Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

windows 7 Freeze after boot. [Solved]


  • This topic is locked This topic is locked

#1
DrkMachine

DrkMachine

    Member

  • Member
  • PipPipPip
  • 126 posts
Hello,

I was away for a while and apearently while I was gone my system started to freeze, so they shut it down. Upon my return I started it up and tried to figure out what was going on. The only thing that I have done was a selective start up to try and track what was causing the issue, but after disabeling all startup programs, and all services, it still froze. So after a bit more looking I was instructed to run sfc /scannow at the command prompt on safemode seing as that is the only way I can keep the system from freezing. I can post the log from that as well if needed. Again from safemode I ran OTL and here is my log. Thanks in advance for any and all assistance.

OTL logfile created on: 2/27/2013 5:43:15 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\User\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 3.03 Gb Available Physical Memory | 75.85% Memory free
8.00 Gb Paging File | 7.05 Gb Available in Paging File | 88.16% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 685.54 Gb Total Space | 389.44 Gb Free Space | 56.81% Space Free | Partition Type: NTFS
Drive D: | 3.09 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive F: | 62.47 Mb Total Space | 28.81 Mb Free Space | 46.11% Space Free | Partition Type: FAT

Computer Name: MACHINE-PC | User Name: User | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/02/27 17:08:04 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe


========== Modules (No Company Name) ==========


========== Services (SafeList) ==========

SRV:64bit: - [2012/09/27 19:38:16 | 000,239,616 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012/05/25 11:53:24 | 000,180,576 | ---- | M] (Commtouch, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Authentium\AntiVirus5\vseqrts.exe -- (vseqrts)
SRV:64bit: - [2012/05/25 11:53:20 | 000,119,136 | R--- | M] (Commtouch, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe -- (vsedsps)
SRV:64bit: - [2012/05/25 11:53:12 | 000,121,184 | R--- | M] (Commtouch, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe -- (vseamps)
SRV:64bit: - [2011/08/05 11:53:12 | 000,467,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Zune\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV:64bit: - [2011/08/05 11:53:12 | 000,306,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Zune\WMZuneComm.exe -- (WMZuneComm)
SRV:64bit: - [2011/08/05 11:53:06 | 008,277,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV:64bit: - [2009/07/20 11:36:14 | 000,160,784 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2009/07/13 19:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 19:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013/02/27 17:21:30 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/01/24 05:52:00 | 002,074,256 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe -- (DragonUpdater)
SRV - [2012/10/12 03:58:52 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/09/13 11:57:52 | 000,018,360 | ---- | M] (Overwolf Ltd) [On_Demand | Stopped] -- C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe -- (OverwolfUpdaterService)
SRV - [2012/07/27 14:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/06/02 18:32:55 | 000,066,872 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 15:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/09/27 20:21:20 | 010,697,216 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012/09/27 19:12:52 | 000,460,288 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012/05/25 11:58:30 | 000,173,408 | R--- | M] (Commtouch, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\amp.sys -- (AMP)
DRV:64bit: - [2012/05/25 11:58:28 | 001,496,416 | R--- | M] (Commtouch, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\ampse.sys -- (AMPSE)
DRV:64bit: - [2012/05/14 00:12:30 | 000,096,896 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2012/04/17 07:25:02 | 000,031,432 | ---- | M] (EldoS Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\ElRawDsk.sys -- (ElRawDisk)
DRV:64bit: - [2012/04/03 13:19:10 | 000,147,248 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:64bit: - [2012/03/26 17:42:14 | 000,138,360 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AnyDVD.sys -- (AnyDVD)
DRV:64bit: - [2012/03/01 00:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/09/27 22:15:26 | 000,012,904 | ---- | M] (UVNC BVBA) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mv2.sys -- (mv2)
DRV:64bit: - [2011/07/14 16:18:52 | 000,157,184 | ---- | M] (Razer USA Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RzSynapse.sys -- (RzSynapse)
DRV:64bit: - [2011/05/17 23:35:08 | 000,310,728 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2011/05/17 23:18:33 | 000,043,168 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2011/03/24 13:35:36 | 000,019,968 | ---- | M] (Razer USA Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rzjoystk.sys -- (rzjoystk)
DRV:64bit: - [2011/03/11 00:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 00:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/10 21:51:38 | 000,868,848 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010/12/16 16:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2010/11/20 07:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 05:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 05:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010/11/09 14:35:24 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135)
DRV:64bit: - [2010/04/12 02:55:00 | 000,091,568 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2010/03/08 13:08:36 | 000,121,800 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HtcVComV64.sys -- (HtcVCom32)
DRV:64bit: - [2010/03/08 13:03:54 | 000,121,800 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HtcUsbMdmV64.sys -- (HtcUsbMdmV64)
DRV:64bit: - [2010/01/06 00:44:20 | 000,035,840 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BVRPMPR5a64.SYS -- (BVRPMPR5a64)
DRV:64bit: - [2009/08/21 00:52:10 | 000,079,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009/07/13 19:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 19:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 19:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 18:01:09 | 000,679,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xnacc.sys -- (xnacc)
DRV:64bit: - [2009/06/17 10:54:38 | 000,112,144 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouKE.Sys -- (LMouKE)
DRV:64bit: - [2009/06/17 10:54:30 | 000,057,872 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2009/06/17 10:54:22 | 000,055,312 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2009/06/17 10:53:42 | 000,089,616 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L8042mou.Sys -- (L8042mou)
DRV:64bit: - [2009/06/10 14:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 14:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 14:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 14:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 12:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/03/01 22:05:32 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/02/24 18:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcdbus.sys -- (mcdbus)
DRV:64bit: - [2007/07/23 08:57:04 | 000,052,992 | ---- | M] (Ideazon Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Alpham164.sys -- (Alpham1)
DRV:64bit: - [2007/04/12 07:10:28 | 000,151,296 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\COMMONFX.DLL -- (COMMONFX.DLL)
DRV:64bit: - [2007/04/10 05:07:54 | 000,580,904 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ctac32k.sys -- (ctac32k)
DRV:64bit: - [2007/04/10 03:41:54 | 000,295,208 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\haP17v2k.sys -- (hap17v2k)
DRV:64bit: - [2007/04/10 03:41:20 | 000,259,880 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\haP16v2k.sys -- (hap16v2k)
DRV:64bit: - [2007/04/10 03:40:24 | 001,359,144 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ha10kx2k.sys -- (ha10kx2k)
DRV:64bit: - [2007/04/10 03:39:48 | 000,147,752 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\emupia2k.sys -- (emupia)
DRV:64bit: - [2007/04/10 03:38:40 | 000,290,600 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV:64bit: - [2007/04/10 03:38:10 | 000,017,192 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV:64bit: - [2007/04/10 03:37:36 | 000,218,408 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ctoss2k.sys -- (ossrv)
DRV:64bit: - [2007/04/10 03:35:28 | 000,863,016 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ctaud2k.sys -- (ctaud2k)
DRV:64bit: - [2007/04/10 03:17:22 | 000,123,688 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTHWIUT.DLL -- (CTHWIUT.DLL)
DRV:64bit: - [2007/04/10 03:17:00 | 000,252,712 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CT20XUT.DLL -- (CT20XUT.DLL)
DRV:64bit: - [2007/04/10 03:16:20 | 001,571,112 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTEXFIFX.DLL -- (CTEXFIFX.DLL)
DRV:64bit: - [2007/04/10 03:15:44 | 000,363,304 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTEDSPSY.DLL -- (CTEDSPSY.DLL)
DRV:64bit: - [2007/04/10 03:15:10 | 000,190,248 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTEDSPIO.DLL -- (CTEDSPIO.DLL)
DRV:64bit: - [2007/04/10 03:14:28 | 000,142,120 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTERFXFX.DLL -- (CTERFXFX.DLL)
DRV:64bit: - [2007/04/10 03:13:38 | 000,321,832 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTEDSPFX.DLL -- (CTEDSPFX.DLL)
DRV:64bit: - [2007/04/10 03:13:08 | 000,219,432 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTEAPSFX.DLL -- (CTEAPSFX.DLL)
DRV:64bit: - [2007/04/10 03:12:22 | 000,681,256 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTSBLFX.DLL -- (CTSBLFX.DLL)
DRV:64bit: - [2007/04/10 03:11:46 | 000,700,200 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTAUDFX.DLL -- (CTAUDFX.DLL)
DRV:64bit: - [2007/03/20 10:51:04 | 000,021,760 | ---- | M] (Ideazon Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Alpham264.sys -- (Alpham2)
DRV:64bit: - [2007/02/15 18:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2012/03/26 17:42:14 | 000,138,360 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2010/11/01 05:08:46 | 000,014,544 | ---- | M] (OpenLibSys.org) [File_System | On_Demand | Stopped] -- C:\Program Files (x86)\IObit\Game Booster\Driver\WinRing0x64.sys -- (WinRing0_1_2_0)
DRV - [2009/07/13 19:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/02/24 18:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\mcdbus.sys -- (mcdbus)
DRV - [2007/02/15 18:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\ElbyCDFL.sys -- (ElbyCDFL)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {00B6F611-DA87-419E-AD49-88ABB77F1E7C}
IE - HKLM\..\SearchScopes\{00B6F611-DA87-419E-AD49-88ABB77F1E7C}: "URL" = http://www.tangosear...Terms}&a=SEARCH
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = http://search.condui...&ctid=CT2418376

