor.common.dll
MOD - [2007/10/08 03:58:32 | 000,057,344 | ---- | M] () -- C:\Program Files (x86) (x86)\Lexmark X5400 Series\app4r.devmons.mcmdevmon.dll
MOD - [2007/09/06 15:38:30 | 000,278,528 | ---- | M] () -- C:\Program Files (x86) (x86)\Lexmark X5400 Series\lxdvscw.dll
MOD - [2007/08/10 01:12:14 | 000,011,776 | ---- | M] () -- C:\Program Files (x86) (x86)\Lexmark X5400 Series\app4r.devmons.mcmdevmon.autoplayutil.dll
MOD - [2007/07/20 06:30:02 | 000,188,416 | ---- | M] () -- C:\Program Files (x86) (x86)\Lexmark X5400 Series\lxdvdatr.dll
MOD - [2006/11/23 16:12:30 | 000,851,968 | ---- | M] () -- C:\Program Files (x86)\Creative\Sync Manager Unicode\CTSyncU.exe
MOD - [2006/10/19 08:27:06 | 000,188,416 | ---- | M] () -- C:\Program Files (x86)\Creative\Sync Manager Unicode\CTSyncRs.crl
MOD - [2004/11/22 12:28:12 | 000,028,672 | ---- | M] () -- C:\Windows\SysWOW64\PdeSrvps.dll


========== Services (SafeList) ==========

SRV:64bit: - File not found [Disabled | Stopped] -- C:\Program Files\BitComet\tools\BitCometService.exe -- (BITCOMET_HELPER_SERVICE)
SRV:64bit: - [2012/12/14 06:49:04 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2012/01/20 09:03:36 | 000,093,696 | ---- | M] (ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM) [Auto | Running] -- C:\Windows\SysNative\PrintCtrl.exe -- (Printer Control)
SRV:64bit: - [2009/07/14 01:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/14 01:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013/01/09 02:44:48 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/12/24 15:47:27 | 001,737,728 | ---- | M] (Lavasoft Limited ) [Auto | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2012/10/10 21:23:42 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/10/02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/08/13 02:24:48 | 005,167,736 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/07/27 20:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/02/14 03:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 21:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007/05/30 12:31:10 | 000,312,880 | ---- | M] (GRISOFT s.r.o.) [Auto | Running] -- C:\Program Files (x86)\Grisoft\AVG Anti-Spyware 7.5\guard.exe -- (AVG Anti-Spyware Guard)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/11/09 08:57:43 | 000,030,568 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2012/09/19 10:02:08 | 000,102,368 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2012/08/24 14:43:16 | 000,384,352 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/26 02:21:28 | 000,291,680 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2012/07/09 12:42:54 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/04/19 03:50:26 | 000,028,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2012/03/01 06:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/31 03:46:48 | 000,036,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2011/12/23 12:32:14 | 000,047,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2011/12/23 12:32:04 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avgidsfiltera.sys -- (AVGIDSFilter)
DRV:64bit: - [2011/12/23 12:31:58 | 000,124,496 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2011/07/22 16:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/12 21:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2011/03/11 06:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 06:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/23 08:49:00 | 000,155,752 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2010/11/21 03:24:43 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010/11/21 03:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/21 03:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010/11/21 03:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010/11/21 03:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010/11/21 03:23:48 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2010/11/21 03:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/21 03:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/08/12 12:15:20 | 000,069,152 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\Lbd.sys -- (Lbd)
DRV:64bit: - [2010/08/12 11:07:50 | 000,350,952 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET)
DRV:64bit: - [2009/09/17 18:04:18 | 001,250,816 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2009/07/14 01:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 01:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 01:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 00:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009/06/10 20:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009/06/10 20:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 20:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 20:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 20:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2007/05/30 12:10:42 | 000,014,072 | ---- | M] (GRISOFT, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AvgAsC64.sys -- (AvgAsC64)
DRV:64bit: - [2007/05/14 15:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:64bit: - [2005/05/16 00:30:00 | 000,021,888 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ctpdusbx.sys -- (Jukebox3_x64)
DRV - [2012/12/24 15:47:44 | 000,017,152 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys -- (Lavasoft Kernexplorer)
DRV - [2009/07/14 01:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2007/05/30 12:10:42 | 000,012,024 | ---- | M] () [Kernel | System | Running] -- C:\Program Files (x86)\Grisoft\AVG Anti-Spyware 7.5\guard64.sys -- (AVG Anti-Spyware Driver)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page =
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-GB
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 50 FE 1C 84 83 54 CD 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page =
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...GGNI_en-GBGB490
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2012/09/11 08:01:26 | 000,000,000 | ---D | M]

[2013/01/30 21:32:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maria\AppData\Roaming\Mozilla\Firefox\extensions
[2012/11/29 20:15:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maria\AppData\Roaming\Mozilla\Firefox\Profiles\extensions
[2013/01/30 21:32:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maria\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions
[2012/08/25 19:55:44 | 000,000,000 | ---D | M] (OneClickDownloader) -- C:\Users\Maria\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\[email protected]
[2012/11/29 20:15:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maria\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\searchplugins
[2013/01/30 21:32:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maria\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions
[2012/11/18 22:05:09 | 000,213,316 | ---- | M] () (No name found) -- C:\Users\Maria\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\[email protected]
[2012/07/12 13:05:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/11/29 20:15:15 | 000,003,269 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Web Search.xml

========== Chrome ==========

CHR - homepage:
CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: http://start.gamesag...play.com/?o=shp
CHR - Extension: No name found = C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmcccagmbagkpbdgpammblejlmiempb\
CHR - Extension: First user = C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Extensions\gladcbhcbkdeddbidiblppadjdjalidb\2.1\
CHR - Extension: No name found = C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145\

O1 HOSTS File: ([2009/06/10 21:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [PrintDisp] C:\Windows\SysNative\PrintDisp.exe (ActMask Co.,Ltd - http://www.all2pdf.com)
O4 - HKLM..\Run: [!AVG Anti-Spyware] C:\Program Files (x86)\Grisoft\AVG Anti-Spyware 7.5\avgas.exe (GRISOFT s.r.o.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [lxdvamon] C:\Program Files (x86) (x86)\Lexmark X5400 Series\lxdvamon.exe ()
O4 - HKLM..\Run: [lxdvmon.exe] C:\Program Files (x86) (x86)\Lexmark X5400 Series\lxdvmon.exe ()
O4 - HKCU..\Run: [CTSyncU.exe] C:\Program Files (x86)\Creative\Sync Manager Unicode\CTSyncU.exe ()
O4 - HKCU..\Run: [MtdAcqu] C:\Program Files (x86)\Creative\MediaSource5\MtdAcqu.exe (Creative Technology Ltd)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O9:64bit: - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creat...102/CTSUEng.cab (Creative Software AutoUpdate)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creat...13/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creat...10926/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2EAA0504-CAA8-4EFA-8AE9-157D25CC463F}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{47DF5E8B-3C38-4A49-8AE4-17BA667E0764}: DhcpNameServer = 192.168.42.129
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {57B86673-276A-48B2-BAE7-C6DBB3020EB8} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)


SafeBootMin:64bit: !SASCORE - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (SUPERAntiSpyware.com)
SafeBootMin:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AVG Anti-Spyware Driver - C:\Program Files (x86)\Grisoft\AVG Anti-Spyware 7.5\guard64.sys ()
SafeBootMin: AVG Anti-Spyware Guard - C:\Program Files (x86)\Grisoft\AVG Anti-Spyware 7.5\guard.exe (GRISOFT s.r.o.)
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: Lavasoft Ad-Aware Service - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited )
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:64bit: !SASCORE - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (SUPERAntiSpyware.com)
SafeBootNet:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AVG Anti-Spyware Driver - C:\Program Files (x86)\Grisoft\AVG Anti-Spyware 7.5\guard64.sys ()
SafeBootNet: AVG Anti-Spyware Guard - C:\Program Files (x86)\Grisoft\AVG Anti-Spyware 7.5\guard.exe (GRISOFT s.r.o.)
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Lavasoft Ad-Aware Service - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited )
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2013/01/30 21:32:00 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/01/30 20:13:23 | 000,000,000 | ---D | C] -- C:\Users\Maria\Documents\OneNote Notebooks
[2013/01/30 20:12:48 | 000,000,000 | ---D | C] -- C:\Users\Maria\Desktop\BlueScreenView
[2013/01/30 19:27:32 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft BlueScreenView
[2013/01/30 19:27:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NirSoft
[2013/01/30 19:11:38 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{A386BA0E-369B-4EFB-A1CD-6E648EF96EBD}
[2013/01/30 15:49:55 | 000,000,000 | ---D | C] -- C:\MGADiagToolOutput
[2013/01/30 15:49:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Office Genuine Advantage
[2013/01/30 07:10:59 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{DED8AF24-425E-4D87-BDDE-A0A0D466CE34}
[2013/01/29 16:21:54 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{CEE2EDA0-E652-41D9-A463-CF6DADEA3439}
[2013/01/29 13:04:08 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{65246282-C181-4425-8DED-A4E1253AFBE4}
[2013/01/29 10:07:30 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{B83E2A00-3E53-44ED-836A-8C9A8ED2E99C}
[2013/01/29 09:59:39 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{D24C1401-5812-4168-B9EA-7C2CA7AFA617}
[2013/01/28 21:43:06 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{E716571A-E193-4D7F-9F6A-B3B1D8B22498}
[2013/01/28 09:01:49 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{27AB5A39-01AB-463D-9CE4-FA186A4E38B1}
[2013/01/27 21:01:13 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{7A94EC17-43F9-40C4-A62B-890E9000A3ED}
[2013/01/27 09:00:35 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{92A14130-D930-466C-B86F-4BBE84743726}
[2013/01/26 21:00:13 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{28D92090-C799-4240-8D67-36294CFBFA74}
[2013/01/26 08:59:42 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{2F53974D-24E7-42BB-8ABD-FA20BB113448}
[2013/01/25 20:59:28 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{C99A2AD4-1988-4FEE-8A22-97821FEC8F09}
[2013/01/25 08:59:11 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{8051CAA5-D9CE-4719-8688-8BE32C326F79}
[2013/01/24 20:58:46 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{C98161FE-F877-4C1F-96BF-827B620A6A3A}
[2013/01/24 08:58:30 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{D89E7547-1159-4AEB-A071-65D5DAA057A8}
[2013/01/24 00:08:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Oberon Media
[2013/01/24 00:08:01 | 000,000,000 | ---D | C] -- C:\Program Files\Core Temp
[2013/01/24 00:06:32 | 000,000,000 | ---D | C] -- C:\ProgramData\APN
[2013/01/23 20:57:51 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{E56D18CC-D84B-47E2-8FBB-6DF08660A79D}
[2013/01/23 15:29:45 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Roaming\ExpressFiles
[2013/01/23 14:56:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpeedyPC Software
[2013/01/23 08:57:36 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{5E43F8EB-CC7B-46FE-9A68-21D4C9F0B2A9}
[2013/01/23 03:19:31 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{6DFFB077-13D0-435B-9D39-C9203F91DFAB}
[2013/01/22 12:04:35 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{46E3DDFB-A00C-4E63-A81A-F27C46C7D991}
[2013/01/22 00:04:13 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{79D28180-E19B-431C-A97A-4A6ECC1FB9C9}
[2013/01/21 12:03:38 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{F2F6042E-8919-4495-9656-C5F45DF3ECA0}
[2013/01/20 21:50:27 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{3ED34A04-9AEA-41CD-B7D9-077214A75410}
[2013/01/20 09:50:01 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{83CF9621-7D5D-413F-A142-DA06A6D2BF84}
[2013/01/19 21:49:43 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{D923A53F-C29E-412D-95AF-8E781E303799}
[2013/01/19 09:49:29 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{B1CF1034-93F8-4EEA-80B5-E19CB86DBC9D}
[2013/01/18 21:49:08 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{0AE9B0E4-FB85-484B-9B32-0E20F7E15CCA}
[2013/01/18 09:48:40 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{4C501722-561F-42E0-B104-86E863313DED}
[2013/01/17 21:48:23 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{770B40D0-C8B7-4BC0-8077-40B256B6A694}
[2013/01/17 09:47:05 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{1005EB38-76BF-4215-8D19-A293B38562DD}
[2013/01/16 21:46:08 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{19B8CBD4-9B26-4EEB-A4E6-8A4C4EB9087E}
[2013/01/16 09:45:33 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{241B08ED-C5AC-4593-A73C-7AB8E8BF644F}
[2013/01/15 21:45:00 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{0B2A3303-1759-4045-B3E4-8C701B584560}
[2013/01/15 09:44:46 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{2237CE4A-C3AE-4114-A84A-17F29E354D75}
[2013/01/14 19:44:08 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2013/01/14 19:44:06 | 000,000,000 | R--D | C] -- C:\Users\Maria\Podcasts
[2013/01/14 19:36:54 | 000,000,000 | ---D | C] -- C:\Program Files\Zune
[2013/01/14 14:50:34 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{CDB89AB3-828C-4756-8F9E-CA6C2CB99465}
[2013/01/14 02:50:21 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{F42792AC-6027-4150-B1A9-170F10572549}
[2013/01/13 14:49:58 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{C8D1775C-A2F8-4C00-9DD1-2972FB3D98B8}
[2013/01/13 02:49:34 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{13DDC374-9E98-4CC4-B869-07243F5CAF5D}
[2013/01/12 14:49:15 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{BFC02536-52F4-4878-8C74-EE44A01EE517}
[2013/01/12 02:48:56 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{D29D29DB-6835-452F-8F8E-483C6DF126CD}
[2013/01/11 14:48:30 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{3906CD8F-EA53-4C05-AACE-2297E580E691}
[2013/01/11 02:47:43 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{4B3416CF-A999-4B24-8DE2-D410C6A3692E}
[2013/01/10 14:47:27 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{548456A8-D3FA-485C-A547-B4EBAB2CA4B9}
[2013/01/10 07:21:32 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2013/01/10 07:21:32 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2013/01/10 07:20:48 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2013/01/10 07:19:55 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2013/01/10 07:19:44 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll
[2013/01/10 07:19:44 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll
[2013/01/10 07:19:44 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs
[2013/01/10 07:19:44 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs
[2013/01/10 07:19:44 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs
[2013/01/10 07:19:44 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs
[2013/01/10 07:19:44 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs
[2013/01/10 07:19:44 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs
[2013/01/10 07:19:44 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs
[2013/01/10 07:19:44 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs
[2013/01/10 07:19:44 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs
[2013/01/10 07:19:44 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs
[2013/01/10 07:19:44 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs
[2013/01/10 07:19:44 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs
[2013/01/10 07:19:44 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs
[2013/01/10 07:19:44 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs
[2013/01/10 07:19:44 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs
[2013/01/10 07:19:44 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs
[2013/01/10 07:19:44 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs
[2013/01/10 07:19:44 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs
[2013/01/10 07:19:44 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs
[2013/01/10 07:19:44 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs
[2013/01/10 07:19:43 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll
[2013/01/10 07:19:43 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll
[2013/01/10 07:19:43 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs
[2013/01/10 07:19:43 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs
[2013/01/10 07:19:43 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs
[2013/01/10 07:19:43 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs
[2013/01/10 07:19:43 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs
[2013/01/10 07:19:43 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs
[2013/01/10 07:19:43 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs
[2013/01/10 07:19:43 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs
[2013/01/10 07:17:50 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2013/01/10 07:17:49 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2013/01/10 07:17:48 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2013/01/10 07:17:48 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2013/01/10 07:17:48 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013/01/10 07:17:48 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013/01/10 07:17:48 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2013/01/10 07:17:48 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013/01/10 07:17:48 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2013/01/10 07:17:48 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2013/01/10 07:17:48 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2013/01/10 07:17:48 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2013/01/10 07:17:48 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013/01/10 07:17:48 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2013/01/10 07:17:48 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2013/01/10 07:17:48 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2013/01/10 07:17:48 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2013/01/10 07:17:48 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2013/01/10 07:17:48 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2013/01/10 07:17:48 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2013/01/10 07:17:48 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2013/01/10 07:17:48 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013/01/10 07:17:48 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2013/01/10 07:17:48 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2013/01/10 07:17:48 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2013/01/10 07:17:48 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2013/01/10 07:17:48 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2013/01/10 07:17:48 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2013/01/10 07:17:48 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2013/01/10 07:17:48 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2013/01/10 07:17:48 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2013/01/10 07:17:48 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2013/01/10 07:17:48 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2013/01/10 07:17:48 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2013/01/10 07:17:48 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2013/01/10 07:17:48 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2013/01/10 07:17:48 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2013/01/10 07:17:48 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2013/01/10 07:17:47 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013/01/10 07:17:47 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013/01/10 07:17:47 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2013/01/10 07:17:47 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2013/01/10 07:17:47 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2013/01/10 07:17:47 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2013/01/10 07:17:47 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2013/01/10 07:17:47 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2013/01/10 07:17:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2013/01/10 07:17:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/10 07:17:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/10 07:17:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2013/01/10 07:17:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2013/01/10 07:17:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2013/01/10 07:17:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2013/01/10 07:17:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013/01/10 07:17:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2013/01/10 07:17:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2013/01/10 07:17:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2013/01/10 07:17:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2013/01/10 07:17:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2013/01/10 07:17:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2013/01/10 07:17:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2013/01/10 07:17:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2013/01/10 07:17:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2013/01/10 07:17:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2013/01/10 07:17:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2013/01/10 07:17:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2013/01/10 07:17:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2013/01/10 07:17:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2013/01/10 07:17:46 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013/01/10 07:16:51 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe
[2013/01/10 02:46:56 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{83ACD073-0755-4B7C-B694-C730991DF76E}
[2013/01/09 14:46:34 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{9A172BBA-922A-4857-90F6-276AC4F33FFF}
[2013/01/09 02:46:13 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{F32CE926-3292-41E2-BC56-9135692C2F87}
[2013/01/08 14:45:44 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{2AD2D624-2DB2-4B85-99F7-77A211420702}
[2013/01/08 02:45:30 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{64F51B91-4184-42EB-9DB4-50E3D4B76754}
[2013/01/07 14:44:54 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{652EAA35-3780-44D4-8C53-BC43CA1C240D}
[2013/01/07 02:44:35 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{DBC335B4-AB4C-4EEB-8087-A3CAD621C5E2}
[2013/01/06 14:44:13 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{4CD17D0E-C720-4195-993E-6D3BDDBE34DE}
[2013/01/06 02:43:50 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{FA3E709E-85D3-46C5-BCF2-4EAF4B527F94}
[2013/01/05 14:43:03 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{78B7C3E0-C256-41AD-9D01-84234DBAF02C}
[2013/01/05 02:42:23 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{DC8E0DF8-600A-41B5-B896-55804F6BB60A}
[2013/01/04 20:29:28 | 000,050,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\perf-SQLAgent$SQLLANSWEEPER2K8-sqlagtctr10.2.4000.0.dll
[2013/01/04 20:29:11 | 000,072,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\perf-MSSQL$SQLLANSWEEPER2K8-sqlctr10.2.4000.0.dll
[2013/01/04 20:26:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 9.0
[2013/01/04 20:26:33 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server
[2013/01/04 20:26:33 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\1033
[2013/01/04 20:26:33 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\1033
[2013/01/04 20:17:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2008
[2013/01/04 20:16:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server
[2013/01/04 18:56:56 | 000,000,000 | ---D | C] -- C:\Program Files\Speccy
[2013/01/04 15:31:16 | 000,000,000 | ---D | C] -- C:\Users\Maria\Documents\Microsoft Windows Vista Ultimate SP2 (32 Bit) Integrated December 2010 - Cool Release
[2013/01/04 14:42:10 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{DA66E36C-C173-4457-B624-9CB755B4DEC3}
[2013/01/04 02:39:27 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{E714AC37-568B-4600-8723-0028EC6686FF}
[2013/01/03 20:46:04 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\LG Electronics
[2013/01/03 20:44:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2013/01/03 19:59:02 | 004,342,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc100.dll
[2013/01/03 19:59:02 | 000,770,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr100.dll
[2013/01/03 19:59:02 | 000,655,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr90.dll
[2013/01/03 19:59:02 | 000,568,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp90.dll
[2013/01/03 19:59:02 | 000,421,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp100.dll
[2013/01/03 19:59:02 | 000,224,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcm90.dll
[2013/01/03 19:58:52 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml4r.dll
[2013/01/03 19:58:52 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml4a.dll
[2013/01/03 19:58:43 | 000,000,000 | ---D | C] -- C:\ProgramData\LGMOBILEAX
[2013/01/03 14:39:01 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{DE5F7AC4-17AB-4CE5-A549-73A19059E6D9}
[2013/01/03 02:38:48 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{9305E3AD-A04F-4798-812E-DE1E7D09CFE8}
[2013/01/02 14:38:22 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{41B6C7A8-DEED-44EA-A427-8D94CD1D30FC}
[2013/01/02 02:38:02 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{7E2AB1F3-F508-4BCE-B5E2-C58737B01262}
[2013/01/01 14:37:47 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{AE005CAF-C6C3-4947-8DD2-1A403B1BF2FE}
[2013/01/01 02:37:18 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\{AD1D8FE2-96A8-499E-9627-FB38D4F16541}
[2012/08/12 12:45:54 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Maria\AppData\Roaming\pcouffin.sys
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/01/30 21:49:12 | 000,027,360 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/01/30 21:49:11 | 000,027,360 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/01/30 21:43:08 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/01/30 21:41:07 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/01/30 21:40:58 | 000,000,408 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2013/01/30 21:40:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/01/30 21:40:45 | 3220,725,760 | -HS- | M] () -- C:\hiberfil.sys
[2013/01/30 21:14:01 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/01/30 20:13:22 | 000,001,306 | ---- | M] () -- C:\Users\Maria\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
[2013/01/30 19:07:39 | 000,028,074 | ---- | M] () -- C:\Users\Public\Documents\wooooooooooooooooooooooooooooo.jpg
[2013/01/30 17:03:59 | 000,058,772 | ---- | M] () -- C:\Users\Maria\Desktop\james cv.rtf
[2013/01/30 10:59:30 | 108,222,540 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2013/01/29 16:52:05 | 000,020,992 | ---- | M] () -- C:\Users\Maria\Documents\graphics.Geforce GT 430.pub
[2013/01/29 16:52:02 | 000,019,456 | ---- | M] () -- C:\Users\Maria\Documents\graphics.pub
[2013/01/29 16:52:02 | 000,007,168 | ---- | M] () -- C:\Users\Maria\Documents\Biz1Logo.jsp
[2013/01/29 16:49:54 | 000,020,480 | ---- | M] () -- C:\Users\Maria\Documents\motherboard.pub
[2013/01/29 16:47:33 | 000,020,480 | ---- | M] () -- C:\Users\Maria\Documents\cpu.pub
[2013/01/29 16:37:01 | 000,001,095 | ---- | M] () -- C:\Users\Maria\Desktop\OTL - Shortcut.lnk
[2013/01/26 19:17:52 | 000,021,504 | ---- | M] () -- C:\Users\Maria\Documents\sorrow.pub
[2013/01/26 11:11:04 | 003,346,873 | ---- | M] () -- C:\Users\Maria\Documents\The Book Of Wisdom.pdf
[2013/01/24 10:39:13 | 000,734,655 | ---- | M] () -- C:\Users\Maria\Documents\LifePurposeTips The One Question.pdf
[2013/01/23 21:00:47 | 000,036,352 | ---- | M] () -- C:\Users\Maria\Documents\THE SELF-REFLECTION MANIFESTO....pub
[2013/01/22 21:25:51 | 000,427,871 | ---- | M] () -- C:\Users\Maria\Documents\underrated stress tips 5.pdf
[2013/01/21 16:29:10 | 003,176,014 | ---- | M] () -- C:\Users\Maria\Documents\Most Inspiring Quotes of All Time.pdf
[2013/01/21 16:28:38 | 001,160,427 | ---- | M] () -- C:\Users\Maria\Documents\101 Things To Do Before You Die.pdf
[2013/01/21 16:08:26 | 000,867,943 | ---- | M] () -- C:\Users\Maria\Documents\start over create the life you want.pdf
[2013/01/17 14:12:00 | 000,001,057 | ---- | M] () -- C:\Users\Maria\AppData\Roaming\vso_ts_preview.xml
[2013/01/17 09:23:08 | 000,269,563 | ---- | M] () -- C:\Users\Public\Documents\Prosperity Points.pdf
[2013/01/14 08:34:34 | 000,000,064 | ---- | M] () -- C:\Windows\SysWow64\rp_stats.dat
[2013/01/14 08:34:34 | 000,000,044 | ---- | M] () -- C:\Windows\SysWow64\rp_rules.dat
[2013/01/12 17:06:31 | 000,306,252 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm
[2013/01/11 03:37:17 | 000,414,848 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/01/11 03:17:29 | 000,858,182 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/01/11 03:17:29 | 000,718,014 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/01/11 03:17:29 | 000,146,516 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/01/11 03:17:15 | 000,858,182 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/01/09 02:44:46 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/01/09 02:44:46 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/01/06 13:00:00 | 000,000,645 | ---- | M] () -- C:\Users\Maria\Desktop\Photos - Shortcut.lnk
[2013/01/05 14:56:58 | 000,096,768 | ---- | M] () -- C:\Users\Maria\Documents\engagment poem.pub
[2013/01/05 14:46:29 | 000,096,768 | ---- | M] () -- C:\Users\Maria\Documents\engagment poem 2.pub
[2013/01/04 18:56:57 | 000,000,796 | ---- | M] () -- C:\Users\Public\Desktop\Speccy.lnk
[2013/01/03 20:50:00 | 000,002,413 | ---- | M] () -- C:\Windows\SysWow64\lgAxconfig.ini
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/01/30 20:13:22 | 000,001,306 | ---- | C] () -- C:\Users\Maria\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
[2013/01/30 19:07:38 | 000,028,074 | ---- | C] () -- C:\Users\Public\Documents\wooooooooooooooooooooooooooooo.jpg
[2013/01/30 16:59:32 | 000,058,772 | ---- | C] () -- C:\Users\Maria\Desktop\james cv.rtf
[2013/01/29 20:02:20 | 000,000,408 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2013/01/29 16:52:02 | 000,020,992 | ---- | C] () -- C:\Users\Maria\Documents\graphics.Geforce GT 430.pub
[2013/01/29 16:49:54 | 000,019,456 | ---- | C] () -- C:\Users\Maria\Documents\graphics.pub
[2013/01/29 16:48:41 | 000,020,480 | ---- | C] () -- C:\Users\Maria\Documents\motherboard.pub
[2013/01/29 16:47:30 | 000,020,480 | ---- | C] () -- C:\Users\Maria\Documents\cpu.pub
[2013/01/29 16:37:01 | 000,001,095 | ---- | C] () -- C:\Users\Maria\Desktop\OTL - Shortcut.lnk
[2013/01/26 19:17:16 | 000,021,504 | ---- | C] () -- C:\Users\Maria\Documents\sorrow.pub
[2013/01/26 19:17:16 | 000,007,168 | ---- | C] () -- C:\Users\Maria\Documents\Biz1Logo.jsp
[2013/01/26 11:11:03 | 003,346,873 | ---- | C] () -- C:\Users\Maria\Documents\The Book Of Wisdom.pdf
[2013/01/24 10:39:13 | 000,734,655 | ---- | C] () -- C:\Users\Maria\Documents\LifePurposeTips The One Question.pdf
[2013/01/23 18:37:59 | 000,036,352 | ---- | C] () -- C:\Users\Maria\Documents\THE SELF-REFLECTION MANIFESTO....pub
[2013/01/22 21:25:51 | 000,427,871 | ---- | C] () -- C:\Users\Maria\Documents\underrated stress tips 5.pdf
[2013/01/21 16:29:10 | 003,176,014 | ---- | C] () -- C:\Users\Maria\Documents\Most Inspiring Quotes of All Time.pdf
[2013/01/21 16:28:38 | 001,160,427 | ---- | C] () -- C:\Users\Maria\Documents\101 Things To Do Before You Die.pdf
[2013/01/21 16:08:26 | 000,867,943 | ---- | C] () -- C:\Users\Maria\Documents\start over create the life you want.pdf
[2013/01/17 09:22:58 | 000,269,563 | ---- | C] () -- C:\Users\Public\Documents\Prosperity Points.pdf
[2013/01/06 13:00:00 | 000,000,645 | ---- | C] () -- C:\Users\Maria\Desktop\Photos - Shortcut.lnk
[2013/01/05 14:31:35 | 000,096,768 | ---- | C] () -- C:\Users\Maria\Documents\engagment poem 2.pub
[2013/01/04 20:13:23 | 000,858,182 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/01/04 18:56:57 | 000,000,796 | ---- | C] () -- C:\Users\Public\Desktop\Speccy.lnk
[2013/01/03 19:58:52 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\CommonDL.dll
[2013/01/03 19:58:52 | 000,002,413 | ---- | C] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2012/12/24 15:48:11 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat
[2012/12/24 15:48:11 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat
[2012/12/13 17:58:51 | 000,153,088 | ---- | C] () -- C:\Windows\SysWow64\unrar3.dll
[2012/12/13 17:58:51 | 000,075,264 | ---- | C] () -- C:\Windows\SysWow64\unacev2.dll
[2012/12/13 06:50:32 | 000,107,384 | ---- | C] () -- C:\Users\Maria\AppData\Roaming\Switch.dmp
[2012/11/29 20:15:21 | 000,015,432 | ---- | C] () -- C:\Windows\Launcher.exe
[2012/11/25 17:34:45 | 001,391,616 | ---- | C] () -- C:\Windows\SysWow64\ActPDF.dll
[2012/11/20 17:59:42 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012/08/12 12:45:54 | 000,099,384 | ---- | C] () -- C:\Users\Maria\AppData\Roaming\inst.exe
[2012/08/12 12:45:54 | 000,007,859 | ---- | C] () -- C:\Users\Maria\AppData\Roaming\pcouffin.cat
[2012/08/12 12:45:54 | 000,001,167 | ---- | C] () -- C:\Users\Maria\AppData\Roaming\pcouffin.inf
[2012/08/10 22:03:57 | 000,001,057 | ---- | C] () -- C:\Users\Maria\AppData\Roaming\vso_ts_preview.xml
[2012/07/13 11:33:40 | 000,000,632 | RHS- | C] () -- C:\Users\Maria\ntuser.pol
[2012/07/12 13:15:21 | 000,149,504 | ---- | C] () -- C:\Windows\UNWISE.EXE
[2012/07/12 13:15:21 | 000,028,672 | ---- | C] () -- C:\Windows\SysWow64\PdeSrvps.dll
[2012/07/08 12:33:44 | 000,000,582 | ---- | C] () -- C:\Windows\WinInit.Ini
[2012/07/07 18:49:14 | 001,661,952 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdvserv.dll
[2012/07/07 18:49:14 | 001,502,720 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdvusb1.dll
[2012/07/07 18:49:14 | 000,977,408 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdvpmui.dll
[2012/07/07 18:49:14 | 000,885,248 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdvlmpm.dll
[2012/07/07 18:49:14 | 000,671,744 | ---- | C] ( ) -- C:\Windows\SysWow64\LXDVhcp.dll
[2012/07/07 18:49:14 | 000,541,696 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdvinpa.dll
[2012/07/07 18:49:14 | 000,524,800 | ---- | C] () -- C:\Windows\SysWow64\LXDVinst.dll
[2012/07/07 18:49:14 | 000,510,464 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdviesc.dll
[2012/07/07 18:49:14 | 000,047,104 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdvprox.dll
[2012/07/07 18:49:13 | 001,472,512 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdvcomc.dll
[2012/07/07 18:49:13 | 001,070,592 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdvhbn3.dll
[2012/07/07 18:49:13 | 001,044,136 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdvcoms.exe
[2012/07/07 18:49:13 | 000,602,792 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdvcfg.exe
[2012/07/07 18:49:13 | 000,562,688 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdvcomm.dll
[2012/07/07 18:49:13 | 000,519,336 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdvih.exe
[2012/07/07 18:49:13 | 000,299,520 | ---- | C] () -- C:\Windows\SysWow64\lxdvgrd.dll