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D0 82 C5 DD 1D DD CB 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{00B6F611-DA87-419E-AD49-88ABB77F1E7C}: "URL" = http://www.tangosear...Terms}&a=SEARCH
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...&rlz=1I7WZPC_en
IE - HKCU\..\SearchScopes\{AC01EF9D-04A3-4A38-8296-B18B88403052}: "URL" = http://search.avg.co...}&ychte=us&nt=1
IE - HKCU\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = http://search.condui...&ctid=CT2418376
IE - HKCU\..\SearchScopes\{F6066676-1EEB-BD50-8DCD-39409136EB4C}: "URL" = http://www.bing.com/...UGO&form=ZGAIDF
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/ig"
FF - prefs.js..extensions.enabledAddons: {097d3191-e6fa-4728-9826-b533d755359d}:0.7.18
FF - prefs.js..extensions.enabledAddons: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20120926
FF - prefs.js..extensions.enabledAddons: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.5.9rc2
FF - prefs.js..extensions.enabledAddons: [email protected]:2.0.7
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.3.1: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.3.1: C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@logitech.com/HarmonyRemote,version=1.0.0: C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll (Logitech Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\User\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\User\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/10/12 03:58:53 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/10/12 03:58:53 | 000,000,000 | ---D | M]

[2010/10/18 21:29:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Extensions
[2010/10/18 21:29:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Extensions\[email protected]
[2012/10/22 23:44:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\5wmol7ea.default\extensions
[2012/10/03 22:02:39 | 000,000,000 | ---D | M] (WOT) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\5wmol7ea.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2012/10/13 22:08:27 | 000,000,000 | ---D | M] (LavaFox V2) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\5wmol7ea.default\extensions\[email protected]
[2012/09/05 00:03:23 | 000,455,379 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\5wmol7ea.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi
[2011/10/25 15:09:36 | 000,007,532 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\5wmol7ea.default\extensions\{27c60876-b5c9-4335-b4f3-52b26782220c}.xpi
[2012/10/22 23:36:18 | 000,529,958 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\5wmol7ea.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2012/10/19 23:59:53 | 000,002,112 | ---- | M] () -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\5wmol7ea.default\searchplugins\wot-safe-search.xml
[2012/10/12 03:58:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/10/12 03:58:53 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/09/05 00:03:12 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/10/12 03:58:50 | 000,002,058 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: WOT Safe Search (Enabled)
CHR - default_search_provider: search_url = http://search.surfca...ms}&partner=wot
CHR - default_search_provider: suggest_url = http://www.surfcanyo...?q={searchTerms}
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\User\AppData\Local\Google\Chrome\Application\14.0.835.202\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.270.7 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U27 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\User\AppData\Local\Google\Chrome\Application\14.0.835.202\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\User\AppData\Local\Google\Chrome\Application\14.0.835.202\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: WOT = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\1.2.2_0\
CHR - Extension: Late Night = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgbdhkpacgdhfabeceekiafonfkipohm\1.0_0\

O1 HOSTS File: ([2011/05/14 23:26:27 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O2 - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files (x86)\WOT\WOT.dll ()
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O3 - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll ()
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll ()
O4:64bit: - HKLM..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL File not found
O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Zune Launcher] c:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AsioThk32Reg] C:\Windows\SysWow64\ctasio.dll (Creative Technology Ltd)
O4 - HKLM..\Run: [CloneCDTray] C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.)
O4 - HKLM..\Run: [CTHelper] C:\Windows\SysWow64\CtHelper.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [CTxfiHlp] C:\Windows\SysWow64\Ctxfihlp.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Razer Mamba Driver] C:\Program Files (x86)\Razer\Mamba\RazerTray.exe (Razer USA Ltd)
O4 - HKLM..\Run: [Razer Nostromo Driver] C:\Program Files (x86)\Razer\Nostromo\RazerNostromoSysTray.exe (Razer USA Ltd)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [DevconDefaultDB] C:\Windows\SysWow64\readreg.exe (Creative Technology Limited)
O4 - HKCU..\Run: [googletalk] C:\Users\User\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)
O4 - Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.3.1)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_03)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} http://content.syste...ri_4.1.71.0.cab (SysInfo Class)
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} http://www.fileplane..._2.3.10.115.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} http://content.syste...ri_4.4.26.0.cab (SysInfo Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.220.0.10 24.220.0.11 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E0439918-EAA4-47CF-82BD-89B1CA356508}: DhcpNameServer = 24.220.0.10 24.220.0.11 192.168.1.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wot - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Overwolf\SKYPE4~2.DLL (Skype Technologies)
O18 - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll ()
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/04/12 03:38:58 | 000,000,122 | R--- | M] () - D:\autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (耀)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/02/27 19:36:17 | 000,000,000 | ---D | C] -- C:\FRST
[2013/02/27 14:16:40 | 000,056,072 | ---- | C] (COMODO CA Limited) -- C:\Windows\SysNative\certsentry.dll
[2013/02/27 14:16:40 | 000,047,368 | ---- | C] (COMODO CA Limited) -- C:\Windows\SysWow64\certsentry.dll
[45 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/02/27 17:42:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/02/27 17:42:39 | 3220,623,360 | -HS- | M] () -- C:\hiberfil.sys
[2013/02/27 17:21:32 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/02/27 17:21:30 | 000,691,568 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/02/27 17:21:29 | 000,071,024 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/02/27 17:19:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2925201978-3475927693-2139486491-1000UA.job
[2013/02/27 17:17:33 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/02/27 17:08:04 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
[2013/02/27 17:07:43 | 000,001,050 | ---- | M] () -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013/02/27 17:07:13 | 000,001,016 | ---- | M] () -- C:\Users\User\Desktop\Dropbox.lnk
[2013/02/27 16:31:49 | 000,009,688 | ---- | M] () -- C:\bootsqm.dat
[2013/02/27 16:13:15 | 000,792,614 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/02/27 16:13:15 | 000,669,048 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/02/27 16:13:15 | 000,125,234 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/02/27 14:50:14 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ndadmin.exe
[2013/02/27 14:26:10 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2925201978-3475927693-2139486491-1000Core.job
[2013/02/27 14:16:40 | 000,056,072 | ---- | M] (COMODO CA Limited) -- C:\Windows\SysNative\certsentry.dll
[2013/02/27 14:16:40 | 000,047,368 | ---- | M] (COMODO CA Limited) -- C:\Windows\SysWow64\certsentry.dll
[2013/02/27 14:16:31 | 000,020,768 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/02/27 14:16:31 | 000,020,768 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/02/27 13:38:46 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[45 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/02/27 16:31:49 | 000,009,688 | ---- | C] () -- C:\bootsqm.dat
[2013/02/27 14:11:10 | 000,001,751 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk
[2013/02/27 14:11:10 | 000,001,050 | ---- | C] () -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2012/10/24 22:11:49 | 000,000,408 | ---- | C] () -- C:\Windows\SysWow64\iolo.ini
[2012/07/25 16:51:44 | 000,042,440 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2012/03/25 15:39:58 | 000,000,145 | ---- | C] () -- C:\Users\User\.appletviewer
[2012/03/09 13:06:14 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012/02/14 20:36:36 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012/02/14 20:36:36 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2011/10/25 21:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll
[2011/10/13 22:19:58 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\CmdLineExt03.dll
[2011/09/12 16:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011/06/22 23:18:44 | 000,001,854 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2011/06/18 11:30:37 | 000,000,214 | -HS- | C] () -- C:\ProgramData\.zreglib
[2011/06/05 14:23:26 | 000,001,770 | ---- | C] () -- C:\Users\User\AppData\Roaming\Profile0.dat
[2011/05/29 14:06:39 | 000,000,600 | ---- | C] () -- C:\Users\User\AppData\Local\PUTTY.RND
[2011/05/14 23:22:02 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2011/05/14 23:22:02 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/05/14 23:22:02 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe
[2011/05/14 23:22:02 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/05/14 23:22:02 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/03/31 22:36:42 | 000,007,594 | ---- | C] () -- C:\Users\User\AppData\Local\Resmon.ResmonCfg
[2011/03/30 21:41:11 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011/03/22 18:27:15 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2011/03/17 21:26:39 | 000,001,036 | ---- | C] () -- C:\Windows\eReg.dat
[2011/03/15 19:15:46 | 000,119,296 | ---- | C] () -- C:\Windows\SysWow64\zlib.dll
[2011/03/15 19:15:46 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\dxinputdll.dll
[2011/03/15 13:14:29 | 000,000,092 | ---- | C] () -- C:\Users\User\AppData\Local\fusioncache.dat
[2011/03/15 10:45:06 | 000,786,338 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/03/15 10:43:29 | 000,669,184 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2011/03/13 20:48:02 | 000,103,736 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011/03/13 20:48:01 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011/03/13 20:48:00 | 002,601,752 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_moh.exe
[2011/03/13 16:34:24 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

========== ZeroAccess Check ==========

[2009/07/13 22:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 23:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 22:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 19:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 06:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 19:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Alternate Data Streams ==========

@Alternate Data Stream - 128 bytes -> C:\Windows\SysWow64\zlib.dll:SummaryInformation
@Alternate Data Stream - 128 bytes -> C:\Windows\SysWow64\zlib.dll:DocumentSummaryInformation

< End of report >



Edited by DrkMachine, 27 February 2013 - 05:55 PM.

  • 0

Advertisements


#2
Crowbar

Crowbar

    Teacher

  • GeekU Moderator
  • 4,130 posts
Hello DrkMachine and welcome to the Virus, Spyware, Malware Removal forum !!

My name is Crowbar and I'll be the malware removal Geek that will be helping you remove any infections you may have on your computer.

  • Please read all of my response through at least once before attempting to follow the procedures described.
  • Please save my instructions as a text file on your desktop, or print them out, as you may not be able to access this thread at times.
  • Please follow the steps exactly as written, in the same order.
  • If there's anything you don't understand or isn't totally clear, please ask me any questions that you may have.
  • Please do not attach any log files to your replies unless I specifically ask you. Instead please copy and paste so as to include the log in your reply. You can do this in separate posts if it's easier for you.
  • This process is not an instant process - please stick with me until I tell you that your machine is clean. If you don't see any symptoms it does not mean your system is clear of malware
  • Please don't run any other scans or other software unless I ask you to, as it will make this repair more difficult.

Hi there - sorry about the delay, things are sometimes busy here and posts sometimes get missed.
If you still need assistance I will need to see some fresh logs so please do the following for me:

Step 1
Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    netsvcs
    BASESERVICES
    %SYSTEMDRIVE%\*.exe
    /md5start
    services.*
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    qmgr.dll
    winsock.*
    /md5stop
    CREATERESTOREPOINT

  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • Post the log it produces in your next reply.

Step 2
  • Download RogueKiller and save it on your desktop.
  • Quit all programs
  • Start RogueKiller.exe.
  • Wait until Prescan has finished ...
  • Click on Scan

Posted Image

  • Wait for the end of the scan.
  • The report has been created on the desktop.

Please post: All RKreport.txt text files located on your desktop.

Step 3
Download AdwCleaner from here to your desktop
Run AdwCleaner and select Scan

Posted Image

A log will be produced at C:\ADWCleaner[XX].txt please attach that in your next post

Step 4
Download Security Check from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

In your next reply I would like to see:
  • fresh OTL custom scan results
  • Extras.txt log from the first OTL run - it should be on the desktop
  • Roguekiller log - rkreport.txt files
  • ADWCleaner log file
  • checkup.txt from Security Check

  • 0

#3
DrkMachine

DrkMachine

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 126 posts
First, Thank you for the assistance. Here are the requested logs.

OTL

OTL logfile created on: 3/16/2013 6:38:22 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\User\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 3.18 Gb Available Physical Memory | 79.56% Memory free
8.00 Gb Paging File | 7.34 Gb Available in Paging File | 91.79% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 685.54 Gb Total Space | 389.34 Gb Free Space | 56.79% Space Free | Partition Type: NTFS
Drive D: | 3.09 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive F: | 62.47 Mb Total Space | 28.83 Mb Free Space | 46.15% Space Free | Partition Type: FAT

Computer Name: MACHINE-PC | User Name: User | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/02/27 18:08:04 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe


========== Modules (No Company Name) ==========


========== Services (SafeList) ==========

SRV:64bit: - [2012/09/27 20:38:16 | 000,239,616 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012/05/25 12:53:24 | 000,180,576 | ---- | M] (Commtouch, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Authentium\AntiVirus5\vseqrts.exe -- (vseqrts)
SRV:64bit: - [2012/05/25 12:53:20 | 000,119,136 | R--- | M] (Commtouch, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe -- (vsedsps)
SRV:64bit: - [2012/05/25 12:53:12 | 000,121,184 | R--- | M] (Commtouch, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe -- (vseamps)
SRV:64bit: - [2011/08/05 12:53:12 | 000,467,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Zune\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV:64bit: - [2011/08/05 12:53:12 | 000,306,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Zune\WMZuneComm.exe -- (WMZuneComm)
SRV:64bit: - [2011/08/05 12:53:06 | 008,277,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV:64bit: - [2009/07/20 12:36:14 | 000,160,784 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 20:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013/02/27 18:21:30 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/01/24 06:52:00 | 002,074,256 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe -- (DragonUpdater)
SRV - [2012/10/12 04:58:52 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/09/13 12:57:52 | 000,018,360 | ---- | M] (Overwolf Ltd) [On_Demand | Stopped] -- C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe -- (OverwolfUpdaterService)
SRV - [2012/07/27 15:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/06/02 19:32:55 | 000,066,872 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/09/27 21:21:20 | 010,697,216 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012/09/27 20:12:52 | 000,460,288 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012/05/25 12:58:30 | 000,173,408 | R--- | M] (Commtouch, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\amp.sys -- (AMP)
DRV:64bit: - [2012/05/25 12:58:28 | 001,496,416 | R--- | M] (Commtouch, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\ampse.sys -- (AMPSE)
DRV:64bit: - [2012/05/14 01:12:30 | 000,096,896 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2012/04/17 08:25:02 | 000,031,432 | ---- | M] (EldoS Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\ElRawDsk.sys -- (ElRawDisk)
DRV:64bit: - [2012/04/03 14:19:10 | 000,147,248 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:64bit: - [2012/03/26 18:42:14 | 000,138,360 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AnyDVD.sys -- (AnyDVD)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/09/27 23:15:26 | 000,012,904 | ---- | M] (UVNC BVBA) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mv2.sys -- (mv2)
DRV:64bit: - [2011/07/14 17:18:52 | 000,157,184 | ---- | M] (Razer USA Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RzSynapse.sys -- (RzSynapse)
DRV:64bit: - [2011/05/18 00:35:08 | 000,310,728 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2011/05/18 00:18:33 | 000,043,168 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2011/03/24 14:35:36 | 000,019,968 | ---- | M] (Razer USA Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rzjoystk.sys -- (rzjoystk)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/10 22:51:38 | 000,868,848 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010/12/16 17:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2010/11/20 08:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 06:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 06:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010/11/09 15:35:24 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135)
DRV:64bit: - [2010/04/12 03:55:00 | 000,091,568 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2010/03/08 14:08:36 | 000,121,800 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HtcVComV64.sys -- (HtcVCom32)
DRV:64bit: - [2010/03/08 14:03:54 | 000,121,800 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HtcUsbMdmV64.sys -- (HtcUsbMdmV64)
DRV:64bit: - [2010/01/06 01:44:20 | 000,035,840 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BVRPMPR5a64.SYS -- (BVRPMPR5a64)
DRV:64bit: - [2009/08/21 01:52:10 | 000,079,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 19:01:09 | 000,679,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xnacc.sys -- (xnacc)
DRV:64bit: - [2009/06/17 11:54:38 | 000,112,144 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouKE.Sys -- (LMouKE)
DRV:64bit: - [2009/06/17 11:54:30 | 000,057,872 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2009/06/17 11:54:22 | 000,055,312 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2009/06/17 11:53:42 | 000,089,616 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L8042mou.Sys -- (L8042mou)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/03/01 23:05:32 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/02/24 19:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcdbus.sys -- (mcdbus)
DRV:64bit: - [2007/07/23 09:57:04 | 000,052,992 | ---- | M] (Ideazon Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Alpham164.sys -- (Alpham1)
DRV:64bit: - [2007/04/12 08:10:28 | 000,151,296 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\COMMONFX.DLL -- (COMMONFX.DLL)
DRV:64bit: - [2007/04/10 06:07:54 | 000,580,904 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ctac32k.sys -- (ctac32k)
DRV:64bit: - [2007/04/10 04:41:54 | 000,295,208 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\haP17v2k.sys -- (hap17v2k)
DRV:64bit: - [2007/04/10 04:41:20 | 000,259,880 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\haP16v2k.sys -- (hap16v2k)
DRV:64bit: - [2007/04/10 04:40:24 | 001,359,144 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ha10kx2k.sys -- (ha10kx2k)
DRV:64bit: - [2007/04/10 04:39:48 | 000,147,752 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\emupia2k.sys -- (emupia)
DRV:64bit: - [2007/04/10 04:38:40 | 000,290,600 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV:64bit: - [2007/04/10 04:38:10 | 000,017,192 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV:64bit: - [2007/04/10 04:37:36 | 000,218,408 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ctoss2k.sys -- (ossrv)
DRV:64bit: - [2007/04/10 04:35:28 | 000,863,016 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ctaud2k.sys -- (ctaud2k)
DRV:64bit: - [2007/04/10 04:17:22 | 000,123,688 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTHWIUT.DLL -- (CTHWIUT.DLL)
DRV:64bit: - [2007/04/10 04:17:00 | 000,252,712 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CT20XUT.DLL -- (CT20XUT.DLL)
DRV:64bit: - [2007/04/10 04:16:20 | 001,571,112 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTEXFIFX.DLL -- (CTEXFIFX.DLL)
DRV:64bit: - [2007/04/10 04:15:44 | 000,363,304 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTEDSPSY.DLL -- (CTEDSPSY.DLL)
DRV:64bit: - [2007/04/10 04:15:10 | 000,190,248 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTEDSPIO.DLL -- (CTEDSPIO.DLL)
DRV:64bit: - [2007/04/10 04:14:28 | 000,142,120 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTERFXFX.DLL -- (CTERFXFX.DLL)
DRV:64bit: - [2007/04/10 04:13:38 | 000,321,832 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTEDSPFX.DLL -- (CTEDSPFX.DLL)
DRV:64bit: - [2007/04/10 04:13:08 | 000,219,432 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTEAPSFX.DLL -- (CTEAPSFX.DLL)
DRV:64bit: - [2007/04/10 04:12:22 | 000,681,256 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTSBLFX.DLL -- (CTSBLFX.DLL)
DRV:64bit: - [2007/04/10 04:11:46 | 000,700,200 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTAUDFX.DLL -- (CTAUDFX.DLL)
DRV:64bit: - [2007/03/20 11:51:04 | 000,021,760 | ---- | M] (Ideazon Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Alpham264.sys -- (Alpham2)
DRV:64bit: - [2007/02/15 19:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2012/03/26 18:42:14 | 000,138,360 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2010/11/01 06:08:46 | 000,014,544 | ---- | M] (OpenLibSys.org) [File_System | On_Demand | Stopped] -- C:\Program Files (x86)\IObit\Game Booster\Driver\WinRing0x64.sys -- (WinRing0_1_2_0)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/02/24 19:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\mcdbus.sys -- (mcdbus)
DRV - [2007/02/15 19:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\ElbyCDFL.sys -- (ElbyCDFL)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {00B6F611-DA87-419E-AD49-88ABB77F1E7C}
IE - HKLM\..\SearchScopes\{00B6F611-DA87-419E-AD49-88ABB77F1E7C}: "URL" = http://www.tangosear...Terms}&a=SEARCH
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = http://search.condui...&ctid=CT2418376