========== ZeroAccess Check ==========

[2009/07/14 04:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 05:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 04:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 01:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 03:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 01:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Custom Scans ==========

========== Drive Information ==========

Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: SCSI
Media Type: Fixed hard disk media
Model: SAMSUNG HD161GJ SCSI Disk Device
Partitions: 2
Status: OK
Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE1 - Fixed hard disk media
Interface type: SCSI
Media Type: Fixed hard disk media
Model: SAMSUNG HD154UI SCSI Disk Device
Partitions: 1
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 100.00MB
Starting Offset: 1048576
Hidden sectors: 0


DeviceID: Disk #0, Partition #1
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 149.00GB
Starting Offset: 105906176
Hidden sectors: 0


DeviceID: Disk #1, Partition #0
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 1,397.00GB
Starting Offset: 1048576
Hidden sectors: 0


< %SYSTEMDRIVE%\*.exe >

< %systemroot%\assembly\GAC_32\*.ini >

< %systemroot%\assembly\GAC_64\*.ini >

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*.exe >

< %APPDATA%\*. >
[2012/06/27 17:29:38 | 000,000,000 | ---D | M] -- C:\Users\Maria\AppData\Roaming\5400 Series
[2012/06/27 21:10:38 | 000,000,000 | ---D | M] -- C:\Users\Maria\AppData\Roaming\Adobe
[2012/10/26 16:06:58 | 000,000,000 | ---D | M] -- C:\Users\Maria\AppData\Roaming\Apple Computer
[2012/11/18 13:10:59 | 000,000,000 | ---D | M] -- C:\Users\Maria\AppData\Roaming\ArcSoft
[2012/10/24 15:36:06 | 000,000,000 | ---D | M] -- C:\Users\Maria\AppData\Roaming\AVG
[2012/06/29 22:57:21 | 000,000,000 | ---D | M] -- C:\Users\Maria\AppData\Roaming\AVG2012
[2012/10/17 09:27:22 | 000,000,000 | ---D | M] -- C:\Users\Maria\AppData\Roaming\AVS4YOU
[2012/07/18 20:40:49 | 000,000,000 | ---D | M] -- C:\Users\Maria\AppData\Roaming\Canon
[2012/07/12 13:57:27 | 000,000,000 | ---D | M] -- C:\Users\Maria\AppData\Roaming\Creative
[2012/11/21 07:18:43 | 000,000,000 | ---D | M] -- C:\Users\Maria\AppData\Roaming\DivX
[2012/12/13 18:15:14 | 000,000,000 | ---D | M] -- C:\Users\Maria\AppData\Roaming\DriverCure
[2013/01/23 15:29:58 | 000,000,000 | ---D | M] -- C:\Users\Maria\AppData\Roaming\ExpressFiles
[2012/11/18 07:41:43 | 000,000,000 | ---D | M] -- C:\Users\Maria\AppData\Roaming\FastStone
[2012/07/12 13:07:08 | 000,000,000 | ---D | M] -- C:\Users\Maria\AppData\Roaming\Fighters
[2012/12/01 12:46:46 | 000,000,000 | ---D | M] -- C:\Users\Maria\AppData\Roaming\FreeVideoConverter
[2012/07/01 21:46:11 | 000,000,000 | ---D | M] -- C:\Users\Maria\AppData\Roaming\Google
[2012/12/13 22:10:53 | 000,000,000 | ---D | M] -- C:\Users\Maria\AppData\Roaming\Grisoft
[2012/06/26 11:21:51 | 000,000,000 | ---D | M] -- C:\Users\Maria\AppData\Roaming\Identities
[2012/08/11 16:26:17 | 000,000,000 | ---D | M] -- C:\Users\Maria\AppData\Roaming\ImgBurn
[2012/07/08 11:33:59 | 000,000,000 | ---D | M] -- C:\Users\Maria\AppData\Roaming\Lexmark Productivity Studio
[2012/06/27 19:25:00 | 000,000,000 | ---D | M] -- C:\Users\Maria\AppData\Roaming\Macromedia
[2011/04/12 08:28:08 | 000,000,000 | ---D | M] -- C:\Users\Maria\AppData\Roaming\Media Center Programs
[2013/01/30 20:13:25 | 000,000,000 | --SD | M] -- C:\Users\Maria\AppData\Roaming\Microsoft
[2012/07/01 14:11:03 | 000,000,000 | ---D | M] -- C:\Users\Maria\AppData\Roaming\Mozilla
[2012/10/19 06:17:02 | 000,000,000 | ---D | M] -- C:\Users\Maria\AppData\Roaming\NCH Software
[2012/11/20 17:07:49 | 000,000,000 | ---D | M] -- C:\Users\Maria\AppData\Roaming\Nullsoft
[2012/11/20 19:05:58 | 000,000,000 | ---D | M] -- C:\Users\Maria\AppData\Roaming\NVIDIA
[2012/12/13 17:58:49 | 000,000,000 | ---D | M] -- C:\Users\Maria\AppData\Roaming\Simply Super Software
[2012/11/25 16:45:08 | 000,000,000 | ---D | M] -- C:\Users\Maria\AppData\Roaming\Softplicity
[2012/12/13 18:15:14 | 000,000,000 | ---D | M] -- C:\Users\Maria\AppData\Roaming\SpeedyPC Software
[2012/12/14 06:47:57 | 000,000,000 | ---D | M] -- C:\Users\Maria\AppData\Roaming\SUPERAntiSpyware.com
[2012/07/05 16:53:14 | 000,000,000 | ---D | M] -- C:\Users\Maria\AppData\Roaming\tigerplayer
[2013/01/29 11:06:32 | 000,000,000 | ---D | M] -- C:\Users\Maria\AppData\Roaming\Vso
[2012/06/29 07:56:32 | 000,000,000 | ---D | M] -- C:\Users\Maria\AppData\Roaming\Windows Live Writer
[2012/11/07 22:31:31 | 000,000,000 | ---D | M] -- C:\Users\Maria\AppData\Roaming\WinRAR
[2012/07/12 16:38:06 | 000,000,000 | ---D | M] -- C:\Users\Maria\AppData\Roaming\X5400 Series

< MD5 for: ATAPI.SYS >
[2009/07/14 01:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/14 01:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/14 01:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: CSRSS.EXE >
[2009/07/14 01:39:02 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=60C2862B4BF0FD9F582EF344C2B1EC72 -- C:\Windows\SysNative\csrss.exe
[2009/07/14 01:39:02 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=60C2862B4BF0FD9F582EF344C2B1EC72 -- C:\Windows\winsxs\amd64_microsoft-windows-csrss_31bf3856ad364e35_6.1.7600.16385_none_b4d8d57efdc6b4f3\csrss.exe

< MD5 for: EXPLORER.EXE >
[2011/02/26 05:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/02/25 06:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 06:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 06:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/21 03:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/02/25 05:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 05:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/21 03:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: MSWSOCK.DLL >
[2010/11/21 03:24:00 | 000,326,144 | ---- | M] (Microsoft Corporation) MD5=1D5185A4C7E6695431AE4B55C3D7D333 -- C:\Windows\SysNative\mswsock.dll
[2010/11/21 03:24:00 | 000,326,144 | ---- | M] (Microsoft Corporation) MD5=1D5185A4C7E6695431AE4B55C3D7D333 -- C:\Windows\winsxs\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.17514_none_16795c7543eb48cf\mswsock.dll
[2010/11/21 03:24:09 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=8999B8631C7FD9F7F9EC3CAFD953BA24 -- C:\Windows\SysWOW64\mswsock.dll
[2010/11/21 03:24:09 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=8999B8631C7FD9F7F9EC3CAFD953BA24 -- C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.17514_none_ba5ac0f18b8dd799\mswsock.dll

< MD5 for: NAPINSP.DLL >
[2009/07/14 01:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=0B7E85364CB878E2AD531DB7B601A9E5 -- C:\Windows\SysWOW64\NapiNSP.dll
[2009/07/14 01:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=0B7E85364CB878E2AD531DB7B601A9E5 -- C:\Windows\winsxs\x86_microsoft-windows-n..ider-infrastructure_31bf3856ad364e35_6.1.7600.16385_none_abf396ebf0847c31\NapiNSP.dll
[2009/07/14 01:41:52 | 000,068,096 | ---- | M] (Microsoft Corporation) MD5=58A0CDABEA255616827B1C22C9994466 -- C:\Windows\SysNative\NapiNSP.dll
[2009/07/14 01:41:52 | 000,068,096 | ---- | M] (Microsoft Corporation) MD5=58A0CDABEA255616827B1C22C9994466 -- C:\Windows\winsxs\amd64_microsoft-windows-n..ider-infrastructure_31bf3856ad364e35_6.1.7600.16385_none_0812326fa8e1ed67\NapiNSP.dll

< MD5 for: NLAAPI.DLL >
[2012/01/13 07:12:03 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=0BA65122FFA7E37564EE86422DBF7AE8 -- C:\Windows\SysWOW64\nlaapi.dll
[2012/01/13 07:12:03 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=0BA65122FFA7E37564EE86422DBF7AE8 -- C:\Windows\winsxs\wow64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7601.17964_none_cfca9d84561311f2\nlaapi.dll
[2010/11/21 03:24:01 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=104A1070E90F1C530328E69B49718841 -- C:\Windows\winsxs\wow64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7601.17514_none_d000a58855ea91a1\nlaapi.dll
[2012/10/03 16:29:27 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=11B8C7970C10650827D060AA81BEE63F -- C:\Windows\winsxs\wow64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7601.22124_none_d07f52216f10753a\nlaapi.dll
[2010/11/21 03:23:54 | 000,070,656 | ---- | M] (Microsoft Corporation) MD5=2DF36F15B2BC1571A6A542A3C2107920 -- C:\Windows\winsxs\amd64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7601.17514_none_c5abfb362189cfa6\nlaapi.dll
[2012/10/03 17:44:21 | 000,070,656 | ---- | M] (Microsoft Corporation) MD5=46BB91A169B9B31FF44EB04C48EC1D41 -- C:\Windows\SysNative\nlaapi.dll
[2012/10/03 17:44:21 | 000,070,656 | ---- | M] (Microsoft Corporation) MD5=46BB91A169B9B31FF44EB04C48EC1D41 -- C:\Windows\winsxs\amd64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7601.17964_none_c575f33221b24ff7\nlaapi.dll
[2012/10/03 17:32:48 | 000,070,656 | ---- | M] (Microsoft Corporation) MD5=C98BCE54F31113D5E736C1097FD086DC -- C:\Windows\winsxs\amd64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7601.22124_none_c62aa7cf3aafb33f\nlaapi.dll

< MD5 for: PNRPNSP.DLL >
[2009/07/14 01:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) MD5=5CF640EDDB1E40A5AB1BB743BCDEC610 -- C:\Windows\SysWOW64\pnrpnsp.dll
[2009/07/14 01:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) MD5=5CF640EDDB1E40A5AB1BB743BCDEC610 -- C:\Windows\winsxs\wow64_microsoft-windows-peertopeerpnrp_31bf3856ad364e35_6.1.7600.16385_none_d7c8b1ac70865dab\pnrpnsp.dll
[2009/07/14 01:41:53 | 000,086,016 | ---- | M] (Microsoft Corporation) MD5=613C8CE10A5FDE582BA5FA64C4D56AAA -- C:\Windows\SysNative\pnrpnsp.dll
[2009/07/14 01:41:53 | 000,086,016 | ---- | M] (Microsoft Corporation) MD5=613C8CE10A5FDE582BA5FA64C4D56AAA -- C:\Windows\winsxs\amd64_microsoft-windows-peertopeerpnrp_31bf3856ad364e35_6.1.7600.16385_none_cd74075a3c259bb0\pnrpnsp.dll

< MD5 for: PRINTISOLATIONHOST.EXE >
[2009/07/14 01:39:27 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=22F020C76E339EB2B2187BA73A7E4173 -- C:\Windows\SysNative\PrintIsolationHost.exe
[2009/07/14 01:39:27 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=22F020C76E339EB2B2187BA73A7E4173 -- C:\Windows\winsxs\amd64_microsoft-windows-p..ng-server-isolation_31bf3856ad364e35_6.1.7600.16385_none_f8a40495785334a9\PrintIsolationHost.exe