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D0 82 C5 DD 1D DD CB 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{00B6F611-DA87-419E-AD49-88ABB77F1E7C}: "URL" = http://www.tangosear...Terms}&a=SEARCH
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...&rlz=1I7WZPC_en
IE - HKCU\..\SearchScopes\{AC01EF9D-04A3-4A38-8296-B18B88403052}: "URL" = http://search.avg.co...}&ychte=us&nt=1
IE - HKCU\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = http://search.condui...&ctid=CT2418376
IE - HKCU\..\SearchScopes\{F6066676-1EEB-BD50-8DCD-39409136EB4C}: "URL" = http://www.bing.com/...UGO&form=ZGAIDF
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/ig"
FF - prefs.js..extensions.enabledAddons: {097d3191-e6fa-4728-9826-b533d755359d}:0.7.18
FF - prefs.js..extensions.enabledAddons: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20120926
FF - prefs.js..extensions.enabledAddons: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.5.9rc2
FF - prefs.js..extensions.enabledAddons: [email protected]:2.0.7
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.3.1: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.3.1: C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@logitech.com/HarmonyRemote,version=1.0.0: C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll (Logitech Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\User\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\User\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/10/12 04:58:53 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/10/12 04:58:53 | 000,000,000 | ---D | M]

[2010/10/18 22:29:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Extensions
[2010/10/18 22:29:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Extensions\[email protected]
[2012/10/23 00:44:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\5wmol7ea.default\extensions
[2012/10/03 23:02:39 | 000,000,000 | ---D | M] (WOT) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\5wmol7ea.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2012/10/13 23:08:27 | 000,000,000 | ---D | M] (LavaFox V2) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\5wmol7ea.default\extensions\[email protected]
[2012/09/05 01:03:23 | 000,455,379 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\5wmol7ea.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi
[2011/10/25 16:09:36 | 000,007,532 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\5wmol7ea.default\extensions\{27c60876-b5c9-4335-b4f3-52b26782220c}.xpi
[2012/10/23 00:36:18 | 000,529,958 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\5wmol7ea.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2012/10/20 00:59:53 | 000,002,112 | ---- | M] () -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\5wmol7ea.default\searchplugins\wot-safe-search.xml
[2012/10/12 04:58:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/10/12 04:58:53 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/09/05 01:03:12 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/10/12 04:58:50 | 000,002,058 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: WOT Safe Search (Enabled)
CHR - default_search_provider: search_url = http://search.surfca...ms}&partner=wot
CHR - default_search_provider: suggest_url = http://www.surfcanyo...?q={searchTerms}
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\User\AppData\Local\Google\Chrome\Application\14.0.835.202\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.270.7 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U27 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\User\AppData\Local\Google\Chrome\Application\14.0.835.202\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\User\AppData\Local\Google\Chrome\Application\14.0.835.202\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: WOT = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\1.2.2_0\
CHR - Extension: Late Night = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgbdhkpacgdhfabeceekiafonfkipohm\1.0_0\

O1 HOSTS File: ([2011/05/15 00:26:27 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O2 - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files (x86)\WOT\WOT.dll ()
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O3 - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll ()
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll ()
O4:64bit: - HKLM..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL File not found
O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Zune Launcher] c:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AsioThk32Reg] C:\Windows\SysWow64\ctasio.dll (Creative Technology Ltd)
O4 - HKLM..\Run: [CloneCDTray] C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.)
O4 - HKLM..\Run: [CTHelper] C:\Windows\SysWow64\CtHelper.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [CTxfiHlp] C:\Windows\SysWow64\Ctxfihlp.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Razer Mamba Driver] C:\Program Files (x86)\Razer\Mamba\RazerTray.exe (Razer USA Ltd)
O4 - HKLM..\Run: [Razer Nostromo Driver] C:\Program Files (x86)\Razer\Nostromo\RazerNostromoSysTray.exe (Razer USA Ltd)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [DevconDefaultDB] C:\Windows\SysWow64\readreg.exe (Creative Technology Limited)
O4 - HKCU..\Run: [googletalk] C:\Users\User\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)
O4 - Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.3.1)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_03)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} http://content.syste...ri_4.1.71.0.cab (SysInfo Class)
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} http://www.fileplane..._2.3.10.115.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} http://content.syste...ri_4.4.26.0.cab (SysInfo Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.220.0.10 24.220.0.11 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E0439918-EAA4-47CF-82BD-89B1CA356508}: DhcpNameServer = 24.220.0.10 24.220.0.11 192.168.1.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wot - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Overwolf\SKYPE4~2.DLL (Skype Technologies)
O18 - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll ()
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/04/12 04:38:58 | 000,000,122 | R--- | M] () - D:\autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (耀)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