< MD5 for: SERVICES.EXE >
[2009/07/14 01:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009/07/14 01:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SVCHOST.EXE >
[2009/07/14 01:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/14 01:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/14 01:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/14 01:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: USER32.DLL >
[2010/11/21 03:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll
[2010/11/21 03:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2010/11/21 03:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll
[2010/11/21 03:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll

< MD5 for: USERINIT.EXE >
[2010/11/21 03:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/21 03:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/21 03:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/21 03:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/21 03:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/21 03:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

< MD5 for: WINRNR.DLL >
[2009/07/14 01:41:56 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=2E2072EB48238FCA8FBB7A9F5FABAC45 -- C:\Windows\SysNative\winrnr.dll
[2009/07/14 01:41:56 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=2E2072EB48238FCA8FBB7A9F5FABAC45 -- C:\Windows\winsxs\amd64_microsoft-windows-dns-client-winrnr_31bf3856ad364e35_6.1.7600.16385_none_b543449669c73e11\winrnr.dll
[2009/07/14 01:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=5DF5D8CFD9B9573FA3B2C89D9061A240 -- C:\Windows\SysWOW64\winrnr.dll
[2009/07/14 01:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=5DF5D8CFD9B9573FA3B2C89D9061A240 -- C:\Windows\winsxs\x86_microsoft-windows-dns-client-winrnr_31bf3856ad364e35_6.1.7600.16385_none_5924a912b169ccdb\winrnr.dll

< MD5 for: WSHELPER.DLL >
[2009/07/14 01:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) MD5=5B90BB3171504C9DAF3C5CB44B203CA7 -- C:\Windows\SysWOW64\wshelper.dll
[2009/07/14 01:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) MD5=5B90BB3171504C9DAF3C5CB44B203CA7 -- C:\Windows\winsxs\wow64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6ace9e67456cc40b\wshelper.dll
[2009/07/14 01:41:58 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=D314DA4B0B8DCD023D547FC568E34FB6 -- C:\Windows\SysNative\wshelper.dll
[2009/07/14 01:41:58 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=D314DA4B0B8DCD023D547FC568E34FB6 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6079f415110c0210\wshelper.dll

< C:\Windows\assembly\tmp\U\*.* /s >

< %systemroot%\*. /mp /s >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2012/06/26 11:39:50 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2012/06/26 11:39:50 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2012/06/26 11:39:50 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -extoff [2012/11/14 02:56:04 | 000,757,296 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files (x86)\Internet Explorer\iexplore.exe [2012/11/14 02:56:04 | 000,757,296 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2012/06/26 11:39:48 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2012/06/26 11:39:48 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2012/06/26 11:39:48 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2012/11/14 02:56:04 | 000,757,296 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE [2012/11/14 02:56:04 | 000,757,296 | ---- | M] (Microsoft Corporation)

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %ProgramFiles%\WINDOWS NT\*.* /s >
[2010/11/21 03:24:51 | 004,247,040 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\WINDOWS NT\Accessories\wordpad.exe
[2009/07/14 01:16:20 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\WINDOWS NT\Accessories\WordpadFilter.dll
[2011/04/12 08:17:25 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\WINDOWS NT\Accessories\en-US\wordpad.exe.mui
[2009/07/14 01:16:15 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\WINDOWS NT\TableTextService\TableTextService.dll
[2009/06/10 21:43:18 | 000,016,212 | ---- | M] () -- C:\Program Files (x86)\WINDOWS NT\TableTextService\TableTextServiceAmharic.txt
[2009/06/10 21:43:18 | 001,272,822 | ---- | M] () -- C:\Program Files (x86)\WINDOWS NT\TableTextService\TableTextServiceArray.txt
[2009/06/10 21:43:18 | 000,980,102 | ---- | M] () -- C:\Program Files (x86)\WINDOWS NT\TableTextService\TableTextServiceDaYi.txt
[2009/06/10 21:43:19 | 001,665,878 | ---- | M] () -- C:\Program Files (x86)\WINDOWS NT\TableTextService\TableTextServiceSimplifiedQuanPin.txt
[2009/06/10 21:43:19 | 001,445,430 | ---- | M] () -- C:\Program Files (x86)\WINDOWS NT\TableTextService\TableTextServiceSimplifiedShuangPin.txt
[2009/06/10 21:43:19 | 001,810,352 | ---- | M] () -- C:\Program Files (x86)\WINDOWS NT\TableTextService\TableTextServiceSimplifiedZhengMa.txt
[2009/06/10 21:43:19 | 000,044,968 | ---- | M] () -- C:\Program Files (x86)\WINDOWS NT\TableTextService\TableTextServiceYi.txt
[2011/04/12 08:17:20 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\WINDOWS NT\TableTextService\en-US\TableTextService.dll.mui

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemdrive%\$Recycle.Bin|@;true;true;true /fp >

< >

< End of report >




when it had finished it only came up with one log. i have tried to search for another log but cannot find one.

iv iv opened the zip file and tried to run it and it is still coming up with two empty boxes with nothing to select to scan?
im going to run the others now and i will put the logs up.
  • 0