CREATERESTOREPOINT
Unable to start System Restore Service. Error code 1084

========== Files/Folders - Created Within 30 Days ==========

[2013/02/27 20:36:17 | 000,000,000 | ---D | C] -- C:\FRST
[2013/02/27 15:16:40 | 000,056,072 | ---- | C] (COMODO CA Limited) -- C:\Windows\SysNative\certsentry.dll
[2013/02/27 15:16:40 | 000,047,368 | ---- | C] (COMODO CA Limited) -- C:\Windows\SysWow64\certsentry.dll
[45 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/03/16 18:38:07 | 000,792,614 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/03/16 18:38:07 | 000,669,048 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/03/16 18:38:07 | 000,125,234 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/02/27 18:42:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/02/27 18:42:39 | 3220,623,360 | -HS- | M] () -- C:\hiberfil.sys
[2013/02/27 18:21:32 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/02/27 18:19:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2925201978-3475927693-2139486491-1000UA.job
[2013/02/27 18:17:33 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/02/27 18:08:04 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
[2013/02/27 18:07:43 | 000,001,050 | ---- | M] () -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013/02/27 18:07:13 | 000,001,016 | ---- | M] () -- C:\Users\User\Desktop\Dropbox.lnk
[2013/02/27 17:31:49 | 000,009,688 | ---- | M] () -- C:\bootsqm.dat
[2013/02/27 15:26:10 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2925201978-3475927693-2139486491-1000Core.job
[2013/02/27 15:16:40 | 000,056,072 | ---- | M] (COMODO CA Limited) -- C:\Windows\SysNative\certsentry.dll
[2013/02/27 15:16:40 | 000,047,368 | ---- | M] (COMODO CA Limited) -- C:\Windows\SysWow64\certsentry.dll
[2013/02/27 15:16:31 | 000,020,768 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/02/27 15:16:31 | 000,020,768 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/02/27 14:38:46 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[45 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/02/27 17:31:49 | 000,009,688 | ---- | C] () -- C:\bootsqm.dat
[2013/02/27 15:11:10 | 000,001,751 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk
[2013/02/27 15:11:10 | 000,001,050 | ---- | C] () -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2012/10/24 23:11:49 | 000,000,408 | ---- | C] () -- C:\Windows\SysWow64\iolo.ini
[2012/07/25 17:51:44 | 000,042,440 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2012/03/25 16:39:58 | 000,000,145 | ---- | C] () -- C:\Users\User\.appletviewer
[2012/03/09 14:06:14 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012/02/14 21:36:36 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012/02/14 21:36:36 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2011/10/25 22:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll
[2011/10/13 23:19:58 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\CmdLineExt03.dll
[2011/09/12 17:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011/06/23 00:18:44 | 000,001,854 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2011/06/18 12:30:37 | 000,000,214 | -HS- | C] () -- C:\ProgramData\.zreglib
[2011/06/05 15:23:26 | 000,001,770 | ---- | C] () -- C:\Users\User\AppData\Roaming\Profile0.dat
[2011/05/29 15:06:39 | 000,000,600 | ---- | C] () -- C:\Users\User\AppData\Local\PUTTY.RND
[2011/05/15 00:22:02 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2011/05/15 00:22:02 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/05/15 00:22:02 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe
[2011/05/15 00:22:02 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/05/15 00:22:02 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/03/31 23:36:42 | 000,007,594 | ---- | C] () -- C:\Users\User\AppData\Local\Resmon.ResmonCfg
[2011/03/30 22:41:11 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011/03/22 19:27:15 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2011/03/17 22:26:39 | 000,001,036 | ---- | C] () -- C:\Windows\eReg.dat
[2011/03/15 14:14:29 | 000,000,092 | ---- | C] () -- C:\Users\User\AppData\Local\fusioncache.dat

========== ZeroAccess Check ==========

[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 00:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 23:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 07:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/07/14 08:44:10 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\.minecraft
[2012/10/07 14:37:23 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\.techniclauncher
[2011/08/19 01:10:10 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\10moons
[2011/03/10 17:42:51 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Audacity
[2012/05/10 02:53:33 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\BitTorrent
[2011/03/10 22:49:38 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\DAEMON Tools
[2011/03/11 20:14:38 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\DAEMON Tools Lite
[2011/03/09 23:45:03 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\DAEMON Tools Pro
[2013/02/27 18:21:48 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Dropbox
[2012/08/11 01:11:07 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\FileZilla
[2011/05/15 00:52:31 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\FrostWire
[2011/06/04 12:33:16 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Ideazon
[2011/07/05 01:52:10 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\IObit
[2011/07/24 15:54:46 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\iSpy
[2011/05/15 11:15:13 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Kalypso Media
[2011/04/01 01:07:02 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Leadertech
[2011/03/15 18:33:24 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\MotioninJoy
[2012/04/13 12:44:27 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Mumble
[2011/10/26 17:58:20 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Need for Speed World
[2011/10/16 11:12:57 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Origin
[2011/03/15 20:17:29 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\PowerUp Software
[2012/10/04 17:59:39 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Raptr
[2011/07/04 20:25:40 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\SystemRequirementsLab
[2011/06/05 03:07:53 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\TightVNC
[2012/09/22 15:43:21 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\TS3Client
[2012/09/08 11:38:32 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\ts3overlay

========== Purity Check ==========



========== Custom Scans ==========

========== Base Services ==========
SRV:64bit: - [2009/07/13 20:40:01 | 000,072,192 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:64bit: - [2010/11/20 08:25:40 | 000,070,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:64bit: - [2009/07/13 20:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:64bit: - [2010/11/20 08:27:23 | 000,849,920 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:64bit: - [2010/11/20 08:25:45 | 000,705,024 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:64bit: - [2011/11/17 01:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (KeyIso)
SRV:64bit: - [2009/07/13 20:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2009/07/13 20:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:64bit: - [2012/07/04 17:13:27 | 000,136,704 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:64bit: - [2012/06/02 00:41:28 | 000,184,320 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV - [2012/06/01 23:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc)
SRV:64bit: - [2010/11/20 08:27:24 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:64bit: - [2010/11/20 08:26:04 | 000,317,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2010/11/20 07:18:30 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:64bit: - [2011/03/03 01:24:16 | 000,183,296 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:64bit: - [2009/07/13 20:40:35 | 000,111,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
SRV:64bit: - [2009/07/13 20:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2009/07/13 20:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:64bit: - [2009/07/13 20:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:64bit: - [2010/11/20 08:26:39 | 000,501,248 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV:64bit: - [2009/07/13 20:41:54 | 000,524,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:64bit: - [2009/07/13 20:41:26 | 000,067,584 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:64bit: - [2009/07/13 20:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:64bit: - [2009/07/13 20:41:52 | 000,459,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netprofm.dll -- (netprofm)
SRV - [2009/07/13 20:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm)
SRV:64bit: - [2010/11/20 08:27:22 | 000,303,616 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:64bit: - [2009/07/13 20:41:53 | 000,025,600 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:64bit: - [2011/05/24 06:42:55 | 000,404,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:64bit: - [2012/02/11 01:36:02 | 000,559,104 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:64bit: - [2011/11/17 01:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage)
No service found with a name of EMDMgmt
SRV:64bit: - [2009/07/13 20:41:53 | 000,099,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:64bit: - [2010/11/20 08:27:24 | 000,344,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:64bit: - [2010/11/20 08:27:24 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:64bit: - [2010/11/20 08:27:25 | 000,030,720 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:64bit: - [2011/11/17 01:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:64bit: - [2009/07/13 20:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:64bit: - [2010/11/20 08:27:26 | 000,236,032 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:64bit: - [2010/11/20 08:27:25 | 000,370,688 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2010/11/20 07:21:19 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:64bit: - [2010/11/20 08:27:25 | 001,110,016 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:64bit: - [2010/11/20 08:27:26 | 000,316,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2010/11/20 07:21:28 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:64bit: - [2009/07/13 20:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:64bit: - [2012/05/01 00:40:20 | 000,209,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:64bit: - [2010/11/20 08:25:27 | 001,600,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:64bit: - [2010/11/20 08:25:42 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\audiosrv.dll -- (AudioSrv)
SRV:64bit: - [2010/11/20 08:25:42 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\audiosrv.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2010/11/20 08:27:25 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010/11/20 08:27:28 | 001,646,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (eventlog)
SRV:64bit: - [2010/11/20 08:26:59 | 000,828,416 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:64bit: - [2010/11/20 08:27:28 | 000,580,096 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:64bit: - [2010/11/20 08:24:58 | 000,128,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msiexec.exe -- (msiserver)
SRV - [2010/11/20 07:17:22 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\msiexec.exe -- (msiserver)
SRV:64bit: - [2009/07/13 20:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:64bit: - [2012/06/02 17:19:43 | 002,428,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:64bit: - [2010/11/20 08:26:07 | 000,252,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:64bit: - [2009/07/13 20:41:56 | 000,886,784 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc)
SRV:64bit: - [2010/11/20 08:27:28 | 000,118,784 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)

< %SYSTEMDRIVE%\*.exe >
[2007/11/07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
[2011/05/14 23:19:11 | 002,418,734 | ---- | M] () -- C:\MGtools.exe

< MD5 for: EXPLORER.EXE >
[2011/02/26 01:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/26 00:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/13 20:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/26 00:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009/10/31 00:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011/02/26 00:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/25 01:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 01:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 01:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 07:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009/08/03 01:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009/10/31 01:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009/08/03 00:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/11/20 08:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009/10/31 01:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009/08/03 00:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/13 20:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\ERDNT\cache86\explorer.exe
[2009/07/13 20:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009/10/31 01:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011/02/26 01:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009/08/03 01:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: QMGR.DLL >
[2010/11/20 08:27:23 | 000,849,920 | ---- | M] (Microsoft Corporation) MD5=1EA7969E3271CBC59E1730697DC74682 -- C:\Windows\SysNative\qmgr.dll
[2010/11/20 08:27:23 | 000,849,920 | ---- | M] (Microsoft Corporation) MD5=1EA7969E3271CBC59E1730697DC74682 -- C:\Windows\winsxs\amd64_microsoft-windows-bits-client_31bf3856ad364e35_6.1.7601.17514_none_81b6ca5c101195cd\qmgr.dll
[2009/07/13 20:41:53 | 000,848,384 | ---- | M] (Microsoft Corporation) MD5=7F0C323FE3DA28AA4AA1BDA3F575707F -- C:\Windows\ERDNT\cache64\qmgr.dll
[2009/07/13 20:41:53 | 000,848,384 | ---- | M] (Microsoft Corporation) MD5=7F0C323FE3DA28AA4AA1BDA3F575707F -- C:\Windows\winsxs\amd64_microsoft-windows-bits-client_31bf3856ad364e35_6.1.7600.16385_none_7f85b69413231233\qmgr.dll

< MD5 for: SERVICES >
[2009/06/10 16:00:26 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6079f415110c0210\services

< MD5 for: SERVICES.CFG >
[2012/07/27 15:51:34 | 000,586,083 | ---- | M] () MD5=6DE4EA437EC1FE6DB27CADB0A7EA8DC2 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Services\Services.cfg
[2011/06/06 13:55:30 | 000,584,045 | R--- | M] () MD5=B82DD53FA8C260DDD7FDC42182DB816E -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\services.cfg

< MD5 for: SERVICES.EXE >
[2009/07/13 20:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\ERDNT\cache64\services.exe
[2009/07/13 20:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009/07/13 20:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SERVICES.EXE.MUI >
[2009/07/13 21:25:40 | 000,017,408 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysNative\en-US\services.exe.mui
[2009/07/13 21:25:40 | 000,017,408 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_en-us_c5f238be3fa63468\services.exe.mui

< MD5 for: SERVICES.HTML >
[2011/11/03 19:34:51 | 000,106,503 | ---- | M] () MD5=8AB86AAB72E315014FABC4229916B128 -- C:\Users\User\android-sdks\docs\guide\topics\fundamentals\services.html

< MD5 for: SERVICES.JAVA >
[2012/03/20 00:21:56 | 000,006,748 | ---- | M] () MD5=411111AD775B441DDCC5D4EFF612F591 -- C:\Users\User\android-sdks\sources\android-14\org\apache\harmony\security\fortress\Services.java
[2012/03/20 00:17:42 | 000,006,748 | ---- | M] () MD5=411111AD775B441DDCC5D4EFF612F591 -- C:\Users\User\android-sdks\sources\android-15\org\apache\harmony\security\fortress\Services.java

< MD5 for: SERVICES.LNK >
[2009/07/13 23:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/13 23:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk

< MD5 for: SERVICES.MOF >
[2009/06/10 15:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\SysNative\wbem\services.mof
[2009/06/10 15:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.mof

< MD5 for: SERVICES.MSC >
[2009/07/13 21:23:30 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\en-US\services.msc
[2009/06/10 15:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\services.msc
[2009/07/13 21:08:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\en-US\services.msc
[2009/06/10 16:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\services.msc
[2009/07/13 21:23:30 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_003408aa160fce5b\services.msc
[2009/06/10 15:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_2b58d44b5f6beb8a\services.msc
[2009/07/13 21:08:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_a4156d265db25d25\services.msc
[2009/06/10 16:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_cf3a38c7a70e7a54\services.msc

< MD5 for: SERVICES.PTXML >
[2009/07/13 15:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\SysNative\wdi\perftrack\Services.ptxml
[2009/07/13 15:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\Services.ptxml

< MD5 for: SERVICES.SETTINGS >
[2012/03/25 16:45:50 | 000,001,622 | ---- | M] () MD5=36F72485C04D6C73C4926FD9112339C1 -- C:\Users\User\.netbeans\7.0\config\Windows2Local\Components\services.settings

< MD5 for: SERVICES.WSTCGRP >
[2012/03/25 16:45:51 | 000,000,225 | ---- | M] () MD5=E4AD31A486D75BC449F02775904D2430 -- C:\Users\User\.netbeans\7.0\config\Windows2Local\Groups\InitialLayout\services.wstcgrp
[2012/03/25 16:45:50 | 000,000,225 | ---- | M] () MD5=E4AD31A486D75BC449F02775904D2430 -- C:\Users\User\.netbeans\7.0\config\Windows2Local\Groups\OpenedProjects\services.wstcgrp

< MD5 for: SERVICES.WSTCREF >
[2012/03/25 16:45:50 | 000,000,129 | ---- | M] () MD5=73E5717A2B2C3FF0F7ED6EFDD0A658B3 -- C:\Users\User\.netbeans\7.0\config\Windows2Local\Modes\explorer\services.wstcref

< MD5 for: SVCHOST.EXE >
[2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\ERDNT\cache86\svchost.exe
[2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2012/01/13 14:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\ERDNT\cache64\svchost.exe
[2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: USERINIT.EXE >
[2010/11/20 07:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 07:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/13 20:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\ERDNT\cache86\userinit.exe
[2009/07/13 20:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/13 20:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\ERDNT\cache64\userinit.exe
[2009/07/13 20:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 08:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 08:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/20 08:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/20 08:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/13 20:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\ERDNT\cache64\winlogon.exe
[2009/07/13 20:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2012/01/13 14:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009/10/28 02:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009/10/28 01:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< MD5 for: WINSOCK.H >
[2010/04/19 20:44:40 | 000,038,471 | ---- | M] () MD5=B2A415C3F1450F80F57AF83212F3C7AA -- C:\Program Files\Microsoft SDKs\Windows\v7.1\Include\WinSock.h

========== Alternate Data Streams ==========

@Alternate Data Stream - 128 bytes -> C:\Windows\SysWow64\zlib.dll:SummaryInformation
@Alternate Data Stream - 128 bytes -> C:\Windows\SysWow64\zlib.dll:DocumentSummaryInformation

< End of report >


OTL Extras.

OTL Extras logfile created on: 3/16/2013 6:38:22 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\User\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 3.18 Gb Available Physical Memory | 79.56% Memory free
8.00 Gb Paging File | 7.34 Gb Available in Paging File | 91.79% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 685.54 Gb Total Space | 389.34 Gb Free Space | 56.79% Space Free | Partition Type: NTFS
Drive D: | 3.09 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive F: | 62.47 Mb Total Space | 28.83 Mb Free Space | 46.15% Space Free | Partition Type: FAT