#6
mariaj

mariaj

    Member

  • Topic Starter
  • Member
  • PipPip
  • 84 posts
22:17:29.0520 2068 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
22:17:29.0857 2068 ============================================================
22:17:29.0857 2068 Current date / time: 2013/01/30 22:17:29.0857
22:17:29.0857 2068 SystemInfo:
22:17:29.0857 2068
22:17:29.0857 2068 OS Version: 6.1.7601 ServicePack: 1.0
22:17:29.0857 2068 Product type: Workstation
22:17:29.0857 2068 ComputerName: MARIA-PC
22:17:29.0858 2068 UserName: Maria
22:17:29.0858 2068 Windows directory: C:\Windows
22:17:29.0858 2068 System windows directory: C:\Windows
22:17:29.0858 2068 Running under WOW64
22:17:29.0858 2068 Processor architecture: Intel x64
22:17:29.0858 2068 Number of processors: 1
22:17:29.0858 2068 Page size: 0x1000
22:17:29.0858 2068 Boot type: Normal boot
22:17:29.0858 2068 ============================================================
22:17:31.0272 2068 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:17:31.0273 2068 Drive \Device\Harddisk1\DR1 - Size: 0x15D50F66000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:17:31.0279 2068 ============================================================
22:17:31.0280 2068 \Device\Harddisk0\DR0:
22:17:31.0280 2068 MBR partitions:
22:17:31.0280 2068 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
22:17:31.0280 2068 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x129E6800
22:17:31.0280 2068 \Device\Harddisk1\DR1:
22:17:31.0280 2068 MBR partitions:
22:17:31.0280 2068 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xAEA86800
22:17:31.0280 2068 ============================================================
22:17:31.0298 2068 C: <-> \Device\Harddisk0\DR0\Partition2
22:17:31.0320 2068 E: <-> \Device\Harddisk1\DR1\Partition1
22:17:31.0320 2068 ============================================================
22:17:31.0320 2068 Initialize success
22:17:31.0320 2068 ============================================================
22:17:37.0608 2900 ============================================================
22:17:37.0608 2900 Scan started
22:17:37.0608 2900 Mode: Manual;
22:17:37.0608 2900 ============================================================
22:17:39.0110 2900 ================ Scan system memory ========================
22:17:39.0110 2900 System memory - ok
22:17:39.0116 2900 ================ Scan services =============================
22:17:39.0370 2900 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
22:17:39.0373 2900 !SASCORE - ok
22:17:39.0573 2900 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
22:17:39.0576 2900 1394ohci - ok
22:17:39.0622 2900 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
22:17:39.0625 2900 ACPI - ok
22:17:39.0667 2900 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
22:17:39.0668 2900 AcpiPmi - ok
22:17:39.0803 2900 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:17:39.0806 2900 AdobeARMservice - ok
22:17:39.0949 2900 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:17:39.0954 2900 AdobeFlashPlayerUpdateSvc - ok
22:17:40.0002 2900 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
22:17:40.0008 2900 adp94xx - ok
22:17:40.0059 2900 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
22:17:40.0064 2900 adpahci - ok
22:17:40.0089 2900 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
22:17:40.0092 2900 adpu320 - ok
22:17:40.0124 2900 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
22:17:40.0125 2900 AeLookupSvc - ok
22:17:40.0173 2900 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
22:17:40.0178 2900 AFD - ok
22:17:40.0210 2900 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
22:17:40.0212 2900 agp440 - ok
22:17:40.0230 2900 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
22:17:40.0232 2900 ALG - ok
22:17:40.0250 2900 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
22:17:40.0251 2900 aliide - ok
22:17:40.0260 2900 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
22:17:40.0261 2900 amdide - ok
22:17:40.0292 2900 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
22:17:40.0293 2900 AmdK8 - ok
22:17:40.0325 2900 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
22:17:40.0326 2900 AmdPPM - ok
22:17:40.0362 2900 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
22:17:40.0363 2900 amdsata - ok
22:17:40.0399 2900 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
22:17:40.0402 2900 amdsbs - ok
22:17:40.0431 2900 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
22:17:40.0432 2900 amdxata - ok
22:17:40.0456 2900 Andbus - ok
22:17:40.0466 2900 AndDiag - ok
22:17:40.0472 2900 AndGps - ok
22:17:40.0486 2900 ANDModem - ok
22:17:40.0516 2900 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
22:17:40.0518 2900 AppID - ok
22:17:40.0546 2900 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
22:17:40.0546 2900 AppIDSvc - ok
22:17:40.0594 2900 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
22:17:40.0596 2900 Appinfo - ok
22:17:40.0667 2900 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:17:40.0670 2900 Apple Mobile Device - ok
22:17:40.0738 2900 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
22:17:40.0742 2900 AppMgmt - ok
22:17:40.0777 2900 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
22:17:40.0779 2900 arc - ok
22:17:40.0798 2900 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
22:17:40.0800 2900 arcsas - ok
22:17:40.0945 2900 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
22:17:40.0947 2900 aspnet_state - ok
22:17:40.0994 2900 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
22:17:40.0996 2900 AsyncMac - ok
22:17:41.0033 2900 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
22:17:41.0034 2900 atapi - ok
22:17:41.0091 2900 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:17:41.0097 2900 AudioEndpointBuilder - ok
22:17:41.0112 2900 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
22:17:41.0116 2900 AudioSrv - ok
22:17:41.0184 2900 [ 9BDF898574A559BDCFE6F4562417BB1C ] AVG Anti-Spyware Driver C:\Program Files (x86)\Grisoft\AVG Anti-Spyware 7.5\guard64.sys
22:17:41.0184 2900 AVG Anti-Spyware Driver - ok
22:17:41.0201 2900 [ 5DCD235C061022BCDA9AA48670B64211 ] AVG Anti-Spyware Guard C:\Program Files (x86)\Grisoft\AVG Anti-Spyware 7.5\guard.exe
22:17:41.0203 2900 AVG Anti-Spyware Guard - ok
22:17:41.0252 2900 [ B1D20447EE6C1A1FF4009DA17B60CC04 ] AvgAsC64 C:\Windows\system32\DRIVERS\AvgAsC64.sys
22:17:41.0253 2900 AvgAsC64 - ok
22:17:41.0416 2900 [ F6A528DE535396C2FB1A4E3C6F00CEC4 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
22:17:41.0448 2900 AVGIDSAgent - ok
22:17:41.0496 2900 [ 1B2E9FCDC26DC7C81D4131430E2DC936 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
22:17:41.0498 2900 AVGIDSDriver - ok
22:17:41.0512 2900 [ 0F293406F64B48D5D2F0D3A1117F3A83 ] AVGIDSFilter C:\Windows\system32\DRIVERS\avgidsfiltera.sys
22:17:41.0513 2900 AVGIDSFilter - ok
22:17:41.0527 2900 [ CFFC3A4A638F462E0561CB368B9A7A3A ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
22:17:41.0528 2900 AVGIDSHA - ok
22:17:41.0555 2900 [ 221FEBAB02D6C97C95558348CC354A85 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
22:17:41.0558 2900 Avgldx64 - ok
22:17:41.0575 2900 [ A6AEC362AAE5E2DDA7445E7690CB0F33 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
22:17:41.0576 2900 Avgmfx64 - ok
22:17:41.0586 2900 [ 645C7F0A0E39758A0024A9B1748273C0 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
22:17:41.0586 2900 Avgrkx64 - ok
22:17:41.0601 2900 [ F8C3C7ED612A41B05C66358FC9786BFD ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
22:17:41.0605 2900 Avgtdia - ok
22:17:41.0643 2900 [ 371428CF0F71934CB0F2344823ADFA32 ] avgtp C:\Windows\system32\drivers\avgtpx64.sys
22:17:41.0643 2900 avgtp - ok
22:17:41.0671 2900 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
22:17:41.0672 2900 avgwd - ok
22:17:41.0715 2900 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
22:17:41.0718 2900 AxInstSV - ok
22:17:41.0778 2900 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
22:17:41.0790 2900 b06bdrv - ok
22:17:41.0848 2900 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
22:17:41.0852 2900 b57nd60a - ok
22:17:41.0914 2900 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
22:17:41.0917 2900 BDESVC - ok
22:17:41.0948 2900 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
22:17:41.0950 2900 Beep - ok
22:17:42.0005 2900 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
22:17:42.0014 2900 BFE - ok
22:17:42.0043 2900 BITCOMET_HELPER_SERVICE - ok
22:17:42.0092 2900 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
22:17:42.0104 2900 BITS - ok
22:17:42.0140 2900 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
22:17:42.0141 2900 blbdrive - ok
22:17:42.0193 2900 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
22:17:42.0200 2900 Bonjour Service - ok
22:17:42.0241 2900 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
22:17:42.0242 2900 bowser - ok
22:17:42.0265 2900 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
22:17:42.0266 2900 BrFiltLo - ok
22:17:42.0286 2900 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
22:17:42.0287 2900 BrFiltUp - ok
22:17:42.0314 2900 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
22:17:42.0317 2900 Browser - ok
22:17:42.0337 2900 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
22:17:42.0341 2900 Brserid - ok
22:17:42.0361 2900 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
22:17:42.0362 2900 BrSerWdm - ok
22:17:42.0378 2900 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
22:17:42.0379 2900 BrUsbMdm - ok
22:17:42.0386 2900 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
22:17:42.0387 2900 BrUsbSer - ok
22:17:42.0402 2900 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
22:17:42.0403 2900 BTHMODEM - ok
22:17:42.0466 2900 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
22:17:42.0470 2900 bthserv - ok
22:17:42.0518 2900 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
22:17:42.0520 2900 cdfs - ok
22:17:42.0561 2900 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
22:17:42.0564 2900 cdrom - ok
22:17:42.0610 2900 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
22:17:42.0612 2900 CertPropSvc - ok
22:17:42.0637 2900 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
22:17:42.0639 2900 circlass - ok
22:17:42.0661 2900 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
22:17:42.0664 2900 CLFS - ok
22:17:42.0705 2900 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:17:42.0706 2900 clr_optimization_v2.0.50727_32 - ok
22:17:42.0738 2900 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:17:42.0739 2900 clr_optimization_v2.0.50727_64 - ok
22:17:42.0838 2900 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:17:42.0840 2900 clr_optimization_v4.0.30319_32 - ok
22:17:42.0853 2900 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:17:42.0854 2900 clr_optimization_v4.0.30319_64 - ok
22:17:42.0885 2900 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
22:17:42.0892 2900 CmBatt - ok
22:17:42.0915 2900 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
22:17:42.0916 2900 cmdide - ok
22:17:42.0946 2900 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
22:17:42.0949 2900 CNG - ok
22:17:42.0963 2900 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
22:17:42.0964 2900 Compbatt - ok
22:17:42.0993 2900 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
22:17:42.0994 2900 CompositeBus - ok
22:17:43.0013 2900 COMSysApp - ok
22:17:43.0034 2900 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
22:17:43.0035 2900 crcdisk - ok
22:17:43.0085 2900 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
22:17:43.0086 2900 CryptSvc - ok
22:17:43.0130 2900 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
22:17:43.0137 2900 CSC - ok
22:17:43.0158 2900 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
22:17:43.0162 2900 CscService - ok
22:17:43.0188 2900 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
22:17:43.0192 2900 DcomLaunch - ok
22:17:43.0236 2900 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
22:17:43.0239 2900 defragsvc - ok
22:17:43.0279 2900 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
22:17:43.0281 2900 DfsC - ok
22:17:43.0335 2900 [ B9430166FEB246F6070A62B3554932C9 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
22:17:43.0337 2900 dg_ssudbus - ok
22:17:43.0375 2900 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
22:17:43.0377 2900 Dhcp - ok
22:17:43.0395 2900 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
22:17:43.0396 2900 discache - ok
22:17:43.0441 2900 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
22:17:43.0442 2900 Disk - ok
22:17:43.0483 2900 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
22:17:43.0487 2900 dmvsc - ok
22:17:43.0527 2900 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
22:17:43.0529 2900 Dnscache - ok
22:17:43.0581 2900 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
22:17:43.0585 2900 dot3svc - ok
22:17:43.0602 2900 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
22:17:43.0604 2900 DPS - ok
22:17:43.0651 2900 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
22:17:43.0652 2900 drmkaud - ok
22:17:43.0695 2900 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
22:17:43.0707 2900 DXGKrnl - ok
22:17:43.0725 2900 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
22:17:43.0727 2900 EapHost - ok
22:17:43.0791 2900 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
22:17:43.0823 2900 ebdrv - ok
22:17:43.0857 2900 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
22:17:43.0858 2900 EFS - ok
22:17:43.0927 2900 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
22:17:43.0941 2900 ehRecvr - ok
22:17:43.0966 2900 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
22:17:43.0968 2900 ehSched - ok
22:17:44.0027 2900 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
22:17:44.0033 2900 elxstor - ok
22:17:44.0052 2900 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
22:17:44.0053 2900 ErrDev - ok
22:17:44.0103 2900 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
22:17:44.0106 2900 EventSystem - ok
22:17:44.0128 2900 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
22:17:44.0130 2900 exfat - ok
22:17:44.0152 2900 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
22:17:44.0154 2900 fastfat - ok
22:17:44.0207 2900 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
22:17:44.0214 2900 Fax - ok
22:17:44.0244 2900 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
22:17:44.0245 2900 fdc - ok
22:17:44.0260 2900 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
22:17:44.0261 2900 fdPHost - ok
22:17:44.0272 2900 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
22:17:44.0273 2900 FDResPub - ok
22:17:44.0285 2900 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
22:17:44.0286 2900 FileInfo - ok
22:17:44.0302 2900 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
22:17:44.0303 2900 Filetrace - ok
22:17:44.0319 2900 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
22:17:44.0320 2900 flpydisk - ok
22:17:44.0336 2900 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
22:17:44.0338 2900 FltMgr - ok
22:17:44.0376 2900 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
22:17:44.0388 2900 FontCache - ok
22:17:44.0433 2900 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:17:44.0433 2900 FontCache3.0.0.0 - ok
22:17:44.0461 2900 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
22:17:44.0464 2900 FsDepends - ok
22:17:44.0499 2900 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
22:17:44.0500 2900 Fs_Rec - ok
22:17:44.0550 2900 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
22:17:44.0554 2900 fvevol - ok
22:17:44.0594 2900 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
22:17:44.0595 2900 gagp30kx - ok
22:17:44.0645 2900 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:17:44.0647 2900 GEARAspiWDM - ok
22:17:44.0689 2900 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
22:17:44.0697 2900 gpsvc - ok
22:17:44.0786 2900 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:17:44.0789 2900 gupdate - ok
22:17:44.0824 2900 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:17:44.0825 2900 gupdatem - ok
22:17:44.0880 2900 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
22:17:44.0882 2900 gusvc - ok
22:17:44.0904 2900 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
22:17:44.0905 2900 hcw85cir - ok
22:17:44.0964 2900 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:17:44.0969 2900 HdAudAddService - ok
22:17:45.0009 2900 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
22:17:45.0011 2900 HDAudBus - ok
22:17:45.0033 2900 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
22:17:45.0034 2900 HidBatt - ok
22:17:45.0053 2900 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
22:17:45.0055 2900 HidBth - ok
22:17:45.0076 2900 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
22:17:45.0077 2900 HidIr - ok
22:17:45.0098 2900 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
22:17:45.0100 2900 hidserv - ok
22:17:45.0136 2900 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
22:17:45.0137 2900 HidUsb - ok
22:17:45.0158 2900 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
22:17:45.0160 2900 hkmsvc - ok
22:17:45.0174 2900 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:17:45.0177 2900 HomeGroupListener - ok
22:17:45.0209 2900 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:17:45.0211 2900 HomeGroupProvider - ok
22:17:45.0239 2900 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
22:17:45.0241 2900 HpSAMD - ok
22:17:45.0265 2900 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
22:17:45.0270 2900 HTTP - ok
22:17:45.0288 2900 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
22:17:45.0289 2900 hwpolicy - ok
22:17:45.0304 2900 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
22:17:45.0306 2900 i8042prt - ok
22:17:45.0322 2900 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
22:17:45.0326 2900 iaStorV - ok
22:17:45.0368 2900 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:17:45.0388 2900 idsvc - ok
22:17:45.0409 2900 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
22:17:45.0411 2900 iirsp - ok
22:17:45.0455 2900 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
22:17:45.0465 2900 IKEEXT - ok
22:17:45.0484 2900 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
22:17:45.0486 2900 intelide - ok
22:17:45.0517 2900 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
22:17:45.0519 2900 intelppm - ok
22:17:45.0539 2900 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
22:17:45.0541 2900 IPBusEnum - ok
22:17:45.0557 2900 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:17:45.0558 2900 IpFilterDriver - ok
22:17:45.0586 2900 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
22:17:45.0592 2900 iphlpsvc - ok
22:17:45.0608 2900 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
22:17:45.0609 2900 IPMIDRV - ok
22:17:45.0625 2900 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
22:17:45.0626 2900 IPNAT - ok
22:17:45.0713 2900 [ 0F261EC4F514926177C70C1832374231 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
22:17:45.0717 2900 iPod Service - ok
22:17:45.0753 2900 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
22:17:45.0754 2900 IRENUM - ok
22:17:45.0778 2900 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
22:17:45.0778 2900 isapnp - ok
22:17:45.0812 2900 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
22:17:45.0827 2900 iScsiPrt - ok
22:17:45.0877 2900 [ 159DD42C08B462F4B2D2740387FFBDFE ] Jukebox3_x64 C:\Windows\system32\DRIVERS\ctpdusbx.sys
22:17:45.0877 2900 Jukebox3_x64 - ok
22:17:45.0909 2900 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
22:17:45.0910 2900 kbdclass - ok
22:17:45.0949 2900 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
22:17:45.0950 2900 kbdhid - ok
22:17:45.0963 2900 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
22:17:45.0964 2900 KeyIso - ok
22:17:45.0989 2900 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
22:17:45.0990 2900 KSecDD - ok
22:17:46.0012 2900 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
22:17:46.0013 2900 KSecPkg - ok
22:17:46.0030 2900 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
22:17:46.0031 2900 ksthunk - ok
22:17:46.0061 2900 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
22:17:46.0066 2900 KtmRm - ok
22:17:46.0090 2900 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
22:17:46.0093 2900 LanmanServer - ok
22:17:46.0120 2900 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:17:46.0122 2900 LanmanWorkstation - ok
22:17:46.0212 2900 [ 61323B88EFE90F6B144A3611B3ED1D7D ] Lavasoft Ad-Aware Service C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
22:17:46.0222 2900 Lavasoft Ad-Aware Service - ok
22:17:46.0270 2900 [ 9A7FA6371F68335FD3C3D6488BC5A9F8 ] Lavasoft Kernexplorer C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys
22:17:46.0271 2900 Lavasoft Kernexplorer - ok
22:17:46.0296 2900 [ 3C46290F7A5D45BA6EF32C248E22AA69 ] Lbd C:\Windows\system32\DRIVERS\Lbd.sys
22:17:46.0297 2900 Lbd - ok
22:17:46.0307 2900 LgBttPort - ok
22:17:46.0328 2900 lgbusenum - ok
22:17:46.0342 2900 LGVMODEM - ok
22:17:46.0372 2900 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
22:17:46.0372 2900 lltdio - ok
22:17:46.0404 2900 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
22:17:46.0408 2900 lltdsvc - ok
22:17:46.0422 2900 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
22:17:46.0423 2900 lmhosts - ok
22:17:46.0456 2900 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
22:17:46.0457 2900 LSI_FC - ok
22:17:46.0480 2900 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
22:17:46.0482 2900 LSI_SAS - ok
22:17:46.0500 2900 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
22:17:46.0501 2900 LSI_SAS2 - ok
22:17:46.0511 2900 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
22:17:46.0512 2900 LSI_SCSI - ok
22:17:46.0531 2900 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
22:17:46.0531 2900 luafv - ok
22:17:46.0582 2900 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
22:17:46.0584 2900 Mcx2Svc - ok
22:17:46.0599 2900 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
22:17:46.0600 2900 megasas - ok
22:17:46.0617 2900 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
22:17:46.0621 2900 MegaSR - ok
22:17:46.0715 2900 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
22:17:46.0717 2900 Microsoft Office Groove Audit Service - ok
22:17:46.0741 2900 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
22:17:46.0742 2900 MMCSS - ok
22:17:46.0760 2900 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
22:17:46.0761 2900 Modem - ok
22:17:46.0799 2900 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
22:17:46.0799 2900 monitor - ok
22:17:46.0841 2900 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
22:17:46.0842 2900 mouclass - ok
22:17:46.0869 2900 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
22:17:46.0871 2900 mouhid - ok
22:17:46.0881 2900 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
22:17:46.0882 2900 mountmgr - ok
22:17:46.0900 2900 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
22:17:46.0902 2900 mpio - ok
22:17:46.0919 2900 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
22:17:46.0921 2900 mpsdrv - ok
22:17:46.0945 2900 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
22:17:46.0951 2900 MpsSvc - ok
22:17:46.0975 2900 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
22:17:46.0977 2900 MRxDAV - ok
22:17:47.0004 2900 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
22:17:47.0005 2900 mrxsmb - ok
22:17:47.0022 2900 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:17:47.0023 2900 mrxsmb10 - ok
22:17:47.0039 2900 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:17:47.0040 2900 mrxsmb20 - ok
22:17:47.0058 2900 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
22:17:47.0059 2900 msahci - ok
22:17:47.0074 2900 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
22:17:47.0076 2900 msdsm - ok
22:17:47.0092 2900 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
22:17:47.0095 2900 MSDTC - ok
22:17:47.0115 2900 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
22:17:47.0116 2900 Msfs - ok
22:17:47.0151 2900 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
22:17:47.0152 2900 mshidkmdf - ok
22:17:47.0161 2900 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
22:17:47.0162 2900 msisadrv - ok
22:17:47.0188 2900 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
22:17:47.0191 2900 MSiSCSI - ok
22:17:47.0198 2900 msiserver - ok
22:17:47.0230 2900 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
22:17:47.0230 2900 MSKSSRV - ok
22:17:47.0242 2900 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
22:17:47.0243 2900 MSPCLOCK - ok
22:17:47.0262 2900 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
22:17:47.0262 2900 MSPQM - ok
22:17:47.0281 2900 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
22:17:47.0283 2900 MsRPC - ok
22:17:47.0303 2900 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
22:17:47.0304 2900 mssmbios - ok
22:17:47.0426 2900 MSSQL$SQLLANSWEEPER2K8 - ok
22:17:47.0521 2900 [ F1761C8FB2B25A32C6D63E36BB88C3AE ] MSSQLServerADHelper100 C:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
22:17:47.0522 2900 MSSQLServerADHelper100 - ok
22:17:47.0554 2900 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
22:17:47.0555 2900 MSTEE - ok
22:17:47.0574 2900 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
22:17:47.0575 2900 MTConfig - ok
22:17:47.0594 2900 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
22:17:47.0595 2900 Mup - ok
22:17:47.0628 2900 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
22:17:47.0635 2900 napagent - ok
22:17:47.0680 2900 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
22:17:47.0683 2900 NativeWifiP - ok
22:17:47.0746 2900 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
22:17:47.0751 2900 NDIS - ok
22:17:47.0781 2900 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
22:17:47.0781 2900 NdisCap - ok
22:17:47.0822 2900 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
22:17:47.0823 2900 NdisTapi - ok
22:17:47.0842 2900 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
22:17:47.0843 2900 Ndisuio - ok
22:17:47.0867 2900 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
22:17:47.0869 2900 NdisWan - ok
22:17:47.0882 2900 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
22:17:47.0883 2900 NDProxy - ok
22:17:47.0922 2900 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
22:17:47.0923 2900 NetBIOS - ok
22:17:47.0939 2900 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
22:17:47.0942 2900 NetBT - ok
22:17:47.0954 2900 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
22:17:47.0956 2900 Netlogon - ok
22:17:48.0006 2900 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
22:17:48.0011 2900 Netman - ok
22:17:48.0030 2900 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:17:48.0056 2900 NetMsmqActivator - ok
22:17:48.0084 2900 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:17:48.0085 2900 NetPipeActivator - ok
22:17:48.0122 2900 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
22:17:48.0126 2900 netprofm - ok
22:17:48.0133 2900 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:17:48.0200 2900 NetTcpActivator - ok
22:17:48.0208 2900 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:17:48.0209 2900 NetTcpPortSharing - ok
22:17:48.0243 2900 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
22:17:48.0244 2900 nfrd960 - ok
22:17:48.0277 2900 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
22:17:48.0280 2900 NlaSvc - ok
22:17:48.0293 2900 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
22:17:48.0294 2900 Npfs - ok
22:17:48.0312 2900 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
22:17:48.0314 2900 nsi - ok
22:17:48.0346 2900 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
22:17:48.0347 2900 nsiproxy - ok
22:17:48.0392 2900 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
22:17:48.0406 2900 Ntfs - ok
22:17:48.0420 2900 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
22:17:48.0421 2900 Null - ok
22:17:48.0469 2900 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
22:17:48.0473 2900 NVENETFD - ok
22:17:48.0559 2900 [ 857FB74754EBFF94EE3AD40788740916 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
22:17:48.0567 2900 NVHDA - ok
22:17:48.0942 2900 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
22:17:49.0136 2900 nvlddmkm - ok
22:17:49.0183 2900 [ 0AD267A4674805B61A5D7B911D2A978A ] NVNET C:\Windows\system32\DRIVERS\nvmf6264.sys
22:17:49.0186 2900 NVNET - ok
22:17:49.0209 2900 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
22:17:49.0211 2900 nvraid - ok
22:17:49.0236 2900 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
22:17:49.0237 2900 nvstor - ok
22:17:49.0294 2900 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] NVSvc C:\Windows\system32\nvvsvc.exe
22:17:49.0300 2900 NVSvc - ok
22:17:49.0379 2900 [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
22:17:49.0386 2900 nvUpdatusService - ok
22:17:49.0431 2900 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
22:17:49.0433 2900 nv_agp - ok
22:17:49.0512 2900 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:17:49.0523 2900 odserv - ok
22:17:49.0552 2900 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
22:17:49.0554 2900 ohci1394 - ok
22:17:49.0611 2900 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:17:49.0613 2900 ose - ok
22:17:49.0651 2900 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
22:17:49.0657 2900 p2pimsvc - ok
22:17:49.0675 2900 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
22:17:49.0681 2900 p2psvc - ok
22:17:49.0714 2900 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
22:17:49.0716 2900 Parport - ok
22:17:49.0744 2900 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
22:17:49.0745 2900 partmgr - ok
22:17:49.0765 2900 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
22:17:49.0768 2900 PcaSvc - ok
22:17:49.0791 2900 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
22:17:49.0792 2900 pci - ok
22:17:49.0811 2900 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
22:17:49.0811 2900 pciide - ok
22:17:49.0845 2900 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
22:17:49.0847 2900 pcmcia - ok
22:17:49.0861 2900 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
22:17:49.0862 2900 pcw - ok
22:17:49.0883 2900 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
22:17:49.0886 2900 PEAUTH - ok
22:17:49.0933 2900 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
22:17:49.0946 2900 PeerDistSvc - ok
22:17:50.0022 2900 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
22:17:50.0024 2900 PerfHost - ok
22:17:50.0073 2900 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
22:17:50.0087 2900 pla - ok
22:17:50.0149 2900 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
22:17:50.0166 2900 PlugPlay - ok
22:17:50.0186 2900 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
22:17:50.0188 2900 PNRPAutoReg - ok
22:17:50.0213 2900 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
22:17:50.0215 2900 PNRPsvc - ok
22:17:50.0250 2900 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
22:17:50.0255 2900 PolicyAgent - ok
22:17:50.0284 2900 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
22:17:50.0286 2900 Power - ok
22:17:50.0332 2900 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
22:17:50.0333 2900 PptpMiniport - ok
22:17:50.0382 2900 [ 7BDEE918920E7BCA1052C95A9F3CE06C ] Printer Control C:\Windows\system32\PrintCtrl.exe
22:17:50.0384 2900 Printer Control - ok
22:17:50.0403 2900 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
22:17:50.0404 2900 Processor - ok
22:17:50.0431 2900 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
22:17:50.0433 2900 ProfSvc - ok
22:17:50.0450 2900 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
22:17:50.0451 2900 ProtectedStorage - ok
22:17:50.0483 2900 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
22:17:50.0485 2900 Psched - ok
22:17:50.0520 2900 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
22:17:50.0536 2900 ql2300 - ok
22:17:50.0552 2900 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
22:17:50.0554 2900 ql40xx - ok
22:17:50.0583 2900 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
22:17:50.0587 2900 QWAVE - ok
22:17:50.0606 2900 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
22:17:50.0607 2900 QWAVEdrv - ok
22:17:50.0619 2900 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
22:17:50.0620 2900 RasAcd - ok
22:17:50.0658 2900 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
22:17:50.0659 2900 RasAgileVpn - ok
22:17:50.0684 2900 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
22:17:50.0686 2900 RasAuto - ok
22:17:50.0704 2900 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
22:17:50.0707 2900 Rasl2tp - ok
22:17:50.0726 2900 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
22:17:50.0731 2900 RasMan - ok
22:17:50.0746 2900 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
22:17:50.0748 2900 RasPppoe - ok
22:17:50.0783 2900 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
22:17:50.0785 2900 RasSstp - ok
22:17:50.0803 2900 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
22:17:50.0807 2900 rdbss - ok
22:17:50.0819 2900 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
22:17:50.0820 2900 rdpbus - ok
22:17:50.0831 2900 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
22:17:50.0831 2900 RDPCDD - ok
22:17:50.0869 2900 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
22:17:50.0871 2900 RDPDR - ok
22:17:50.0901 2900 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
22:17:50.0902 2900 RDPENCDD - ok
22:17:50.0916 2900 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
22:17:50.0917 2900 RDPREFMP - ok
22:17:50.0948 2900 [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
22:17:50.0949 2900 RdpVideoMiniport - ok
22:17:50.0978 2900 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
22:17:50.0980 2900 RDPWD - ok
22:17:50.0998 2900 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
22:17:50.0999 2900 rdyboost - ok
22:17:51.0023 2900 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
22:17:51.0025 2900 RemoteAccess - ok
22:17:51.0048 2900 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