Computer Name: MACHINE-PC | User Name: User | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02B5CDCB-2D9D-42EE-9E59-3A4E8B93C683}" = lport=10243 | protocol=6 | dir=in | app=system |
"{043311F6-0BC5-4281-ABA7-3A3FA98D5061}" = lport=58149 | protocol=6 | dir=in | name=pando media booster |
"{04725B7D-6623-4C64-9C7D-CF34C8B0A045}" = lport=56566 | protocol=17 | dir=in | name=pando media booster |
"{0CBA4C36-8572-4333-BBAE-F4C5C480EFB7}" = lport=139 | protocol=6 | dir=in | app=system |
"{0D0E64FB-02FD-472D-A8A7-8575508B62E0}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0D6F2D0F-BBEC-4D1C-A1BD-4D0BBED75639}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1AA6D374-1020-45E5-BDE1-AAA62312093B}" = rport=445 | protocol=6 | dir=out | app=system |
"{1BA7E0F8-B6CF-4AC2-A785-E1A39522CBBD}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2DAACB89-CC3D-4818-BE44-8391AB5A1733}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{2DFC6F6E-0539-40A4-9048-0D7DD63E0E47}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3B4712A4-00D3-4CB5-8B16-446503379C50}" = rport=10243 | protocol=6 | dir=out | app=system |
"{3F9B1208-76E7-4CD6-84B9-270114A706F7}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{41E4DC9E-4C59-4A91-9B9D-43D75842128B}" = lport=5900 | protocol=6 | dir=in | name=vnc5900 |
"{48A7F30C-1C61-4AF7-9A58-96D30F7E4B78}" = lport=138 | protocol=17 | dir=in | app=system |
"{4CFB0A4D-4310-4829-A02D-03F338494AD3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{55E7D7AC-4754-48A8-8832-43FB957F6BD7}" = lport=58149 | protocol=17 | dir=in | name=pando media booster |
"{579220CC-7549-42FE-AEA8-479BC9480DF0}" = rport=138 | protocol=17 | dir=out | app=system |
"{6F1134EC-F6F7-413C-AE8C-6DA4E41B9550}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7F20D037-02AE-4A4A-AEDB-3E5F0A04236B}" = lport=445 | protocol=6 | dir=in | app=system |
"{828BCE21-6A96-495C-933C-858396E872DA}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{83EB3FC4-40F7-4478-9B05-3EA4F6D00EBF}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{892C5381-CC3B-4C45-86C8-A4DFD063A6BF}" = lport=2869 | protocol=6 | dir=in | app=system |
"{98498EF1-90E8-4461-A278-D93290ACEDFA}" = lport=56566 | protocol=6 | dir=in | name=pando media booster |
"{98B71F2A-2292-4A1D-8868-3B54813ED418}" = rport=139 | protocol=6 | dir=out | app=system |
"{A26ED7B5-533B-4732-913E-EB326E944A58}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{AEA64C17-9E3E-4063-B2A5-F48BF7F91BA3}" = lport=58149 | protocol=17 | dir=in | name=pando media booster |
"{B32107A5-99B4-4EC5-BC70-5522E6986371}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B639ECBD-5432-4447-81C8-406E1960FFFE}" = lport=58149 | protocol=6 | dir=in | name=pando media booster |
"{C03EAB1B-D361-47B1-B2A3-BD17F7C417D8}" = lport=56566 | protocol=17 | dir=in | name=pando media booster |
"{C05ED4E7-5D1A-429F-838D-0338F7B144F6}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{CC7863CC-D160-429D-B5ED-871B872A8854}" = rport=137 | protocol=17 | dir=out | app=system |
"{D8B029AE-419F-49C3-8640-1E257E694E8C}" = lport=137 | protocol=17 | dir=in | app=system |
"{ECA2C02A-039E-4582-A24E-405817055923}" = lport=56566 | protocol=6 | dir=in | name=pando media booster |
"{FDC2A1D2-5D8D-4D63-9550-1711533D78C5}" = lport=5800 | protocol=6 | dir=in | name=vnc5800 |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04A87815-AD06-4198-81A4-DCDAA8EB92FE}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{07D16807-5583-4E1B-84D9-D84BC5537EF5}" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.exe |
"{083173A0-88C9-4CC3-A5A4-3494A440F4EE}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{0CD92698-2974-47E5-98F2-91FCA71429BF}" = protocol=58 | dir=in | [email protected],-28545 |
"{0CDBDBA0-438C-49F4-9788-DA696F2480F5}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{0FAFA7FF-28E5-4B74-9273-D978E56D7054}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
"{106C1D83-0825-41E0-9981-85DEC6811362}" = protocol=6 | dir=in | app=c:\program files (x86)\iolo\system mechanic professional\sysmech.exe |
"{1EA1E312-6D36-4EE0-996D-D8BAEB0E0B9A}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{20266739-653D-43E2-98A6-525548C90489}" = protocol=6 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"{20B6A5E7-AC50-43B2-A07C-33E21563C508}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"{2160F437-868C-40AE-8D99-72701D702E0E}" = protocol=17 | dir=in | app=c:\program files (x86)\atari\neverwinter nights 2\nwupdate.exe |
"{22FA1DE8-0209-4318-882B-8D745F54258F}" = protocol=17 | dir=in | app=c:\program files (x86)\atari\neverwinter nights 2\nwn2server.exe |
"{252160A1-183F-4E46-B11B-8D13279E37BF}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin64\crysis.exe |
"{299D2333-F698-4053-A785-084512E2C6A4}" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.patch.exe |
"{2A4C12DA-B73E-4451-9B10-47581E899334}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\mass effect™ 2\masseffect2launcher.exe |
"{2AA45D59-CD38-49C9-8885-A9AEF62375A3}" = protocol=6 | dir=in | app=c:\program files (x86)\atari\neverwinter nights 2\nwn2main.exe |
"{2BBD06E7-D252-4E51-A2E6-ED5F8FBE4ADA}" = protocol=17 | dir=in | app=c:\program files\ultravnc\vncviewer.exe |
"{2DF64B53-45A8-4269-91E4-9D446A3E7641}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{2EF1A9C0-5F5C-4148-AFCE-3E2A4E3948F5}" = protocol=17 | dir=in | app=c:\program files (x86)\atari\neverwinter nights 2\nwn2main_amdxp.exe |
"{33E6EFE9-AC84-4F02-85D9-E7E3F54EF83A}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
"{34E6C33D-0545-4607-9BD0-100E93EFAB8D}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
"{36093FA7-D6C0-4E49-9F11-AA7874AAB81A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3ABD143B-E2B8-46B0-8461-9BB9D40DF5A2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{43603EDD-A4EA-4BA5-B8E5-B90E1A392BBD}" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.patch.exe |
"{451F1A6B-9206-4F64-997B-B0BD2D7A366A}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\mass effect™ 2\masseffect2launcher.exe |
"{49322D9C-E892-47F6-A61C-33998ABC8D5A}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\launcher.exe |
"{4C80C075-9388-47E5-A8F8-E27F9B64EFAB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4D1E30B4-0600-434A-ADBD-90083FF480B6}" = protocol=17 | dir=in | app=c:\program files (x86)\iolo\system mechanic professional\sysmech.exe |
"{58FF6034-49CD-4E48-92BB-FB17C4BAD8CC}" = protocol=17 | dir=in | app=c:\users\user\appdata\local\apps\2.0\rmr5zrd2.rj3\lty1d7dd.lx1\curs..tion_eee711038731a406_0004.0000_efb506202a7c3b08\curseclient.exe |
"{5F2D03F4-EC8C-4622-9543-3D7CD869D3CE}" = protocol=6 | dir=in | app=c:\program files (x86)\iolo\system mechanic professional\sysmech.exe |
"{639950D3-64E2-4204-A109-0298BEF42F80}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{6549ACB8-C915-4BD6-B996-EC06F8042A00}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{67C1C51B-991A-4A77-98BB-82D6BCAC1906}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
"{6B18DADD-1945-4A11-B840-FF6602C457C1}" = protocol=17 | dir=in | app=c:\program files\flagship studios\hellgate london\launcher.exe |
"{6F21B768-F9D5-42FA-B1DE-0A898092127D}" = protocol=6 | dir=in | app=c:\program files (x86)\atari\neverwinter nights 2\nwn2main_amdxp.exe |
"{7442FB43-6DA9-4259-9346-6E9D8FF86B29}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7659DBE4-77B4-4EDA-85BF-F5281BE7B668}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"{7766F19B-E253-4275-8175-79BFA405FAD9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{79DB79FE-5F19-4BC1-8008-89163317EB9C}" = protocol=6 | dir=in | app=c:\program files\flagship studios\hellgate london\launcher.exe |
"{7FF0626E-03BA-4722-86BB-072410F05F9C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{81FD17C7-3D69-4151-87B8-FAABCB3117E1}" = protocol=58 | dir=out | [email protected],-28546 |
"{837262D5-E100-4B78-AA10-3B5A26E697EB}" = protocol=17 | dir=in | app=c:\t3fun\hellgate\hgllauncher.exe |
"{8945540E-FBBB-4B0B-90AD-1101C435519D}" = protocol=6 | dir=in | app=c:\users\user\appdata\local\apps\2.0\rmr5zrd2.rj3\lty1d7dd.lx1\curs..tion_eee711038731a406_0004.0000_efb506202a7c3b08\curseclient.exe |