22:17:51.0051 2900 RemoteRegistry - ok
22:17:51.0090 2900 [ 7B04C9843921AB1F695FB395422C5360 ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys
22:17:51.0091 2900 RimUsb - ok
22:17:51.0107 2900 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
22:17:51.0109 2900 RpcEptMapper - ok
22:17:51.0118 2900 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
22:17:51.0119 2900 RpcLocator - ok
22:17:51.0142 2900 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
22:17:51.0145 2900 RpcSs - ok
22:17:51.0186 2900 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
22:17:51.0187 2900 rspndr - ok
22:17:51.0205 2900 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
22:17:51.0205 2900 s3cap - ok
22:17:51.0221 2900 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
22:17:51.0223 2900 SamSs - ok
22:17:51.0315 2900 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
22:17:51.0317 2900 SASDIFSV - ok
22:17:51.0371 2900 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
22:17:51.0374 2900 SASKUTIL - ok
22:17:51.0409 2900 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
22:17:51.0411 2900 sbp2port - ok
22:17:51.0441 2900 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
22:17:51.0446 2900 SCardSvr - ok
22:17:51.0466 2900 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
22:17:51.0467 2900 scfilter - ok
22:17:51.0497 2900 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
22:17:51.0508 2900 Schedule - ok
22:17:51.0534 2900 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
22:17:51.0534 2900 SCPolicySvc - ok
22:17:51.0553 2900 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
22:17:51.0556 2900 SDRSVC - ok
22:17:51.0591 2900 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
22:17:51.0591 2900 secdrv - ok
22:17:51.0607 2900 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
22:17:51.0609 2900 seclogon - ok
22:17:51.0624 2900 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
22:17:51.0626 2900 SENS - ok
22:17:51.0636 2900 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
22:17:51.0637 2900 SensrSvc - ok
22:17:51.0673 2900 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
22:17:51.0674 2900 Serenum - ok
22:17:51.0715 2900 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
22:17:51.0716 2900 Serial - ok
22:17:51.0732 2900 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
22:17:51.0733 2900 sermouse - ok
22:17:51.0758 2900 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
22:17:51.0761 2900 SessionEnv - ok
22:17:51.0775 2900 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
22:17:51.0786 2900 sffdisk - ok
22:17:51.0807 2900 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
22:17:51.0808 2900 sffp_mmc - ok
22:17:51.0827 2900 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
22:17:51.0827 2900 sffp_sd - ok
22:17:51.0847 2900 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
22:17:51.0848 2900 sfloppy - ok
22:17:51.0878 2900 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
22:17:51.0882 2900 SharedAccess - ok
22:17:51.0919 2900 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:17:51.0922 2900 ShellHWDetection - ok
22:17:51.0967 2900 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
22:17:51.0968 2900 SiSRaid2 - ok
22:17:51.0993 2900 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
22:17:51.0995 2900 SiSRaid4 - ok
22:17:52.0032 2900 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
22:17:52.0034 2900 Smb - ok
22:17:52.0070 2900 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
22:17:52.0072 2900 SNMPTRAP - ok
22:17:52.0088 2900 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
22:17:52.0089 2900 spldr - ok
22:17:52.0122 2900 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
22:17:52.0126 2900 Spooler - ok
22:17:52.0185 2900 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
22:17:52.0203 2900 sppsvc - ok
22:17:52.0221 2900 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
22:17:52.0224 2900 sppuinotify - ok
22:17:52.0333 2900 [ D494597E8C665F2D515D9D24FA9616EF ] SQLAgent$SQLLANSWEEPER2K8 C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLLANSWEEPER2K8\MSSQL\Binn\SQLAGENT.EXE
22:17:52.0341 2900 SQLAgent$SQLLANSWEEPER2K8 - ok
22:17:52.0396 2900 [ B54B48F6D92423440C264E91225C5FF1 ] SQLBrowser C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
22:17:52.0401 2900 SQLBrowser - ok
22:17:52.0472 2900 [ C298D989D717CB153702E397B6D9AAAD ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
22:17:52.0476 2900 SQLWriter - ok
22:17:52.0528 2900 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
22:17:52.0534 2900 srv - ok
22:17:52.0561 2900 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
22:17:52.0567 2900 srv2 - ok
22:17:52.0592 2900 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
22:17:52.0594 2900 srvnet - ok
22:17:52.0655 2900 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
22:17:52.0660 2900 SSDPSRV - ok
22:17:52.0689 2900 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
22:17:52.0693 2900 SstpSvc - ok
22:17:52.0749 2900 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
22:17:52.0752 2900 Stereo Service - ok
22:17:52.0783 2900 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
22:17:52.0784 2900 stexstor - ok
22:17:52.0831 2900 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
22:17:52.0835 2900 stisvc - ok
22:17:52.0862 2900 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
22:17:52.0863 2900 storflt - ok
22:17:52.0899 2900 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
22:17:52.0901 2900 storvsc - ok
22:17:52.0929 2900 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
22:17:52.0930 2900 swenum - ok
22:17:52.0979 2900 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
22:17:52.0985 2900 swprv - ok
22:17:53.0002 2900 [ C3A39C4079305480972D29C44B868C78 ] Synth3dVsc C:\Windows\system32\drivers\synth3dvsc.sys
22:17:53.0004 2900 Synth3dVsc - ok
22:17:53.0040 2900 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
22:17:53.0055 2900 SysMain - ok
22:17:53.0069 2900 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:17:53.0071 2900 TabletInputService - ok
22:17:53.0086 2900 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
22:17:53.0090 2900 TapiSrv - ok
22:17:53.0118 2900 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
22:17:53.0121 2900 TBS - ok
22:17:53.0184 2900 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
22:17:53.0205 2900 Tcpip - ok
22:17:53.0254 2900 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
22:17:53.0265 2900 TCPIP6 - ok
22:17:53.0281 2900 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
22:17:53.0282 2900 tcpipreg - ok
22:17:53.0309 2900 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
22:17:53.0310 2900 TDPIPE - ok
22:17:53.0335 2900 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
22:17:53.0336 2900 TDTCP - ok
22:17:53.0355 2900 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
22:17:53.0356 2900 tdx - ok
22:17:53.0372 2900 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
22:17:53.0373 2900 TermDD - ok
22:17:53.0396 2900 [ 2B5BDFF688EC9871D7EC5837833374E9 ] terminpt C:\Windows\system32\drivers\terminpt.sys
22:17:53.0397 2900 terminpt - ok
22:17:53.0430 2900 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
22:17:53.0437 2900 TermService - ok
22:17:53.0449 2900 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
22:17:53.0451 2900 Themes - ok
22:17:53.0467 2900 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
22:17:53.0469 2900 THREADORDER - ok
22:17:53.0488 2900 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
22:17:53.0490 2900 TrkWks - ok
22:17:53.0530 2900 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:17:53.0534 2900 TrustedInstaller - ok
22:17:53.0567 2900 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
22:17:53.0568 2900 tssecsrv - ok
22:17:53.0603 2900 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
22:17:53.0604 2900 TsUsbFlt - ok
22:17:53.0633 2900 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
22:17:53.0634 2900 TsUsbGD - ok
22:17:53.0665 2900 [ E1748D04AE40118B62BC18AC86032192 ] tsusbhub C:\Windows\system32\drivers\tsusbhub.sys
22:17:53.0666 2900 tsusbhub - ok
22:17:53.0708 2900 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
22:17:53.0716 2900 tunnel - ok
22:17:53.0734 2900 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
22:17:53.0736 2900 uagp35 - ok
22:17:53.0757 2900 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
22:17:53.0760 2900 udfs - ok
22:17:53.0794 2900 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
22:17:53.0796 2900 UI0Detect - ok
22:17:53.0850 2900 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
22:17:53.0853 2900 uliagpkx - ok
22:17:53.0884 2900 UltiDev Web Server Pro - ok
22:17:53.0914 2900 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
22:17:53.0916 2900 umbus - ok
22:17:53.0928 2900 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
22:17:53.0929 2900 UmPass - ok
22:17:53.0963 2900 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
22:17:53.0966 2900 UmRdpService - ok
22:17:53.0987 2900 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
22:17:53.0992 2900 upnphost - ok
22:17:54.0048 2900 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
22:17:54.0049 2900 USBAAPL64 - ok
22:17:54.0081 2900 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
22:17:54.0082 2900 usbccgp - ok
22:17:54.0129 2900 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
22:17:54.0132 2900 usbcir - ok
22:17:54.0174 2900 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
22:17:54.0176 2900 usbehci - ok
22:17:54.0229 2900 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
22:17:54.0234 2900 usbhub - ok
22:17:54.0267 2900 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
22:17:54.0268 2900 usbohci - ok
22:17:54.0310 2900 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
22:17:54.0311 2900 usbprint - ok
22:17:54.0367 2900 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
22:17:54.0370 2900 usbscan - ok
22:17:54.0419 2900 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:17:54.0421 2900 USBSTOR - ok
22:17:54.0447 2900 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
22:17:54.0448 2900 usbuhci - ok
22:17:54.0498 2900 [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
22:17:54.0499 2900 usb_rndisx - ok
22:17:54.0509 2900 UWS HiPriv Services - ok
22:17:54.0519 2900 UWS LoPriv Services - ok
22:17:54.0543 2900 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
22:17:54.0544 2900 UxSms - ok
22:17:54.0556 2900 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
22:17:54.0557 2900 VaultSvc - ok
22:17:54.0603 2900 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
22:17:54.0603 2900 vdrvroot - ok
22:17:54.0641 2900 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
22:17:54.0648 2900 vds - ok
22:17:54.0661 2900 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
22:17:54.0662 2900 vga - ok
22:17:54.0669 2900 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
22:17:54.0670 2900 VgaSave - ok
22:17:54.0678 2900 VGPU - ok
22:17:54.0694 2900 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
22:17:54.0696 2900 vhdmp - ok
22:17:54.0753 2900 [ 906A7C6B6659A650648CF21998270945 ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
22:17:54.0765 2900 VIAHdAudAddService - ok
22:17:54.0781 2900 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
22:17:54.0782 2900 viaide - ok
22:17:54.0810 2900 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
22:17:54.0813 2900 vmbus - ok
22:17:54.0833 2900 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
22:17:54.0833 2900 VMBusHID - ok
22:17:54.0848 2900 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
22:17:54.0849 2900 volmgr - ok
22:17:54.0865 2900 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
22:17:54.0868 2900 volmgrx - ok
22:17:54.0897 2900 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
22:17:54.0899 2900 volsnap - ok
22:17:54.0935 2900 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
22:17:54.0937 2900 vsmraid - ok
22:17:54.0986 2900 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
22:17:54.0995 2900 VSS - ok
22:17:55.0047 2900 vToolbarUpdater13.2.0 - ok
22:17:55.0075 2900 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
22:17:55.0077 2900 vwifibus - ok
22:17:55.0097 2900 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
22:17:55.0103 2900 W32Time - ok
22:17:55.0133 2900 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
22:17:55.0134 2900 WacomPen - ok
22:17:55.0161 2900 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
22:17:55.0163 2900 WANARP - ok
22:17:55.0184 2900 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
22:17:55.0185 2900 Wanarpv6 - ok
22:17:55.0239 2900 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
22:17:55.0250 2900 WatAdminSvc - ok
22:17:55.0295 2900 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
22:17:55.0310 2900 wbengine - ok
22:17:55.0348 2900 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
22:17:55.0351 2900 WbioSrvc - ok
22:17:55.0373 2900 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
22:17:55.0378 2900 wcncsvc - ok
22:17:55.0398 2900 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:17:55.0400 2900 WcsPlugInService - ok
22:17:55.0425 2900 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
22:17:55.0426 2900 Wd - ok
22:17:55.0462 2900 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
22:17:55.0466 2900 Wdf01000 - ok
22:17:55.0478 2900 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
22:17:55.0481 2900 WdiServiceHost - ok
22:17:55.0487 2900 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
22:17:55.0489 2900 WdiSystemHost - ok
22:17:55.0509 2900 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
22:17:55.0514 2900 WebClient - ok
22:17:55.0528 2900 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
22:17:55.0532 2900 Wecsvc - ok
22:17:55.0554 2900 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
22:17:55.0557 2900 wercplsupport - ok
22:17:55.0586 2900 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
22:17:55.0589 2900 WerSvc - ok
22:17:55.0621 2900 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
22:17:55.0621 2900 WfpLwf - ok
22:17:55.0647 2900 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
22:17:55.0648 2900 WIMMount - ok
22:17:55.0676 2900 WinDefend - ok
22:17:55.0701 2900 WinHttpAutoProxySvc - ok
22:17:55.0753 2900 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
22:17:55.0760 2900 Winmgmt - ok
22:17:55.0834 2900 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
22:17:55.0854 2900 WinRM - ok
22:17:55.0931 2900 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
22:17:55.0933 2900 WinUsb - ok
22:17:55.0988 2900 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
22:17:56.0001 2900 Wlansvc - ok
22:17:56.0107 2900 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:17:56.0123 2900 wlidsvc - ok
22:17:56.0145 2900 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
22:17:56.0146 2900 WmiAcpi - ok
22:17:56.0173 2900 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
22:17:56.0175 2900 wmiApSrv - ok
22:17:56.0212 2900 WMPNetworkSvc - ok
22:17:56.0236 2900 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
22:17:56.0237 2900 WPCSvc - ok
22:17:56.0252 2900 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
22:17:56.0254 2900 WPDBusEnum - ok
22:17:56.0278 2900 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
22:17:56.0279 2900 ws2ifsl - ok
22:17:56.0295 2900 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
22:17:56.0297 2900 wscsvc - ok
22:17:56.0304 2900 WSearch - ok
22:17:56.0373 2900 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
22:17:56.0396 2900 wuauserv - ok
22:17:56.0426 2900 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
22:17:56.0427 2900 WudfPf - ok
22:17:56.0466 2900 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
22:17:56.0468 2900 WUDFRd - ok
22:17:56.0500 2900 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
22:17:56.0503 2900 wudfsvc - ok
22:17:56.0527 2900 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
22:17:56.0531 2900 WwanSvc - ok
22:17:56.0572 2900 ================ Scan global ===============================
22:17:56.0598 2900 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
22:17:56.0632 2900 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
22:17:56.0640 2900 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
22:17:56.0674 2900 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
22:17:56.0695 2900 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
22:17:56.0700 2900 [Global] - ok
22:17:56.0702 2900 ================ Scan MBR ==================================
22:17:56.0710 2900 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:17:56.0908 2900 \Device\Harddisk0\DR0 - ok
22:17:56.0914 2900 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
22:17:56.0916 2900 \Device\Harddisk1\DR1 - ok
22:17:56.0919 2900 ================ Scan VBR ==================================
22:17:56.0922 2900 [ 883FF5AE54A479A73EE6EF5328F28FDE ] \Device\Harddisk0\DR0\Partition1
22:17:56.0923 2900 \Device\Harddisk0\DR0\Partition1 - ok
22:17:56.0935 2900 [ 09E145BB0FF09C9D85B81E92909277FA ] \Device\Harddisk0\DR0\Partition2
22:17:56.0937 2900 \Device\Harddisk0\DR0\Partition2 - ok
22:17:56.0942 2900 [ B1002D79EF2AD8894397C427BD4AB6BB ] \Device\Harddisk1\DR1\Partition1
22:17:56.0944 2900 \Device\Harddisk1\DR1\Partition1 - ok
22:17:56.0947 2900 ============================================================
22:17:56.0947 2900 Scan finished
22:17:56.0947 2900 ============================================================
22:17:56.0958 5988 Detected object count: 0
22:17:56.0958 5988 Actual detected object count: 0
22:18:31.0987 3712 ============================================================
22:18:31.0987 3712 Scan started
22:18:31.0987 3712 Mode: Manual; SigCheck; TDLFS;
22:18:31.0987 3712 ============================================================
22:18:32.0170 3712 ================ Scan system memory ========================
22:18:32.0170 3712 System memory - ok
22:18:32.0176 3712 ================ Scan services =============================
22:18:32.0235 3712 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
22:18:32.0304 3712 !SASCORE - ok
22:18:32.0456 3712 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
22:18:32.0529 3712 1394ohci - ok
22:18:32.0554 3712 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
22:18:32.0568 3712 ACPI - ok
22:18:32.0581 3712 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
22:18:32.0612 3712 AcpiPmi - ok
22:18:32.0765 3712 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:18:32.0799 3712 AdobeARMservice - ok
22:18:32.0970 3712 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:18:32.0990 3712 AdobeFlashPlayerUpdateSvc - ok
22:18:33.0022 3712 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
22:18:33.0039 3712 adp94xx - ok
22:18:33.0056 3712 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
22:18:33.0070 3712 adpahci - ok
22:18:33.0087 3712 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
22:18:33.0098 3712 adpu320 - ok
22:18:33.0129 3712 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
22:18:33.0170 3712 AeLookupSvc - ok
22:18:33.0211 3712 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
22:18:33.0226 3712 AFD - ok
22:18:33.0241 3712 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
22:18:33.0251 3712 agp440 - ok
22:18:33.0269 3712 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
22:18:33.0295 3712 ALG - ok
22:18:33.0314 3712 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
22:18:33.0324 3712 aliide - ok
22:18:33.0340 3712 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
22:18:33.0350 3712 amdide - ok
22:18:33.0363 3712 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
22:18:33.0377 3712 AmdK8 - ok
22:18:33.0397 3712 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
22:18:33.0423 3712 AmdPPM - ok
22:18:33.0450 3712 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
22:18:33.0462 3712 amdsata - ok
22:18:33.0479 3712 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
22:18:33.0491 3712 amdsbs - ok
22:18:33.0521 3712 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
22:18:33.0531 3712 amdxata - ok
22:18:33.0538 3712 Andbus - ok
22:18:33.0545 3712 AndDiag - ok
22:18:33.0551 3712 AndGps - ok
22:18:33.0559 3712 ANDModem - ok
22:18:33.0571 3712 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
22:18:33.0613 3712 AppID - ok
22:18:33.0634 3712 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
22:18:33.0665 3712 AppIDSvc - ok
22:18:33.0681 3712 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
22:18:33.0724 3712 Appinfo - ok
22:18:33.0780 3712 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:18:33.0798 3712 Apple Mobile Device - ok
22:18:33.0835 3712 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
22:18:33.0859 3712 AppMgmt - ok
22:18:33.0882 3712 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
22:18:33.0893 3712 arc - ok
22:18:33.0911 3712 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
22:18:33.0923 3712 arcsas - ok
22:18:34.0050 3712 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
22:18:34.0072 3712 aspnet_state - ok
22:18:34.0091 3712 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
22:18:34.0135 3712 AsyncMac - ok
22:18:34.0154 3712 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
22:18:34.0164 3712 atapi - ok
22:18:34.0195 3712 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:18:34.0228 3712 AudioEndpointBuilder - ok
22:18:34.0240 3712 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
22:18:34.0274 3712 AudioSrv - ok
22:18:34.0314 3712 [ 9BDF898574A559BDCFE6F4562417BB1C ] AVG Anti-Spyware Driver C:\Program Files (x86)\Grisoft\AVG Anti-Spyware 7.5\guard64.sys
22:18:34.0328 3712 AVG Anti-Spyware Driver - ok
22:18:34.0347 3712 [ 5DCD235C061022BCDA9AA48670B64211 ] AVG Anti-Spyware Guard C:\Program Files (x86)\Grisoft\AVG Anti-Spyware 7.5\guard.exe
22:18:34.0359 3712 AVG Anti-Spyware Guard - ok
22:18:34.0374 3712 [ B1D20447EE6C1A1FF4009DA17B60CC04 ] AvgAsC64 C:\Windows\system32\DRIVERS\AvgAsC64.sys
22:18:34.0383 3712 AvgAsC64 - ok
22:18:34.0530 3712 [ F6A528DE535396C2FB1A4E3C6F00CEC4 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
22:18:34.0612 3712 AVGIDSAgent - ok
22:18:34.0634 3712 [ 1B2E9FCDC26DC7C81D4131430E2DC936 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
22:18:34.0646 3712 AVGIDSDriver - ok
22:18:34.0659 3712 [ 0F293406F64B48D5D2F0D3A1117F3A83 ] AVGIDSFilter C:\Windows\system32\DRIVERS\avgidsfiltera.sys
22:18:34.0668 3712 AVGIDSFilter - ok
22:18:34.0682 3712 [ CFFC3A4A638F462E0561CB368B9A7A3A ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
22:18:34.0693 3712 AVGIDSHA - ok
22:18:34.0727 3712 [ 221FEBAB02D6C97C95558348CC354A85 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
22:18:34.0741 3712 Avgldx64 - ok
22:18:34.0755 3712 [ A6AEC362AAE5E2DDA7445E7690CB0F33 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
22:18:34.0764 3712 Avgmfx64 - ok
22:18:34.0782 3712 [ 645C7F0A0E39758A0024A9B1748273C0 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
22:18:34.0792 3712 Avgrkx64 - ok
22:18:34.0814 3712 [ F8C3C7ED612A41B05C66358FC9786BFD ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
22:18:34.0829 3712 Avgtdia - ok
22:18:34.0847 3712 [ 371428CF0F71934CB0F2344823ADFA32 ] avgtp C:\Windows\system32\drivers\avgtpx64.sys
22:18:34.0858 3712 avgtp - ok
22:18:34.0884 3712 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
22:18:34.0896 3712 avgwd - ok
22:18:34.0920 3712 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
22:18:34.0949 3712 AxInstSV - ok
22:18:34.0982 3712 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
22:18:35.0015 3712 b06bdrv - ok
22:18:35.0036 3712 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
22:18:35.0065 3712 b57nd60a - ok
22:18:35.0094 3712 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
22:18:35.0115 3712 BDESVC - ok
22:18:35.0136 3712 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
22:18:35.0189 3712 Beep - ok
22:18:35.0215 3712 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
22:18:35.0263 3712 BFE - ok
22:18:35.0269 3712 BITCOMET_HELPER_SERVICE - ok
22:18:35.0319 3712 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
22:18:35.0367 3712 BITS - ok
22:18:35.0385 3712 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
22:18:35.0413 3712 blbdrive - ok
22:18:35.0460 3712 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
22:18:35.0474 3712 Bonjour Service - ok
22:18:35.0503 3712 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
22:18:35.0527 3712 bowser - ok
22:18:35.0552 3712 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
22:18:35.0585 3712 BrFiltLo - ok
22:18:35.0607 3712 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
22:18:35.0620 3712 BrFiltUp - ok
22:18:35.0642 3712 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
22:18:35.0665 3712 Browser - ok
22:18:35.0690 3712 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
22:18:35.0714 3712 Brserid - ok
22:18:35.0731 3712 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
22:18:35.0759 3712 BrSerWdm - ok
22:18:35.0774 3712 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
22:18:35.0801 3712 BrUsbMdm - ok
22:18:35.0810 3712 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
22:18:35.0822 3712 BrUsbSer - ok
22:18:35.0839 3712 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
22:18:35.0864 3712 BTHMODEM - ok
22:18:35.0902 3712 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
22:18:35.0944 3712 bthserv - ok
22:18:35.0961 3712 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
22:18:36.0002 3712 cdfs - ok
22:18:36.0023 3712 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
22:18:36.0051 3712 cdrom - ok
22:18:36.0071 3712 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
22:18:36.0117 3712 CertPropSvc - ok
22:18:36.0140 3712 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
22:18:36.0166 3712 circlass - ok
22:18:36.0205 3712 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
22:18:36.0219 3712 CLFS - ok
22:18:36.0258 3712 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:18:36.0267 3712 clr_optimization_v2.0.50727_32 - ok
22:18:36.0299 3712 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:18:36.0309 3712 clr_optimization_v2.0.50727_64 - ok
22:18:36.0384 3712 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:18:36.0421 3712 clr_optimization_v4.0.30319_32 - ok
22:18:36.0439 3712 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:18:36.0453 3712 clr_optimization_v4.0.30319_64 - ok
22:18:36.0471 3712 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
22:18:36.0498 3712 CmBatt - ok
22:18:36.0526 3712 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
22:18:36.0536 3712 cmdide - ok
22:18:36.0565 3712 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
22:18:36.0586 3712 CNG - ok
22:18:36.0607 3712 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
22:18:36.0617 3712 Compbatt - ok
22:18:36.0637 3712 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
22:18:36.0652 3712 CompositeBus - ok
22:18:36.0660 3712 COMSysApp - ok
22:18:36.0677 3712 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
22:18:36.0687 3712 crcdisk - ok
22:18:36.0721 3712 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
22:18:36.0744 3712 CryptSvc - ok
22:18:36.0782 3712 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
22:18:36.0815 3712 CSC - ok
22:18:36.0844 3712 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
22:18:36.0875 3712 CscService - ok
22:18:36.0907 3712 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
22:18:36.0953 3712 DcomLaunch - ok
22:18:36.0979 3712 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
22:18:37.0028 3712 defragsvc - ok
22:18:37.0057 3712 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
22:18:37.0102 3712 DfsC - ok
22:18:37.0129 3712 [ B9430166FEB246F6070A62B3554932C9 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
22:18:37.0140 3712 dg_ssudbus - ok
22:18:37.0160 3712 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
22:18:37.0192 3712 Dhcp - ok
22:18:37.0213 3712 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
22:18:37.0253 3712 discache - ok
22:18:37.0284 3712 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
22:18:37.0296 3712 Disk - ok
22:18:37.0325 3712 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
22:18:37.0352 3712 dmvsc - ok
22:18:37.0386 3712 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
22:18:37.0416 3712 Dnscache - ok
22:18:37.0449 3712 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
22:18:37.0493 3712 dot3svc - ok
22:18:37.0511 3712 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
22:18:37.0556 3712 DPS - ok
22:18:37.0585 3712 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
22:18:37.0629 3712 drmkaud - ok
22:18:37.0678 3712 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
22:18:37.0700 3712 DXGKrnl - ok
22:18:37.0717 3712 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
22:18:37.0759 3712 EapHost - ok
22:18:37.0843 3712 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
22:18:37.0889 3712 ebdrv - ok
22:18:37.0924 3712 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
22:18:37.0935 3712 EFS - ok
22:18:38.0002 3712 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
22:18:38.0048 3712 ehRecvr - ok
22:18:38.0066 3712 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
22:18:38.0079 3712 ehSched - ok
22:18:38.0110 3712 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
22:18:38.0128 3712 elxstor - ok
22:18:38.0144 3712 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
22:18:38.0170 3712 ErrDev - ok
22:18:38.0220 3712 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
22:18:38.0269 3712 EventSystem - ok
22:18:38.0294 3712 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
22:18:38.0326 3712 exfat - ok
22:18:38.0342 3712 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
22:18:38.0386 3712 fastfat - ok
22:18:38.0423 3712 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
22:18:38.0453 3712 Fax - ok
22:18:38.0485 3712 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
22:18:38.0525 3712 fdc - ok
22:18:38.0543 3712 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
22:18:38.0597 3712 fdPHost - ok
22:18:38.0621 3712 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
22:18:38.0668 3712 FDResPub - ok
22:18:38.0684 3712 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
22:18:38.0695 3712 FileInfo - ok
22:18:38.0708 3712 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
22:18:38.0749 3712 Filetrace - ok
22:18:38.0768 3712 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
22:18:38.0781 3712 flpydisk - ok
22:18:38.0801 3712 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
22:18:38.0815 3712 FltMgr - ok
22:18:38.0865 3712 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
22:18:38.0923 3712 FontCache - ok
22:18:38.0972 3712 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:18:38.0994 3712 FontCache3.0.0.0 - ok
22:18:39.0026 3712 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
22:18:39.0040 3712 FsDepends - ok
22:18:39.0064 3712 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
22:18:39.0078 3712 Fs_Rec - ok
22:18:39.0098 3712 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
22:18:39.0115 3712 fvevol - ok
22:18:39.0133 3712 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
22:18:39.0144 3712 gagp30kx - ok
22:18:39.0169 3712 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:18:39.0177 3712 GEARAspiWDM - ok
22:18:39.0211 3712 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
22:18:39.0246 3712 gpsvc - ok
22:18:39.0291 3712 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:18:39.0300 3712 gupdate - ok
22:18:39.0306 3712 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:18:39.0316 3712 gupdatem - ok
22:18:39.0362 3712 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
22:18:39.0371 3712 gusvc - ok
22:18:39.0394 3712 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
22:18:39.0423 3712 hcw85cir - ok
22:18:39.0465 3712 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:18:39.0508 3712 HdAudAddService - ok
22:18:39.0532 3712 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
22:18:39.0547 3712 HDAudBus - ok
22:18:39.0564 3712 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
22:18:39.0589 3712 HidBatt - ok
22:18:39.0609 3712 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
22:18:39.0637 3712 HidBth - ok
22:18:39.0658 3712 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
22:18:39.0676 3712 HidIr - ok
22:18:39.0696 3712 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
22:18:39.0736 3712 hidserv - ok
22:18:39.0759 3712 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
22:18:39.0771 3712 HidUsb - ok
22:18:39.0797 3712 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
22:18:39.0838 3712 hkmsvc - ok
22:18:39.0871 3712 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:18:39.0887 3712 HomeGroupListener - ok
22:18:39.0914 3712 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:18:39.0940 3712 HomeGroupProvider - ok
22:18:39.0962 3712 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
22:18:39.0972 3712 HpSAMD - ok
22:18:39.0996 3712 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
22:18:40.0040 3712 HTTP - ok
22:18:40.0060 3712 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
22:18:40.0070 3712 hwpolicy - ok
22:18:40.0084 3712 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
22:18:40.0098 3712 i8042prt - ok
22:18:40.0119 3712 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
22:18:40.0134 3712 iaStorV - ok
22:18:40.0172 3712 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:18:40.0196 3712 idsvc - ok
22:18:40.0215 3712 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
22:18:40.0224 3712 iirsp - ok
22:18:40.0267 3712 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
22:18:40.0315 3712 IKEEXT - ok
22:18:40.0339 3712 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
22:18:40.0350 3712 intelide - ok
22:18:40.0364 3712 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
22:18:40.0391 3712 intelppm - ok
22:18:40.0410 3712 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
22:18:40.0453 3712 IPBusEnum - ok
22:18:40.0470 3712 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:18:40.0500 3712 IpFilterDriver - ok
22:18:40.0532 3712 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
22:18:40.0560 3712 iphlpsvc - ok
22:18:40.0579 3712 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
22:18:40.0602 3712 IPMIDRV - ok
22:18:40.0621 3712 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
22:18:40.0668 3712 IPNAT - ok
22:18:40.0732 3712 [ 0F261EC4F514926177C70C1832374231 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
22:18:40.0766 3712 iPod Service - ok
22:18:40.0782 3712 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
22:18:40.0811 3712 IRENUM - ok
22:18:40.0832 3712 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
22:18:40.0841 3712 isapnp - ok
22:18:40.0866 3712 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
22:18:40.0882 3712 iScsiPrt - ok
22:18:40.0906 3712 [ 159DD42C08B462F4B2D2740387FFBDFE ] Jukebox3_x64 C:\Windows\system32\DRIVERS\ctpdusbx.sys
22:18:40.0917 3712 Jukebox3_x64 - ok
22:18:40.0930 3712 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
22:18:40.0940 3712 kbdclass - ok
22:18:40.0954 3712 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
22:18:40.0966 3712 kbdhid - ok
22:18:40.0976 3712 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
22:18:40.0987 3712 KeyIso - ok
22:18:41.0010 3712 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
22:18:41.0020 3712 KSecDD - ok
22:18:41.0042 3712 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
22:18:41.0054 3712 KSecPkg - ok
22:18:41.0067 3712 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
22:18:41.0112 3712 ksthunk - ok
22:18:41.0149 3712 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
22:18:41.0199 3712 KtmRm - ok
22:18:41.0229 3712 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
22:18:41.0273 3712 LanmanServer - ok
22:18:41.0306 3712 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:18:41.0350 3712 LanmanWorkstation - ok
22:18:41.0438 3712 [ 61323B88EFE90F6B144A3611B3ED1D7D ] Lavasoft Ad-Aware Service C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
22:18:41.0472 3712 Lavasoft Ad-Aware Service ( UnsignedFile.Multi.Generic ) - warning
22:18:41.0472 3712 Lavasoft Ad-Aware Service - detected UnsignedFile.Multi.Generic (1)
22:18:41.0490 3712 [ 9A7FA6371F68335FD3C3D6488BC5A9F8 ] Lavasoft Kernexplorer C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys
22:18:41.0501 3712 Lavasoft Kernexplorer - ok
22:18:41.0524 3712 [ 3C46290F7A5D45BA6EF32C248E22AA69 ] Lbd C:\Windows\system32\DRIVERS\Lbd.sys
22:18:41.0536 3712 Lbd - ok
22:18:41.0546 3712 LgBttPort - ok
22:18:41.0553 3712 lgbusenum - ok
22:18:41.0560 3712 LGVMODEM - ok
22:18:41.0575 3712 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
22:18:41.0619 3712 lltdio - ok
22:18:41.0656 3712 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
22:18:41.0705 3712 lltdsvc - ok
22:18:41.0725 3712 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
22:18:41.0756 3712 lmhosts - ok
22:18:41.0775 3712 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
22:18:41.0790 3712 LSI_FC - ok
22:18:41.0825 3712 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
22:18:41.0858 3712 LSI_SAS - ok
22:18:41.0878 3712 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
22:18:41.0890 3712 LSI_SAS2 - ok
22:18:41.0899 3712 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
22:18:41.0910 3712 LSI_SCSI - ok
22:18:41.0925 3712 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
22:18:41.0968 3712 luafv - ok
22:18:42.0001 3712 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
22:18:42.0014 3712 Mcx2Svc - ok
22:18:42.0035 3712 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
22:18:42.0045 3712 megasas - ok
22:18:42.0061 3712 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
22:18:42.0074 3712 MegaSR - ok
22:18:42.0143 3712 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
22:18:42.0173 3712 Microsoft Office Groove Audit Service - ok
22:18:42.0218 3712 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
22:18:42.0272 3712 MMCSS - ok
22:18:42.0295 3712 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
22:18:42.0337 3712 Modem - ok
22:18:42.0367 3712 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
22:18:42.0391 3712 monitor - ok
22:18:42.0409 3712 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
22:18:42.0419 3712 mouclass - ok
22:18:42.0429 3712 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
22:18:42.0453 3712 mouhid - ok
22:18:42.0474 3712 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
22:18:42.0485 3712 mountmgr - ok
22:18:42.0501 3712 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
22:18:42.0513 3712 mpio - ok
22:18:42.0531 3712 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
22:18:42.0563 3712 mpsdrv - ok
22:18:42.0597 3712 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
22:18:42.0645 3712 MpsSvc - ok
22:18:42.0667 3712 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
22:18:42.0696 3712 MRxDAV - ok
22:18:42.0729 3712 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
22:18:42.0758 3712 mrxsmb - ok
22:18:42.0780 3712 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:18:42.0798 3712 mrxsmb10 - ok
22:18:42.0815 3712 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:18:42.0828 3712 mrxsmb20 - ok
22:18:42.0859 3712 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
22:18:42.0869 3712 msahci - ok
22:18:42.0883 3712 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
22:18:42.0895 3712 msdsm - ok
22:18:42.0909 3712 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
22:18:42.0939 3712 MSDTC - ok
22:18:42.0966 3712 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
22:18:42.0997 3712 Msfs - ok
22:18:43.0010 3712 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
22:18:43.0041 3712 mshidkmdf - ok
22:18:43.0053 3712 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
22:18:43.0063 3712 msisadrv - ok
22:18:43.0088 3712 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
22:18:43.0136 3712 MSiSCSI - ok
22:18:43.0143 3712 msiserver - ok
22:18:43.0163 3712 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
22:18:43.0202 3712 MSKSSRV - ok
22:18:43.0217 3712 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
22:18:43.0254 3712 MSPCLOCK - ok
22:18:43.0261 3712 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
22:18:43.0297 3712 MSPQM - ok
22:18:43.0322 3712 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
22:18:43.0336 3712 MsRPC - ok
22:18:43.0352 3712 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
22:18:43.0362 3712 mssmbios - ok
22:18:43.0475 3712 MSSQL$SQLLANSWEEPER2K8 - ok
22:18:43.0579 3712 [ F1761C8FB2B25A32C6D63E36BB88C3AE ] MSSQLServerADHelper100 C:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
22:18:43.0605 3712 MSSQLServerADHelper100 - ok
22:18:43.0628 3712 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
22:18:43.0667 3712 MSTEE - ok
22:18:43.0689 3712 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
22:18:43.0702 3712 MTConfig - ok
22:18:43.0718 3712 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
22:18:43.0729 3712 Mup - ok
22:18:43.0761 3712 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
22:18:43.0812 3712 napagent - ok
22:18:43.0846 3712 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
22:18:43.0864 3712 NativeWifiP - ok
22:18:43.0911 3712 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
22:18:43.0932 3712 NDIS - ok
22:18:43.0946 3712 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
22:18:43.0992 3712 NdisCap - ok
22:18:44.0012 3712 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
22:18:44.0043 3712 NdisTapi - ok
22:18:44.0066 3712 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
22:18:44.0116 3712 Ndisuio - ok
22:18:44.0140 3712 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
22:18:44.0183 3712 NdisWan - ok
22:18:44.0205 3712 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
22:18:44.0236 3712 NDProxy - ok
22:18:44.0245 3712 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
22:18:44.0288 3712 NetBIOS - ok
22:18:44.0312 3712 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
22:18:44.0343 3712 NetBT - ok
22:18:44.0360 3712 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
22:18:44.0373 3712 Netlogon - ok
22:18:44.0404 3712 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
22:18:44.0452 3712 Netman - ok
22:18:44.0479 3712 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:18:44.0488 3712 NetMsmqActivator - ok
22:18:44.0496 3712 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:18:44.0505 3712 NetPipeActivator - ok
22:18:44.0535 3712 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
22:18:44.0590 3712 netprofm - ok
22:18:44.0598 3712 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:18:44.0607 3712 NetTcpActivator - ok
22:18:44.0617 3712 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:18:44.0627 3712 NetTcpPortSharing - ok
22:18:44.0649 3712 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
22:18:44.0659 3712 nfrd960 - ok
22:18:44.0692 3712 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
22:18:44.0728 3712 NlaSvc - ok
22:18:44.0749 3712 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
22:18:44.0784 3712 Npfs - ok
22:18:44.0801 3712 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
22:18:44.0849 3712 nsi - ok
22:18:44.0869 3712 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
22:18:44.0917 3712 nsiproxy - ok
22:18:44.0972 3712 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
22:18:45.0001 3712 Ntfs - ok
22:18:45.0017 3712 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
22:18:45.0049 3712 Null - ok
22:18:45.0082 3712 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
22:18:45.0114 3712 NVENETFD - ok
22:18:45.0147 3712 [ 857FB74754EBFF94EE3AD40788740916 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
22:18:45.0160 3712 NVHDA - ok
22:18:45.0414 3712 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
22:18:45.0590 3712 nvlddmkm - ok
22:18:45.0614 3712 [ 0AD267A4674805B61A5D7B911D2A978A ] NVNET C:\Windows\system32\DRIVERS\nvmf6264.sys
22:18:45.0628 3712 NVNET - ok
22:18:45.0648 3712 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
22:18:45.0659 3712 nvraid - ok
22:18:45.0692 3712 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
22:18:45.0704 3712 nvstor - ok
22:18:45.0741 3712 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] NVSvc C:\Windows\system32\nvvsvc.exe
22:18:45.0764 3712 NVSvc - ok
22:18:45.0846 3712 [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
22:18:45.0885 3712 nvUpdatusService - ok
22:18:45.0920 3712 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
22:18:45.0931 3712 nv_agp - ok
22:18:46.0009 3712 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:18:46.0038 3712 odserv - ok
22:18:46.0058 3712 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
22:18:46.0072 3712 ohci1394 - ok
22:18:46.0099 3712 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:18:46.0109 3712 ose - ok
22:18:46.0149 3712 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
22:18:46.0177 3712 p2pimsvc - ok
22:18:46.0204 3712 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
22:18:46.0222 3712 p2psvc - ok
22:18:46.0253 3712 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
22:18:46.0266 3712 Parport - ok
22:18:46.0291 3712 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
22:18:46.0305 3712 partmgr - ok
22:18:46.0320 3712 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
22:18:46.0351 3712 PcaSvc - ok
22:18:46.0375 3712 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
22:18:46.0387 3712 pci - ok
22:18:46.0399 3712 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
22:18:46.0409 3712 pciide - ok
22:18:46.0433 3712 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
22:18:46.0445 3712 pcmcia - ok
22:18:46.0466 3712 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
22:18:46.0476 3712 pcw - ok
22:18:46.0497 3712 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
22:18:46.0543 3712 PEAUTH - ok
22:18:46.0588 3712 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
22:18:46.0631 3712 PeerDistSvc - ok
22:18:46.0710 3712 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
22:18:46.0740 3712 PerfHost - ok
22:18:46.0794 3712 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
22:18:46.0847 3712 pla - ok
22:18:46.0889 3712 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
22:18:46.0922 3712 PlugPlay - ok
22:18:46.0948 3712 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
22:18:46.0974 3712 PNRPAutoReg - ok
22:18:47.0000 3712 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
22:18:47.0016 3712 PNRPsvc - ok
22:18:47.0045 3712 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
22:18:47.0094 3712 PolicyAgent - ok
22:18:47.0130 3712 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
22:18:47.0173 3712 Power - ok
22:18:47.0202 3712 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
22:18:47.0243 3712 PptpMiniport - ok
22:18:47.0278 3712 [ 7BDEE918920E7BCA1052C95A9F3CE06C ] Printer Control C:\Windows\system32\PrintCtrl.exe
22:18:47.0286 3712 Printer Control ( UnsignedFile.Multi.Generic ) - warning
22:18:47.0286 3712 Printer Control - detected UnsignedFile.Multi.Generic (1)
22:18:47.0307 3712 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
22:18:47.0333 3712 Processor - ok
22:18:47.0368 3712 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
22:18:47.0397 3712 ProfSvc - ok
22:18:47.0420 3712 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
22:18:47.0433 3712 ProtectedStorage - ok
22:18:47.0453 3712 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
22:18:47.0494 3712 Psched - ok
22:18:47.0531 3712 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
22:18:47.0559 3712 ql2300 - ok
22:18:47.0588 3712 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
22:18:47.0600 3712 ql40xx - ok
22:18:47.0628 3712 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
22:18:47.0648 3712 QWAVE - ok
22:18:47.0659 3712 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
22:18:47.0689 3712 QWAVEdrv - ok
22:18:47.0714 3712 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
22:18:47.0756 3712 RasAcd - ok
22:18:47.0786 3712 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
22:18:47.0817 3712 RasAgileVpn - ok
22:18:47.0844 3712 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
22:18:47.0891 3712 RasAuto - ok
22:18:47.0915 3712 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
22:18:47.0963 3712 Rasl2tp - ok
22:18:47.0986 3712 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
22:18:48.0021 3712 RasMan - ok
22:18:48.0039 3712 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
22:18:48.0085 3712 RasPppoe - ok
22:18:48.0102 3712 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
22:18:48.0143 3712 RasSstp - ok
22:18:48.0171 3712 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
22:18:48.0204 3712 rdbss - ok
22:18:48.0220 3712 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
22:18:48.0257 3712 rdpbus - ok
22:18:48.0273 3712 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
22:18:48.0305 3712 RDPCDD - ok
22:18:48.0344 3712 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
22:18:48.0359 3712 RDPDR - ok
22:18:48.0366 3712 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
22:18:48.0406 3712 RDPENCDD - ok
22:18:48.0434 3712 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
22:18:48.0465 3712 RDPREFMP - ok
22:18:48.0499 3712 [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
22:18:48.0511 3712 RdpVideoMiniport - ok
22:18:48.0545 3712 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
22:18:48.0575 3712 RDPWD - ok
22:18:48.0599 3712 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
22:18:48.0610 3712 rdyboost - ok
22:18:48.0632 3712 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
22:18:48.0677 3712 RemoteAccess - ok
22:18:48.0706 3712 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
22:18:48.0743 3712 RemoteRegistry - ok
22:18:48.0773 3712 [ 7B04C9843921AB1F695FB395422C5360 ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys
22:18:48.0785 3712 RimUsb - ok
22:18:48.0807 3712 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
22:18:48.0839 3712 RpcEptMapper - ok
22:18:48.0851 3712 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
22:18:48.0866 3712 RpcLocator - ok
22:18:48.0883 3712 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
22:18:48.0918 3712 RpcSs - ok
22:18:48.0935 3712 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
22:18:48.0968 3712 rspndr - ok
22:18:48.0987 3712 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
22:18:49.0021 3712 s3cap - ok
22:18:49.0046 3712 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
22:18:49.0059 3712 SamSs - ok
22:18:49.0131 3712 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
22:18:49.0167 3712 SASDIFSV - ok
22:18:49.0187 3712 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
22:18:49.0202 3712 SASKUTIL - ok
22:18:49.0224 3712 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
22:18:49.0236 3712 sbp2port - ok
22:18:49.0264 3712 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
22:18:49.0299 3712 SCardSvr - ok
22:18:49.0315 3712 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
22:18:49.0360 3712 scfilter - ok
22:18:49.0396 3712 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
22:18:49.0449 3712 Schedule - ok
22:18:49.0474 3712 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
22:18:49.0505 3712 SCPolicySvc - ok
22:18:49.0526 3712 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
22:18:49.0542 3712 SDRSVC - ok
22:18:49.0564 3712 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
22:18:49.0611 3712 secdrv - ok
22:18:49.0630 3712 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
22:18:49.0663 3712 seclogon - ok
22:18:49.0680 3712 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
22:18:49.0726 3712 SENS - ok
22:18:49.0750 3712 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
22:18:49.0780 3712 SensrSvc - ok
22:18:49.0804 3712 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
22:18:49.0834 3712 Serenum - ok
22:18:49.0854 3712 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
22:18:49.0885 3712 Serial - ok
22:18:49.0905 3712 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
22:18:49.0930 3712 sermouse - ok
22:18:49.0964 3712 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
22:18:50.0009 3712 SessionEnv - ok
22:18:50.0031 3712 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
22:18:50.0047 3712 sffdisk - ok
22:18:50.0062 3712 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
22:18:50.0095 3712 sffp_mmc - ok
22:18:50.0116 3712 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
22:18:50.0131 3712 sffp_sd - ok
22:18:50.0144 3712 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
22:18:50.0158 3712 sfloppy - ok
22:18:50.0184 3712 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
22:18:50.0218 3712 SharedAccess - ok
22:18:50.0250 3712 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:18:50.0293 3712 ShellHWDetection - ok
22:18:50.0314 3712 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
22:18:50.0325 3712 SiSRaid2 - ok
22:18:50.0340 3712 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
22:18:50.0351 3712 SiSRaid4 - ok
22:18:50.0371 3712 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
22:18:50.0405 3712 Smb - ok
22:18:50.0425 3712 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
22:18:50.0453 3712 SNMPTRAP - ok
22:18:50.0476 3712 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
22:18:50.0487 3712 spldr - ok
22:18:50.0519 3712 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
22:18:50.0538 3712 Spooler - ok
22:18:50.0606 3712 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
22:18:50.0668 3712 sppsvc - ok
22:18:50.0684 3712 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
22:18:50.0717 3712 sppuinotify - ok
22:18:50.0820 3712 [ D494597E8C665F2D515D9D24FA9616EF ] SQLAgent$SQLLANSWEEPER2K8 C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLLANSWEEPER2K8\MSSQL\Binn\SQLAGENT.EXE
22:18:50.0851 3712 SQLAgent$SQLLANSWEEPER2K8 - ok
22:18:50.0925 3712 [ B54B48F6D92423440C264E91225C5FF1 ] SQLBrowser C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
22:18:50.0954 3712 SQLBrowser - ok
22:18:51.0024 3712 [ C298D989D717CB153702E397B6D9AAAD ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
22:18:51.0055 3712 SQLWriter - ok
22:18:51.0097 3712 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
22:18:51.0134 3712 srv - ok
22:18:51.0164 3712 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
22:18:51.0204 3712 srv2 - ok
22:18:51.0244 3712 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
22:18:51.0257 3712 srvnet - ok
22:18:51.0284 3712 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
22:18:51.0332 3712 SSDPSRV - ok
22:18:51.0359 3712 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
22:18:51.0392 3712 SstpSvc - ok
22:18:51.0446 3712 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
22:18:51.0494 3712 Stereo Service - ok
22:18:51.0528 3712 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
22:18:51.0538 3712 stexstor - ok
22:18:51.0568 3712 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
22:18:51.0592 3712 stisvc - ok
22:18:51.0615 3712 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
22:18:51.0630 3712 storflt - ok
22:18:51.0652 3712 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
22:18:51.0661 3712 storvsc - ok
22:18:51.0682 3712 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
22:18:51.0693 3712 swenum - ok
22:18:51.0713 3712 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
22:18:51.0763 3712 swprv - ok
22:18:51.0789 3712 [ C3A39C4079305480972D29C44B868C78 ] Synth3dVsc C:\Windows\system32\drivers\synth3dvsc.sys
22:18:51.0799 3712 Synth3dVsc - ok
22:18:51.0870 3712 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
22:18:51.0931 3712 SysMain - ok
22:18:51.0955 3712 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:18:51.0988 3712 TabletInputService - ok
22:18:52.0013 3712 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
22:18:52.0058 3712 TapiSrv - ok
22:18:52.0079 3712 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
22:18:52.0112 3712 TBS - ok
22:18:52.0165 3712 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
22:18:52.0197 3712 Tcpip - ok
22:18:52.0222 3712 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
22:18:52.0255 3712 TCPIP6 - ok
22:18:52.0275 3712 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
22:18:52.0288 3712 tcpipreg - ok
22:18:52.0319 3712 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
22:18:52.0332 3712 TDPIPE - ok
22:18:52.0354 3712 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
22:18:52.0381 3712 TDTCP - ok
22:18:52.0406 3712 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
22:18:52.0438 3712 tdx - ok
22:18:52.0448 3712 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
22:18:52.0463 3712 TermDD - ok
22:18:52.0481 3712 [ 2B5BDFF688EC9871D7EC5837833374E9 ] terminpt C:\Windows\system32\drivers\terminpt.sys
22:18:52.0513 3712 terminpt - ok
22:18:52.0548 3712 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
22:18:52.0585 3712 TermService - ok
22:18:52.0600 3712 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
22:18:52.0619 3712 Themes - ok
22:18:52.0643 3712 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
22:18:52.0678 3712 THREADORDER - ok
22:18:52.0689 3712 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
22:18:52.0734 3712 TrkWks - ok
22:18:52.0780 3712 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:18:52.0839 3712 TrustedInstaller - ok
22:18:52.0859 3712 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
22:18:52.0892 3712 tssecsrv - ok
22:18:52.0912 3712 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
22:18:52.0926 3712 TsUsbFlt - ok
22:18:52.0950 3712 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
22:18:52.0974 3712 TsUsbGD - ok
22:18:53.0007 3712 [ E1748D04AE40118B62BC18AC86032192 ] tsusbhub C:\Windows\system32\drivers\tsusbhub.sys
22:18:53.0020 3712 tsusbhub - ok
22:18:53.0034 3712 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
22:18:53.0076 3712 tunnel - ok
22:18:53.0093 3712 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
22:18:53.0104 3712 uagp35 - ok
22:18:53.0124 3712 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
22:18:53.0177 3712 udfs - ok
22:18:53.0211 3712 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
22:18:53.0227 3712 UI0Detect - ok
22:18:53.0241 3712 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
22:18:53.0252 3712 uliagpkx - ok
22:18:53.0259 3712 UltiDev Web Server Pro - ok
22:18:53.0273 3712 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
22:18:53.0287 3712 umbus - ok
22:18:53.0294 3712 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
22:18:53.0322 3712 UmPass - ok
22:18:53.0355 3712 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
22:18:53.0380 3712 UmRdpService - ok
22:18:53.0420 3712 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
22:18:53.0471 3712 upnphost - ok
22:18:53.0506 3712 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
22:18:53.0526 3712 USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning
22:18:53.0526 3712 USBAAPL64 - detected UnsignedFile.Multi.Generic (1)
22:18:53.0564 3712 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
22:18:53.0577 3712 usbccgp - ok
22:18:53.0594 3712 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
22:18:53.0611 3712 usbcir - ok
22:18:53.0642 3712 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
22:18:53.0656 3712 usbehci - ok
22:18:53.0677 3712 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
22:18:53.0706 3712 usbhub - ok
22:18:53.0733 3712 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
22:18:53.0762 3712 usbohci - ok
22:18:53.0793 3712 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
22:18:53.0822 3712 usbprint - ok
22:18:53.0859 3712 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
22:18:53.0897 3712 usbscan - ok
22:18:53.0926 3712 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:18:53.0956 3712 USBSTOR - ok
22:18:53.0988 3712 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
22:18:54.0012 3712 usbuhci - ok
22:18:54.0047 3712 [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
22:18:54.0060 3712 usb_rndisx - ok
22:18:54.0066 3712 UWS HiPriv Services - ok
22:18:54.0075 3712 UWS LoPriv Services - ok
22:18:54.0099 3712 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
22:18:54.0133 3712 UxSms - ok
22:18:54.0146 3712 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
22:18:54.0161 3712 VaultSvc - ok
22:18:54.0177 3712 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
22:18:54.0187 3712 vdrvroot - ok
22:18:54.0207 3712 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
22:18:54.0261 3712 vds - ok
22:18:54.0286 3712 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
22:18:54.0301 3712 vga - ok
22:18:54.0309 3712 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
22:18:54.0351 3712 VgaSave - ok
22:18:54.0358 3712 VGPU - ok
22:18:54.0384 3712 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
22:18:54.0397 3712 vhdmp - ok
22:18:54.0443 3712 [ 906A7C6B6659A650648CF21998270945 ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
22:18:54.0481 3712 VIAHdAudAddService - ok
22:18:54.0503 3712 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
22:18:54.0513 3712 viaide - ok
22:18:54.0542 3712 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
22:18:54.0554 3712 vmbus - ok
22:18:54.0573 3712 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
22:18:54.0596 3712 VMBusHID - ok
22:18:54.0613 3712 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
22:18:54.0624 3712 volmgr - ok
22:18:54.0647 3712 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
22:18:54.0661 3712 volmgrx - ok
22:18:54.0695 3712 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
22:18:54.0709 3712 volsnap - ok
22:18:54.0724 3712 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
22:18:54.0737 3712 vsmraid - ok
22:18:54.0805 3712 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
22:18:54.0876 3712 VSS - ok
22:18:54.0883 3712 vToolbarUpdater13.2.0 - ok
22:18:54.0906 3712 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
22:18:54.0934 3712 vwifibus - ok
22:18:54.0961 3712 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
22:18:54.0998 3712 W32Time - ok
22:18:55.0014 3712 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
22:18:55.0045 3712 WacomPen - ok
22:18:55.0075 3712 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
22:18:55.0122 3712 WANARP - ok
22:18:55.0128 3712 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
22:18:55.0160 3712 Wanarpv6 - ok
22:18:55.0203 3712 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
22:18:55.0233 3712 WatAdminSvc - ok
22:18:55.0276 3712 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
22:18:55.0317 3712 wbengine - ok
22:18:55.0337 3712 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
22:18:55.0358 3712 WbioSrvc - ok
22:18:55.0378 3712 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
22:18:55.0415 3712 wcncsvc - ok
22:18:55.0436 3712 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:18:55.0455 3712 WcsPlugInService - ok
22:18:55.0480 3712 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
22:18:55.0491 3712 Wd - ok
22:18:55.0525 3712 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
22:18:55.0546 3712 Wdf01000 - ok
22:18:55.0558 3712 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
22:18:55.0594 3712 WdiServiceHost - ok
22:18:55.0600 3712 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
22:18:55.0620 3712 WdiSystemHost - ok
22:18:55.0647 3712 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
22:18:55.0682 3712 WebClient - ok
22:18:55.0708 3712 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
22:18:55.0763 3712 Wecsvc - ok
22:18:55.0800 3712 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
22:18:55.0835 3712 wercplsupport - ok
22:18:55.0849 3712 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
22:18:55.0895 3712 WerSvc - ok
22:18:55.0916 3712 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
22:18:55.0949 3712 WfpLwf - ok
22:18:55.0976 3712 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
22:18:55.0985 3712 WIMMount - ok
22:18:56.0013 3712 WinDefend - ok
22:18:56.0027 3712 WinHttpAutoProxySvc - ok
22:18:56.0072 3712 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
22:18:56.0106 3712 Winmgmt - ok
22:18:56.0157 3712 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
22:18:56.0206 3712 WinRM - ok
22:18:56.0234 3712 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
22:18:56.0252 3712 WinUsb - ok
22:18:56.0298 3712 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
22:18:56.0344 3712 Wlansvc - ok
22:18:56.0441 3712 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:18:56.0486 3712 wlidsvc - ok
22:18:56.0499 3712 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
22:18:56.0529 3712 WmiAcpi - ok
22:18:56.0560 3712 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
22:18:56.0585 3712 wmiApSrv - ok
22:18:56.0615 3712 WMPNetworkSvc - ok
22:18:56.0639 3712 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
22:18:56.0655 3712 WPCSvc - ok
22:18:56.0672 3712 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
22:18:56.0689 3712 WPDBusEnum - ok
22:18:56.0715 3712 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
22:18:56.0748 3712 ws2ifsl - ok
22:18:56.0765 3712 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
22:18:56.0797 3712 wscsvc - ok
22:18:56.0804 3712 WSearch - ok
22:18:56.0887 3712 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
22:18:56.0935 3712 wuauserv - ok
22:18:56.0962 3712 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
22:18:56.0989 3712 WudfPf - ok
22:18:57.0012 3712 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
22:18:57.0042 3712 WUDFRd - ok
22:18:57.0078 3712 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
22:18:57.0107 3712 wudfsvc - ok
22:18:57.0138 3712 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
22:18:57.0159 3712 WwanSvc - ok
22:18:57.0176 3712 ================ Scan global ===============================
22:18:57.0201 3712 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
22:18:57.0234 3712 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
22:18:57.0243 3712 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
22:18:57.0277 3712 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
22:18:57.0297 3712 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
22:18:57.0299 3712 [Global] - ok
22:18:57.0302 3712 ================ Scan MBR ==================================
22:18:57.0312 3712 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:18:57.0562 3712 \Device\Harddisk0\DR0 - ok
22:18:57.0567 3712 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
22:18:58.0490 3712 \Device\Harddisk1\DR1 - ok
22:18:58.0496 3712 ================ Scan VBR ==================================
22:18:58.0507 3712 [ 883FF5AE54A479A73EE6EF5328F28FDE ] \Device\Harddisk0\DR0\Partition1
22:18:58.0509 3712 \Device\Harddisk0\DR0\Partition1 - ok
22:18:58.0525 3712 [ 09E145BB0FF09C9D85B81E92909277FA ] \Device\Harddisk0\DR0\Partition2
22:18:58.0527 3712 \Device\Harddisk0\DR0\Partition2 - ok
22:18:58.0535 3712 [ B1002D79EF2AD8894397C427BD4AB6BB ] \Device\Harddisk1\DR1\Partition1
22:18:58.0540 3712 \Device\Harddisk1\DR1\Partition1 - ok
22:18:58.0542 3712 ============================================================
22:18:58.0542 3712 Scan finished
22:18:58.0542 3712 ============================================================
22:18:58.0553 5716 Detected object count: 3
22:18:58.0553 5716 Actual detected object count: 3
22:20:13.0316 5716 Lavasoft Ad-Aware Service ( UnsignedFile.Multi.Generic ) - skipped by user
22:20:13.0316 5716 Lavasoft Ad-Aware Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:20:13.0318 5716 Printer Control ( UnsignedFile.Multi.Generic ) - skipped by user
22:20:13.0319 5716 Printer Control ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:20:13.0321 5716 USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user
22:20:13.0322 5716 USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
  • 0