"{8A72E522-F72D-40DC-BB75-BE29E4C31CAA}" = protocol=17 | dir=in | app=c:\program files (x86)\ea\bulletstorm\binaries\win32\shippingpc-stormgame.exe |
"{8AD8D779-44B7-4581-BE71-D02F759BE7AB}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin32\crysis.exe |
"{925F7C0E-C277-42F7-A1B6-9E980F28468A}" = protocol=17 | dir=in | app=c:\users\user\appdata\roaming\dropbox\bin\dropbox.exe |
"{94EF9EE7-FF6D-4395-97AD-6D9308A299F7}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{9E6C417F-B0A9-4FFB-8235-1984EB27DE89}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{A2B3008C-81DD-4E8D-8F0C-D636DFDC2ADD}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{A71D8811-4010-4984-B825-DB880DAC4640}" = protocol=6 | dir=in | app=c:\program files\ultravnc\vncviewer.exe |
"{A8207F12-A423-443B-8E58-97CD81B35836}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin32\crysisdedicatedserver.exe |
"{ACCBC04E-4EE8-41B2-B4CD-D95C3357A1EC}" = protocol=17 | dir=in | app=c:\program files (x86)\frostwire\frostwire.exe |
"{AD4D229C-087D-4A1E-802D-87BE2BA01F8C}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\launcher.exe |
"{AD837274-98DD-44D0-B69E-0D9869C4E717}" = protocol=17 | dir=in | app=c:\program files (x86)\atari\neverwinter nights 2\nwn2main.exe |
"{B4CB77A8-18A5-4376-A5ED-6C3DEF524E01}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{B7AC0266-45D2-46EE-B891-D8EDFDCC25E3}" = protocol=6 | dir=in | app=c:\users\user\appdata\roaming\dropbox\bin\dropbox.exe |
"{B7DCC743-B37B-4529-B665-B5209D6A5A70}" = protocol=17 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"{B7F49E35-A27F-4466-8541-9A0D4B6ACC11}" = protocol=1 | dir=out | [email protected],-28544 |
"{B84E3C67-E23A-49F2-A4C0-D2B7668F5CBB}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B8AF3D2B-5B64-4C97-A188-5ABCAE0BD248}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin32\crysisdedicatedserver.exe |
"{BBBD646B-6E96-44A9-8500-9DAAA5C96BA8}" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.exe |
"{C0B741AF-827A-4AA2-8A0A-84C6A1B50CE1}" = protocol=6 | dir=in | app=c:\program files (x86)\atari\neverwinter nights 2\nwupdate.exe |
"{C1B90484-A496-4B81-8012-133638233E8C}" = protocol=6 | dir=out | app=system |
"{C33C3293-6BDA-49E0-86C9-324866D2019D}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{C8E490A5-45A7-4BD9-901B-AFC6ED568B91}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C9847996-AD85-4951-A246-82F20583EB0A}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgmfapx.exe |
"{C9A713BB-310A-4C6A-BF77-DFB850A71A86}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{C9FEDF07-A168-4BF8-9184-993464C0A96C}" = dir=out | app=field |
"{CCF6DF89-B865-45CA-B3B3-F73EB794D080}" = protocol=1 | dir=in | [email protected],-28543 |
"{CE486B01-7BC1-4567-8CD6-FC21CBBAB0D2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D0918A84-C6EF-40D5-A901-5CB216A8F99C}" = protocol=17 | dir=in | app=c:\program files (x86)\iolo\system mechanic professional\sysmech.exe |
"{D21FD5BC-F8BC-42E2-948A-2DD596D794A5}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{D462E39A-1663-4692-BEA4-BDEE94456CD6}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin32\crysis.exe |
"{D4D1A818-9BC1-480C-BC28-1C00C42EDF00}" = protocol=6 | dir=in | app=c:\program files (x86)\ea\bulletstorm\binaries\win32\shippingpc-stormgame.exe |
"{D7CA5391-4C6C-4021-942E-48F52D5F8304}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{D80237A5-AAA5-44F5-B1C3-F3638D8EAB27}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2updater.exe |
"{D9C088AA-F99E-44F4-8C79-B46C8C39C93F}" = protocol=6 | dir=in | app=c:\program files (x86)\atari\neverwinter nights 2\nwn2server.exe |
"{DB0353C4-F6A6-4234-BD08-2F6D016F67D4}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\launcher.exe |
"{DB4013AB-B070-4077-B9C6-4E2785AA7D18}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\comodo\geekbuddyrsp.exe |
"{DB5760DF-9D10-4778-B8BD-678C39E9597A}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2updater.exe |
"{E15E1D9D-369A-4255-A1D7-DEC05EF1D7C8}" = protocol=17 | dir=in | app=c:\users\user\appdata\roaming\dropbox\bin\dropbox.exe |
"{E7FCE130-8F34-407A-A04B-9BB72E58C559}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E8C08952-4E96-4602-A786-134BAAE0B5C8}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{E949B56D-280C-4DA0-9B09-053B0E8BFF61}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin64\crysisdedicatedserver.exe |
"{ED4BB927-E49D-4AF7-BB01-9D3D8155FFAF}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{EF0E8C7C-E0B2-40B9-A0C8-25F48E965E36}" = protocol=6 | dir=in | app=c:\t3fun\hellgate\hgllauncher.exe |
"{EFC8BF9D-7D80-46C0-9425-4963101F20D7}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{F0C59D0F-DB7C-409A-9949-53B630787A8A}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin64\crysisdedicatedserver.exe |
"{F16E42AD-B82B-485F-9592-42CE082127C8}" = dir=out | app=%systemroot%\explorer.exe |
"{F1A65AC1-CDBD-4C9C-88DC-E0857B4B9D2D}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\launcher.exe |
"{F22E22E3-B9F5-46F1-8417-C5A57E956351}" = protocol=6 | dir=in | app=c:\program files (x86)\frostwire\frostwire.exe |
"{F2D1C6B7-FE1D-4D37-98AA-3B12EA2C50DF}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgmfapx.exe |
"{F58EFB07-D12C-46A8-ABC3-193D967F3EEA}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F9A934CA-BF76-4A3B-B08D-883688441E4E}" = protocol=6 | dir=in | app=c:\users\user\appdata\roaming\dropbox\bin\dropbox.exe |
"{FBB3C7D3-24C6-4727-AA8C-0B36C72EE18C}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin64\crysis.exe |
"{FC054828-18F0-4DD6-8A46-B822055193C2}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{FD00D482-D6AA-4899-8588-AA5F7BD82850}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\comodo\geekbuddyrsp.exe |
"TCP Query User{0C5C7CDB-0802-4355-9878-F014DDD71242}C:\program files (x86)\electronic arts\medal of honor\binaries\moh.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\medal of honor\binaries\moh.exe |
"TCP Query User{23CFD2FB-6ABB-45CD-BA0C-5AF273A43129}C:\program files (x86)\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\backgrounddownloader.exe |
"TCP Query User{2A4B951E-F816-4E82-A847-302C74316763}C:\program files (x86)\electronic arts\battlefield bad company™ 2\bfbc2game.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company™ 2\bfbc2game.exe |
"TCP Query User{47C4E511-10BE-491B-86B8-3D60DEC94F1E}C:\program files (x86)\ea games\battlefield 2\bf2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ea games\battlefield 2\bf2.exe |
"TCP Query User{4882E086-C106-4DF0-A021-62D32A6D7BF3}C:\program files (x86)\dead space 2\deadspace2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\dead space 2\deadspace2.exe |
"TCP Query User{8C59A72C-2FCD-4E0D-865E-2F8A9F57A650}C:\users\user\desktop\starcraft_2_na_en-us.exe" = protocol=6 | dir=in | app=c:\users\user\desktop\starcraft_2_na_en-us.exe |
"TCP Query User{A87BCD57-E235-4ADE-9BC5-5147889E9DA0}C:\program files (x86)\limewire plus+\limewire.exe" = protocol=6 | dir=in | app=c:\program files (x86)\limewire plus+\limewire.exe |
"TCP Query User{BA5D7F59-0826-429B-8724-B92CE8D35F6E}C:\program files (x86)\gamespy arcade\aphex.exe" = protocol=6 | dir=in | app=c:\program files (x86)\gamespy arcade\aphex.exe |
"TCP Query User{DEA8640A-4632-415C-8C49-8606F970D79E}C:\program files (x86)\electronic arts\medal of honor\mp\mohmpgame.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\medal of honor\mp\mohmpgame.exe |
"TCP Query User{E64103F0-C125-4795-824E-1E54B7D57E92}C:\program files (x86)\ea games\dead space 2\deadspace2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ea games\dead space 2\deadspace2.exe |
"TCP Query User{EB37E12F-2739-4143-B668-85571502F31D}C:\program files (x86)\ea games\battlefield 2\bf2_w32ded.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ea games\battlefield 2\bf2_w32ded.exe |
"UDP Query User{0F6526FC-9AAA-41B5-B4A0-26BA28E1AAF0}C:\program files (x86)\dead space 2\deadspace2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\dead space 2\deadspace2.exe |
"UDP Query User{2A28912A-5BAC-44BB-