#7
mariaj

mariaj

    Member

  • Topic Starter
  • Member
  • PipPip
  • 84 posts
Malwarebytes Anti-Malware (Trial) 1.70.0.1100
www.malwarebytes.org

Database version: v2013.01.30.09

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Maria :: MARIA-PC [administrator]

Protection: Enabled

30/01/2013 22:25:56
mbam-log-2013-01-30 (22-25-56).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 269540
Time elapsed: 2 minute(s), 20 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKCR\AppID\{186E19A3-B909-4F48-B687-BB81EB8BC7CE} (Trojan.BHO) -> Quarantined and deleted successfully.

Registry Values Detected: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform|playbrytetoolbar_Playbryte (PUP.PlayBryte) -> Data: -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
  • 0

#8
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,793 posts
  • MVP
Doesn't look like it is a true BSOD anyway so forget BlueScreenView for now.

There should have been an Extras file in the same folder as your OTL. If you can't find it let's try DDS instead:
Please download DDS from http://download.blee...om/sUBs/dds.com or http://download.blee...om/sUBs/dds.scr
and save it to your desktop.

* Disable any script blocking protection
* Double click dds.pif to run the tool. (Vista and Win 7 please right click and Run As Admin)
* When done, two DDS.txt's will open.
* Save both reports to your desktop.

---------------------------------------------------
Please include the contents of the following in your next reply:

DDS.txt
Attach.txt.



Can you clear the alarms now? Reboot Then run VEW again.
  • 0

#9
mariaj

mariaj

    Member

  • Topic Starter
  • Member
  • PipPip
  • 84 posts
01/30/2013 23:22
Scan of all local drives

File C:\Users\Maria\AppData\Local\DirectDownloader\directdownloader.exe is infected by Win32:Adware-gen [Adw], Moved to chest
File C:\Users\Maria\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\quarantine.db|>data Error 42125 {ZIP archive is corrupted.}
File E:\documents\e-books\conspiracy\Brice Taylor - Thanks For The Memories.zip|>Brice Taylor - Thanks For The Memories\Images from Book\Appendix\scan0004.jpg Error 42125 {ZIP archive is corrupted.}
File E:\documents\e-books\conspiracy\Brice Taylor - Thanks For The Memories.zip|>Brice Taylor - Thanks For The Memories\Images from Book\Appendix\scan0009.jpg Error 42125 {ZIP archive is corrupted.}
File E:\documents\e-books\conspiracy\Brice Taylor - Thanks For The Memories.zip|>Brice Taylor - Thanks For The Memories\Images from Book\Appendix\scan0017.jpg Error 42125 {ZIP archive is corrupted.}
File E:\documents\e-books\conspiracy\Brice Taylor - Thanks For The Memories.zip|>Brice Taylor - Thanks For The Memories\Images from Book\Appendix\scan0028.jpg Error 42125 {ZIP archive is corrupted.}
File E:\documents\e-books\conspiracy\Brice Taylor - Thanks For The Memories.zip|>Brice Taylor - Thanks For The Memories\Mind Control - Brice Taylor.doc Error 42125 {ZIP archive is corrupted.}
Number of searched folders: 24732
Number of tested files: 565511
Number of infected files: 1


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 26/06/2012 12:21:04
System Uptime: 30/01/2013 23:22:43 (2 hours ago)
.
Motherboard: ECS | | MCP61M-M3
Processor: AMD Sempron™ 145 Processor | CPU 1 | 2800/200mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 149 GiB total, 107.278 GiB free.
D: is CDROM ()
E: is FIXED (NTFS) - 1397 GiB total, 1145.694 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {36fc9e60-c465-11cf-8056-444553540000}
Description: Unknown Device
Device ID: USB\VID_0000&PID_0000\6&72D6705&0&4
Manufacturer: (Standard USB Host Controller)
Name: Unknown Device
PNP Device ID: USB\VID_0000&PID_0000\6&72D6705&0&4
Service:
.
==== System Restore Points ===================
.
RP98: 14/01/2013 19:35:23 - Installed Zune 4.8
RP99: 29/01/2013 21:58:52 - ARO 2012 - Before Installation
RP100: 29/01/2013 22:00:07 - ARO 2012 - FIRST RUN
RP101: 29/01/2013 22:15:56 - ARO 2012 Tue, Jan 29, 13 22:15
RP102: 30/01/2013 21:49:24 - OTL Restore Point - 30/01/2013 21:49:22
RP103: 30/01/2013 22:52:54 - avast! Free Antivirus Setup
RP104: 30/01/2013 23:05:18 - Removed AVG 2012
RP105: 30/01/2013 23:08:16 - Removed AVG 2012
.
==== Installed Programs ======================
.
ABBYY FineReader 6.0 Sprint
Ad-Aware
Adobe Flash Player 11 ActiveX
Adobe Reader X (10.1.4)
Apple Application Support
Apple Mobile Device Support
Apple Software Update
avast! Free Antivirus
AVG Anti-Spyware 7.5
BitComet 1.32 64-bit
Bonjour
Canon Easy-PhotoPrint EX
Canon Easy-WebPrint EX
Canon MG4100 series MP Drivers
Canon MG4100 series On-screen Manual
Canon MG4100 series User Registration
Canon MP Navigator EX 5.0
Canon My Printer
Canon Solution Menu EX
CCleaner
ConvertXtoDVD 4.1.19.365
Creative Jukebox Driver
Creative MediaSource 5
D3DX10
DirectDownloader
Download Manager and Options
Express Zip
Free Video Converter V 3.1
Google Toolbar for Internet Explorer
Google Update Helper
Internet TV for Windows Media Center
iTunes
Junk Mail filter update
Malwarebytes Anti-Malware version 1.70.0.1100
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Publisher 98
Microsoft Silverlight
Microsoft SQL Server 2008
Microsoft SQL Server 2008 Browser
Microsoft SQL Server 2008 Common Files
Microsoft SQL Server 2008 Database Engine Services
Microsoft SQL Server 2008 Database Engine Shared
Microsoft SQL Server 2008 Native Client
Microsoft SQL Server 2008 RsFx Driver
Microsoft SQL Server 2008 Setup Support Files
Microsoft SQL Server VSS Writer
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
NirSoft BlueScreenView
NVIDIA 3D Vision Driver 306.97
NVIDIA Control Panel 306.97
NVIDIA Drivers
NVIDIA Graphics Driver 306.97
NVIDIA HD Audio Driver 1.1.13.1
NVIDIA Install Application
NVIDIA PhysX
NVIDIA PhysX System Software 9.10.0514
NVIDIA Stereoscopic 3D Driver
NVIDIA Update 1.10.8
NVIDIA Update Components
Prism Video File Converter
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
Service Pack 2 for SQL Server 2008 (KB2285068)
Speccy
Sql Server Customer Experience Improvement Program
SUPERAntiSpyware
Switch Sound File Converter
UltiDev Web Server Pro
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760586) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VC80CRTRedist - 8.0.50727.6195
VideoFileDownload
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
Visual Studio 2008 x64 Redistributables
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live MIME IFilter
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
.
==== Event Viewer Messages From Past Week ========
.
30/01/2013 23:01:11, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Live ID Sign-in Assistant service to connect.
30/01/2013 23:01:11, Error: Service Control Manager [7000] - The Windows Live ID Sign-in Assistant service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
.
==== End Of File ===========================



DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16457
Run by Maria at 1:21:23 on 2013-01-31
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.44.1033.18.4095.2164 [GMT 0:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLLANSWEEPER2K8\MSSQL\Binn\sqlservr.exe
C:\Windows\system32\PrintCtrl.exe
C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Windows\system32\PrintDisp.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Windows\System32\PrintDisp.exe
C:\Program Files (x86)\Creative\MediaSource5\MtdAcqu.exe
C:\Program Files (x86)\Creative\Sync Manager Unicode\CTSyncU.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
C:\Program Files (x86) (x86)\Lexmark X5400 Series\lxdvamon.exe
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Program Files (x86)\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\SysWOW64\CTPdeSrv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\splwow64.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_146_ActiveX.exe
C:\_OTL\MovedFiles\01302013_213200\C_Program Files\BitComet\BitComet.exe
C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.co.uk/
mWinlogon: Userinit = userinit.exe,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
BHO: BitComet Helper: {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\_OTL\MovedFiles\01302013_213200\C_Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
EB: Canon Easy-WebPrint EX: {21347690-EC41-4F9A-8887-1F4AEE672439} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
uRun: [MtdAcqu] "C:\Program Files (x86)\Creative\MediaSource5\MtdAcqu.exe" /s
uRun: [CTSyncU.exe] "C:\Program Files (x86)\Creative\Sync Manager Unicode\CTSyncU.exe"
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
mRun: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
mRun: [lxdvmon.exe] "C:\Program Files (x86) (x86)\Lexmark X5400 Series\lxdvmon.exe"
mRun: [lxdvamon] "C:\Program Files (x86) (x86)\Lexmark X5400 Series\lxdvamon.exe"
mRun: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [!AVG Anti-Spyware] "C:\Program Files (x86)\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
StartupFolder: C:\Users\Maria\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: &D&ownload &with BitComet - C:\_OTL\MovedFiles\01302013_213200\C_Program Files\BitComet\BitComet.exe/AddLink.htm
IE: &D&ownload all with BitComet - C:\_OTL\MovedFiles\01302013_213200\C_Program Files\BitComet\BitComet.exe/AddAllLink.htm
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\_OTL\MovedFiles\01302013_213200\C_Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll/206
DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab
TCP: NameServer = 192.168.1.1 192.168.1.1
TCP: Interfaces\{2EAA0504-CAA8-4EFA-8AE9-157D25CC463F} : DHCPNameServer = 192.168.1.1 192.168.1.1
TCP: Interfaces\{47DF5E8B-3C38-4A49-8AE4-17BA667E0764} : DHCPNameServer = 192.168.42.129
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
SEH: {57B86673-276A-48B2-BAE7-C6DBB3020EB8} - <orphaned>
x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
x64-Run: [PrintDisp] C:\Windows\System32\PrintDisp.exe
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 Lbd;Lbd;C:\Windows\System32\drivers\Lbd.sys [2012-12-14 69152]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2013-1-30 984144]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2013-1-30 370288]
R1 AVG Anti-Spyware Driver;AVG Anti-Spyware Driver;C:\Program Files (x86)\Grisoft\AVG Anti-Spyware 7.5\guard64.sys [2007-5-30 12024]
R1 AvgAsC64;AVG Anti-Spyware Clean Driver;C:\Windows\System32\drivers\AvgAsC64.sys [2012-12-13 14072]
R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2012-8-27 30568]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2011-8-11 140672]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2013-1-30 25232]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-1-30 71600]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-1-30 44808]
R2 AVG Anti-Spyware Guard;AVG Anti-Spyware Guard;C:\Program Files (x86)\Grisoft\AVG Anti-Spyware 7.5\guard.exe [2007-5-30 312880]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2010-8-12 1737728]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-1-30 398184]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-1-30 682344]
R2 MSSQL$SQLLANSWEEPER2K8;SQL Server (SQLLANSWEEPER2K8);C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLLANSWEEPER2K8\MSSQL\Binn\sqlservr.exe [2010-9-17 42773336]
R2 Printer Control;Printer Control;C:\Windows\System32\PrintCtrl.exe [2012-11-25 93696]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-2 382824]
R3 Lavasoft Kernexplorer;Lavasoft helper driver;C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys [2010-8-12 17152]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-1-30 24176]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\System32\drivers\viahduaa.sys [2012-6-29 1250816]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2012-9-19 102368]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2011-4-12 71168]
S3 Jukebox3_x64;Jukebox3_x64;C:\Windows\System32\drivers\ctpdusbx.sys [2012-7-12 21888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-21 20992]
S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2011-4-12 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2011-4-12 34816]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2011-4-12 117248]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-7-9 52736]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-6-26 1255736]
S4 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service;C:\Program Files\BitComet\tools\BitCometService.exe -service --> C:\Program Files\BitComet\tools\BitCometService.exe -service [?]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files (x86)\Microsoft SQL Server\100\Shared\sqladhlp.exe [2010-9-19 47128]
S4 SQLAgent$SQLLANSWEEPER2K8;SQL Server Agent (SQLLANSWEEPER2K8);C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLLANSWEEPER2K8\MSSQL\Binn\SQLAGENT.EXE [2010-9-17 370008]
S4 UltiDev Web Server Pro;UltiDev Web Server Pro;"C:\Program Files (x86)\UltiDev\Web Server\UltiDev.WebServer.Monitor.exe" --> C:\Program Files (x86)\UltiDev\Web Server\UltiDev.WebServer.Monitor.exe [?]
S4 UWS HiPriv Services;UWS HiPriv Services;"C:\Program Files (x86)\UltiDev\Web Server\UWS.HighPrivilegeUtilities.exe" --> C:\Program Files (x86)\UltiDev\Web Server\UWS.HighPrivilegeUtilities.exe [?]
S4 UWS LoPriv Services;UWS LoPriv Services;"C:\Program Files (x86)\UltiDev\Web Server\UWS.LowPrivilegeUtilities.exe" --> C:\Program Files (x86)\UltiDev\Web Server\UWS.LowPrivilegeUtilities.exe [?]
S4 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe --> C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [?]
.
=============== File Associations ===============
.
ShellExec: switch.exe: open="C:\Program Files (x86)\NCH Software\Switch\switch" "%L"
.
=============== Created Last 30 ================
.
2013-01-31 00:49:32 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0CD38535-A6A4-40BD-89C0-E2AC6D771FF9}\offreg.dll
2013-01-30 23:13:54 -------- d-----w- C:\Users\Maria\AppData\Roaming\BitComet
2013-01-30 22:54:05 54072 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2013-01-30 22:54:02 984144 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2013-01-30 22:53:58 71600 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2013-01-30 22:53:20 41224 ----a-w- C:\Windows\avastSS.scr
2013-01-30 22:53:01 -------- d-----w- C:\ProgramData\AVAST Software
2013-01-30 22:53:01 -------- d-----w- C:\Program Files\AVAST Software
2013-01-30 22:24:37 -------- d-----w- C:\Users\Maria\AppData\Roaming\Malwarebytes
2013-01-30 22:24:25 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-01-30 22:24:25 -------- d-----w- C:\ProgramData\Malwarebytes
2013-01-30 22:24:25 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-01-30 21:32:00 -------- d-----w- C:\_OTL
2013-01-30 19:27:32 -------- d-----w- C:\Program Files (x86)\NirSoft
2013-01-30 19:11:38 -------- d-----w- C:\Users\Maria\AppData\Local\{A386BA0E-369B-4EFB-A1CD-6E648EF96EBD}
2013-01-30 15:49:55 -------- d-----w- C:\MGADiagToolOutput
2013-01-30 07:10:59 -------- d-----w- C:\Users\Maria\AppData\Local\{DED8AF24-425E-4D87-BDDE-A0A0D466CE34}
2013-01-29 16:21:54 -------- d-----w- C:\Users\Maria\AppData\Local\{CEE2EDA0-E652-41D9-A463-CF6DADEA3439}
2013-01-29 13:04:08 -------- d-----w- C:\Users\Maria\AppData\Local\{65246282-C181-4425-8DED-A4E1253AFBE4}
2013-01-29 10:07:30 -------- d-----w- C:\Users\Maria\AppData\Local\{B83E2A00-3E53-44ED-836A-8C9A8ED2E99C}
2013-01-29 09:59:39 -------- d-----w- C:\Users\Maria\AppData\Local\{D24C1401-5812-4168-B9EA-7C2CA7AFA617}
2013-01-28 21:43:06 -------- d-----w- C:\Users\Maria\AppData\Local\{E716571A-E193-4D7F-9F6A-B3B1D8B22498}
2013-01-28 09:01:49 -------- d-----w- C:\Users\Maria\AppData\Local\{27AB5A39-01AB-463D-9CE4-FA186A4E38B1}
2013-01-27 21:01:13 -------- d-----w- C:\Users\Maria\AppData\Local\{7A94EC17-43F9-40C4-A62B-890E9000A3ED}
2013-01-27 09:00:35 -------- d-----w- C:\Users\Maria\AppData\Local\{92A14130-D930-466C-B86F-4BBE84743726}
2013-01-26 21:00:13 -------- d-----w- C:\Users\Maria\AppData\Local\{28D92090-C799-4240-8D67-36294CFBFA74}
2013-01-26 08:59:42 -------- d-----w- C:\Users\Maria\AppData\Local\{2F53974D-24E7-42BB-8ABD-FA20BB113448}
2013-01-25 20:59:28 -------- d-----w- C:\Users\Maria\AppData\Local\{C99A2AD4-1988-4FEE-8A22-97821FEC8F09}
2013-01-25 08:59:11 -------- d-----w- C:\Users\Maria\AppData\Local\{8051CAA5-D9CE-4719-8688-8BE32C326F79}
2013-01-24 20:58:46 -------- d-----w- C:\Users\Maria\AppData\Local\{C98161FE-F877-4C1F-96BF-827B620A6A3A}
2013-01-24 08:58:30 -------- d-----w- C:\Users\Maria\AppData\Local\{D89E7547-1159-4AEB-A071-65D5DAA057A8}
2013-01-24 00:08:24 -------- d-----w- C:\ProgramData\Oberon Media
2013-01-24 00:08:01 -------- d-----w- C:\Program Files\Core Temp
2013-01-24 00:06:32 -------- d-----w- C:\ProgramData\APN
2013-01-23 20:57:51 -------- d-----w- C:\Users\Maria\AppData\Local\{E56D18CC-D84B-47E2-8FBB-6DF08660A79D}
2013-01-23 15:29:45 -------- d-----w- C:\Users\Maria\AppData\Roaming\ExpressFiles
2013-01-23 14:56:30 -------- d-----w- C:\Program Files (x86)\SpeedyPC Software
2013-01-23 08:57:36 -------- d-----w- C:\Users\Maria\AppData\Local\{5E43F8EB-CC7B-46FE-9A68-21D4C9F0B2A9}
2013-01-23 03:19:31 -------- d-----w- C:\Users\Maria\AppData\Local\{6DFFB077-13D0-435B-9D39-C9203F91DFAB}
2013-01-22 12:04:35 -------- d-----w- C:\Users\Maria\AppData\Local\{46E3DDFB-A00C-4E63-A81A-F27C46C7D991}
2013-01-22 00:04:13 -------- d-----w- C:\Users\Maria\AppData\Local\{79D28180-E19B-431C-A97A-4A6ECC1FB9C9}
2013-01-21 12:03:38 -------- d-----w- C:\Users\Maria\AppData\Local\{F2F6042E-8919-4495-9656-C5F45DF3ECA0}
2013-01-20 21:50:27 -------- d-----w- C:\Users\Maria\AppData\Local\{3ED34A04-9AEA-41CD-B7D9-077214A75410}
2013-01-20 09:50:01 -------- d-----w- C:\Users\Maria\AppData\Local\{83CF9621-7D5D-413F-A142-DA06A6D2BF84}
2013-01-19 21:49:43 -------- d-----w- C:\Users\Maria\AppData\Local\{D923A53F-C29E-412D-95AF-8E781E303799}
2013-01-19 09:49:29 -------- d-----w- C:\Users\Maria\AppData\Local\{B1CF1034-93F8-4EEA-80B5-E19CB86DBC9D}
2013-01-18 21:49:08 -------- d-----w- C:\Users\Maria\AppData\Local\{0AE9B0E4-FB85-484B-9B32-0E20F7E15CCA}
2013-01-18 09:48:40 -------- d-----w- C:\Users\Maria\AppData\Local\{4C501722-561F-42E0-B104-86E863313DED}
2013-01-17 21:48:23 -------- d-----w- C:\Users\Maria\AppData\Local\{770B40D0-C8B7-4BC0-8077-40B256B6A694}
2013-01-17 09:47:05 -------- d-----w- C:\Users\Maria\AppData\Local\{1005EB38-76BF-4215-8D19-A293B38562DD}
2013-01-16 21:46:08 -------- d-----w- C:\Users\Maria\AppData\Local\{19B8CBD4-9B26-4EEB-A4E6-8A4C4EB9087E}
2013-01-16 09:45:33 -------- d-----w- C:\Users\Maria\AppData\Local\{241B08ED-C5AC-4593-A73C-7AB8E8BF644F}
2013-01-15 21:45:00 -------- d-----w- C:\Users\Maria\AppData\Local\{0B2A3303-1759-4045-B3E4-8C701B584560}
2013-01-15 09:44:46 -------- d-----w- C:\Users\Maria\AppData\Local\{2237CE4A-C3AE-4114-A84A-17F29E354D75}
2013-01-14 19:44:06 -------- d-----r- C:\Users\Maria\Podcasts
2013-01-14 19:42:45 -------- d-----w- C:\Windows\System32\drivers\UMDF\ko-KR
2013-01-14 19:42:28 -------- d-----w- C:\Windows\System32\drivers\UMDF\nb-NO
2013-01-14 19:41:56 -------- d-----w- C:\Windows\System32\drivers\UMDF\zh-TW
2013-01-14 19:41:51 -------- d-----w- C:\Windows\System32\drivers\UMDF\ru-RU
2013-01-14 19:41:27 -------- d-----w- C:\Windows\System32\drivers\UMDF\ja-JP
2013-01-14 19:41:12 -------- d-----w- C:\Windows\System32\drivers\UMDF\pt-PT
2013-01-14 19:41:09 -------- d-----w- C:\Windows\System32\drivers\UMDF\nl-NL
2013-01-14 19:41:05 -------- d-----w- C:\Windows\System32\drivers\UMDF\it-IT
2013-01-14 19:40:45 -------- d-----w- C:\Windows\System32\drivers\UMDF\es-ES
2013-01-14 14:50:34 -------- d-----w- C:\Users\Maria\AppData\Local\{CDB89AB3-828C-4756-8F9E-CA6C2CB99465}
2013-01-14 02:50:21 -------- d-----w- C:\Users\Maria\AppData\Local\{F42792AC-6027-4150-B1A9-170F10572549}
2013-01-13 14:49:58 -------- d-----w- C:\Users\Maria\AppData\Local\{C8D1775C-A2F8-4C00-9DD1-2972FB3D98B8}
2013-01-13 02:49:34 -------- d-----w- C:\Users\Maria\AppData\Local\{13DDC374-9E98-4CC4-B869-07243F5CAF5D}
2013-01-12 14:49:15 -------- d-----w- C:\Users\Maria\AppData\Local\{BFC02536-52F4-4878-8C74-EE44A01EE517}
2013-01-12 02:48:56 -------- d-----w- C:\Users\Maria\AppData\Local\{D29D29DB-6835-452F-8F8E-483C6DF126CD}
2013-01-11 14:48:30 -------- d-----w- C:\Users\Maria\AppData\Local\{3906CD8F-EA53-4C05-AACE-2297E580E691}
2013-01-11 02:47:43 -------- d-----w- C:\Users\Maria\AppData\Local\{4B3416CF-A999-4B24-8DE2-D410C6A3692E}
2013-01-10 14:47:27 -------- d-----w- C:\Users\Maria\AppData\Local\{548456A8-D3FA-485C-A547-B4EBAB2CA4B9}
2013-01-10 07:21:32 750592 ----a-w- C:\Windows\System32\win32spl.dll
2013-01-10 07:21:32 492032 ----a-w- C:\Windows\SysWow64\win32spl.dll
2013-01-10 07:20:58 2002432 ----a-w- C:\Windows\System32\msxml6.dll
2013-01-10 07:20:57 1882624 ----a-w- C:\Windows\System32\msxml3.dll
2013-01-10 07:20:57 1389568 ----a-w- C:\Windows\SysWow64\msxml6.dll
2013-01-10 07:20:57 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
2013-01-10 07:20:48 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2013-01-10 07:20:48 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2013-01-10 07:17:50 424448 ----a-w- C:\Windows\System32\KernelBase.dll
2013-01-10 07:16:51 68608 ----a-w- C:\Windows\System32\taskhost.exe
2013-01-10 07:16:50 3149824 ----a-w- C:\Windows\System32\win32k.sys
2013-01-10 02:46:56 -------- d-----w- C:\Users\Maria\AppData\Local\{83ACD073-0755-4B7C-B694-C730991DF76E}
2013-01-09 14:46:34 -------- d-----w- C:\Users\Maria\AppData\Local\{9A172BBA-922A-4857-90F6-276AC4F33FFF}
2013-01-09 02:46:13 -------- d-----w- C:\Users\Maria\AppData\Local\{F32CE926-3292-41E2-BC56-9135692C2F87}
2013-01-08 14:45:44 -------- d-----w- C:\Users\Maria\AppData\Local\{2AD2D624-2DB2-4B85-99F7-77A211420702}
2013-01-08 02:45:30 -------- d-----w- C:\Users\Maria\AppData\Local\{64F51B91-4184-42EB-9DB4-50E3D4B76754}
2013-01-07 14:44:54 -------- d-----w- C:\Users\Maria\AppData\Local\{652EAA35-3780-44D4-8C53-BC43CA1C240D}
2013-01-07 02:44:35 -------- d-----w- C:\Users\Maria\AppData\Local\{DBC335B4-AB4C-4EEB-8087-A3CAD621C5E2}
2013-01-06 14:44:13 -------- d-----w- C:\Users\Maria\AppData\Local\{4CD17D0E-C720-4195-993E-6D3BDDBE34DE}
2013-01-06 02:43:50 -------- d-----w- C:\Users\Maria\AppData\Local\{FA3E709E-85D3-46C5-BCF2-4EAF4B527F94}
2013-01-05 14:43:03 -------- d-----w- C:\Users\Maria\AppData\Local\{78B7C3E0-C256-41AD-9D01-84234DBAF02C}
2013-01-05 02:42:23 -------- d-----w- C:\Users\Maria\AppData\Local\{DC8E0DF8-600A-41B5-B896-55804F6BB60A}
2013-01-04 20:29:28 50200 ----a-w- C:\Windows\SysWow64\perf-SQLAgent$SQLLANSWEEPER2K8-sqlagtctr10.2.4000.0.dll
2013-01-04 20:29:11 72536 ----a-w- C:\Windows\SysWow64\perf-MSSQL$SQLLANSWEEPER2K8-sqlctr10.2.4000.0.dll
2013-01-04 20:26:33 -------- d-----w- C:\Windows\SysWow64\1033
2013-01-04 20:26:33 -------- d-----w- C:\Windows\System32\1033
2013-01-04 20:26:33 -------- d-----w- C:\Program Files\Microsoft SQL Server
2013-01-04 20:16:18 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server
2013-01-04 18:56:56 -------- d-----w- C:\Program Files\Speccy
2013-01-04 14:42:10 -------- d-----w- C:\Users\Maria\AppData\Local\{DA66E36C-C173-4457-B624-9CB755B4DEC3}
2013-01-04 02:39:27 -------- d-----w- C:\Users\Maria\AppData\Local\{E714AC37-568B-4600-8723-0028EC6686FF}
2013-01-03 20:46:04 -------- d-----w- C:\Users\Maria\AppData\Local\LG Electronics
2013-01-03 20:44:42 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
2013-01-03 19:59:02 770384 ----a-w- C:\Windows\SysWow64\msvcr100.dll
2013-01-03 19:59:02 655872 ----a-w- C:\Windows\SysWow64\msvcr90.dll
2013-01-03 19:59:02 568832 ----a-w- C:\Windows\SysWow64\msvcp90.dll
2013-01-03 19:59:02 4342088 ----a-w- C:\Windows\SysWow64\mfc100.dll
2013-01-03 19:59:02 421200 ----a-w- C:\Windows\SysWow64\msvcp100.dll
2013-01-03 19:59:02 224768 ----a-w- C:\Windows\SysWow64\msvcm90.dll
2013-01-03 19:58:52 82432 ----a-w- C:\Windows\SysWow64\msxml4r.dll
2013-01-03 19:58:52 53248 ----a-w- C:\Windows\SysWow64\CommonDL.dll
2013-01-03 19:58:52 44544 ----a-w- C:\Windows\SysWow64\msxml4a.dll
2013-01-03 19:58:43 -------- d-----w- C:\ProgramData\LGMOBILEAX
2013-01-03 14:39:01 -------- d-----w- C:\Users\Maria\AppData\Local\{DE5F7AC4-17AB-4CE5-A549-73A19059E6D9}
2013-01-03 02:38:48 -------- d-----w- C:\Users\Maria\AppData\Local\{9305E3AD-A04F-4798-812E-DE1E7D09CFE8}
2013-01-02 14:38:22 -------- d-----w- C:\Users\Maria\AppData\Local\{41B6C7A8-DEED-44EA-A427-8D94CD1D30FC}
2013-01-02 02:38:02 -------- d-----w- C:\Users\Maria\AppData\Local\{7E2AB1F3-F508-4BCE-B5E2-C58737B01262}
2013-01-01 14:37:47 -------- d-----w- C:\Users\Maria\AppData\Local\{AE005CAF-C6C3-4947-8DD2-1A403B1BF2FE}
2013-01-01 02:37:18 -------- d-----w- C:\Users\Maria\AppData\Local\{AD1D8FE2-96A8-499E-9627-FB38D4F16541}
.
==================== Find3M ====================
.
2013-01-09 02:44:46 74248 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-09 02:44:46 697864 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-12-24 15:47:44 55384 ----a-w- C:\Windows\System32\drivers\SBREDrv.sys
2012-12-24 15:47:41 16432 ----a-w- C:\Windows\System32\lsdelete.exe
2012-12-16 17:11:22 46080 ----a-w- C:\Windows\System32\atmlib.dll
2012-12-16 14:45:03 367616 ----a-w- C:\Windows\System32\atmfd.dll
2012-12-16 14:13:28 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2012-12-16 14:13:20 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2012-12-07 13:20:16 441856 ----a-w- C:\Windows\System32\Wpc.dll
2012-12-07 13:15:31 2746368 ----a-w- C:\Windows\System32\gameux.dll
2012-12-07 12:26:17 308736 ----a-w- C:\Windows\SysWow64\Wpc.dll
2012-12-07 12:20:43 2576384 ----a-w- C:\Windows\SysWow64\gameux.dll
2012-12-07 11:20:04 30720 ----a-w- C:\Windows\System32\usk.rs
2012-12-07 11:20:03 43520 ----a-w- C:\Windows\System32\csrr.rs
2012-12-07 11:20:03 23552 ----a-w- C:\Windows\System32\oflc.rs
2012-12-07 11:20:01 45568 ----a-w- C:\Windows\System32\oflc-nz.rs
2012-12-07 11:20:01 44544 ----a-w- C:\Windows\System32\pegibbfc.rs
2012-12-07 11:20:01 20480 ----a-w- C:\Windows\System32\pegi-fi.rs
2012-12-07 11:20:00 20480 ----a-w- C:\Windows\System32\pegi-pt.rs
2012-12-07 11:19:59 20480 ----a-w- C:\Windows\System32\pegi.rs
2012-12-07 11:19:58 46592 ----a-w- C:\Windows\System32\fpb.rs
2012-12-07 11:19:57 40960 ----a-w- C:\Windows\System32\cob-au.rs
2012-12-07 11:19:57 21504 ----a-w- C:\Windows\System32\grb.rs
2012-12-07 11:19:57 15360 ----a-w- C:\Windows\System32\djctq.rs
2012-12-07 11:19:56 55296 ----a-w- C:\Windows\System32\cero.rs
2012-12-07 11:19:55 51712 ----a-w- C:\Windows\System32\esrb.rs
2012-11-30 05:45:35 362496 ----a-w- C:\Windows\System32\wow64win.dll
2012-11-30 05:45:35 243200 ----a-w- C:\Windows\System32\wow64.dll
2012-11-30 05:45:35 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2012-11-30 05:45:14 215040 ----a-w- C:\Windows\System32\winsrv.dll
2012-11-30 05:43:12 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2012-11-30 04:54:00 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2012-11-30 04:53:59 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2012-11-30 03:23:48 338432 ----a-w- C:\Windows\System32\conhost.exe
2012-11-30 02:44:06 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2012-11-30 02:44:04 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2012-11-30 02:44:04 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2012-11-30 02:44:03 2048 ----a-w- C:\Windows\SysWow64\user.exe
2012-11-30 02:38:59 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38:59 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:38:59 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38:59 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-11-22 05:44:23 800768 ----a-w- C:\Windows\System32\usp10.dll
2012-11-22 04:45:03 626688 ----a-w- C:\Windows\SysWow64\usp10.dll
2012-11-14 06:11:44 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-11-14 06:04:11 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-11-14 06:02:49 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-11-14 05:57:46 599040 ----a-w- C:\Windows\System32\vbscript.dll
2012-11-14 05:57:35 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-11-14 05:52:40 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-11-14 02:09:22 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-11-14 01:58:15 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-11-14 01:57:37 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-11-14 01:49:25 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-11-14 01:48:27 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2012-11-14 01:44:42 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-11-09 08:57:43 30568 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys
2012-11-09 05:45:09 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-11-09 04:42:49 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-11-02 05:59:11 478208 ----a-w- C:\Windows\System32\dpnet.dll
2012-11-02 05:11:31 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll
.
============= FINISH: 1:22:31.40 ===============



i dont no what you mean when you say can i clear the alarms? sorry
  • 0

#10
mariaj

mariaj

    Member

  • Topic Starter
  • Member
  • PipPip
  • 84 posts
i clicked on everything that you told me to click on earlier for this, hope that was what you wanted me to do?


Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 31/01/2013 01:30:26

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 30/01/2013 23:01:11
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Windows Live ID Sign-in Assistant service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

Log: 'System' Date/Time: 30/01/2013 23:01:11
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the Windows Live ID Sign-in Assistant service to connect.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 31/01/2013 01:13:17
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name ipv6.msftncsi.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 31/01/2013 01:13:01
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name teredo.ipv6.microsoft.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 31/01/2013 01:12:44
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name teredo.ipv6.microsoft.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 31/01/2013 01:11:56
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name www.msftncsi.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 31/01/2013 01:10:43
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name pop.tiscali.co.uk timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 31/01/2013 01:10:35
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name local-bay-people.directory.live.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 31/01/2013 01:10:25
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name login.live.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 31/01/2013 01:05:19
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name dns.msftncsi.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 31/01/2013 01:04:34
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name dns.msftncsi.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 31/01/2013 00:37:22
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name ipv6.msftncsi.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 30/01/2013 23:12:57
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name ipv6.msftncsi.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 30/01/2013 23:02:16
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name ipv6.msftncsi.com timed out after none of the configured DNS servers responded.
  • 0

Advertisements


#11
mariaj

mariaj

    Member

  • Topic Starter
  • Member
  • PipPip
  • 84 posts
hello there, just to let you know what ever the problem is its still accuring after doing everything you have suggested! i have no idea were to go from here because i think you said in a earlier reply if it wasnt alright now it wolud probably be down to software? many many thanks for all your help, maria
  • 0

#12
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,793 posts
  • MVP
Uninstall:

AVG Anti-Spyware 7.5
BitComet 1.32 64-bit

IF you have trouble uninstalling either of these get the free Revo uninstaller http://www.revounins...e_download.html and have it do it for you. Remember to right click on the Revo and Run As Admin to start it.

What is the make and model (and service tag if it has one) of this PC?

Run the memory test:



Open Memory Diagnostics Tool by clicking the Start button, and then clicking Control Panel. In the search box, type Memory, and then click Diagnose your computer's memory problems.‌ If you're prompted for an administrator password or confirmation, type the password or provide confirmation.

Choose when to run the tool. (Use Restart Now). The computer will restart. It should run the mem test. When it finishes it will boot windows. When you log on it will tell you if it found bad RAM.
  • 0

#13
mariaj

mariaj

    Member

  • Topic Starter
  • Member
  • PipPip
  • 84 posts
hello there, i ran the memory test and it came back with no errors. i have looked on my tower and i cannot find anything that suggests make,model or service tag. i have emailed the guy who supplied the tower but as yet i have not recieved a reply. many many thanks, maria
  • 0

#14
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,793 posts
  • MVP
Since it's a tower, I expect what you are seeing is the power supply going into crowbar mode for some reason. Perhaps its fan is clogged with dust or perhaps it's gotten old and marginal. I wonder if you opened the lid to the PC and disconnected the power to the CD/DVD drive if that would off-load it enough to keep it from going off? When it crashes, does it get quiet for a second, then a lot of fan noise as it boots up again? Or does freeze up and you have to force it to shutdwon?

Make sure you have it set to leave a message in the event logs in the case of a blue screen. Control Panel, System, (if you don't see system then change it to Large Icons in the drop down in the upper right.) Advanced System Settings, Advanced, Startup and Recovery - Settings. Under System Failure: Check Write an Event to the System log (if it is not checked). Uncheck: Automatically Restart. Write Debugging Information: should say Small Memory Dump and the location below it should be %SystemRoot%\Minidump. OK Then the next time it happens, run VEW as before. (Do not clear the alarms and reboot as we did previously. Just run VEW). It should stop and show you the Blue Screen of Death if it's Windows problem. If it restarts on its own I would say replace the power supply - preferably with one with a few more watts.
  • 0

#15
mariaj

mariaj

    Member

  • Topic Starter
  • Member
  • PipPip
  • 84 posts
there is no noise change what so ever before it goes off. it doesnt freeze up it just literally goes off with out any warning. i will disconnect the cd/dvd drive and make sure i set it to leave a message in the event log. mant thanks again, i will post as soon as i know something, maria
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP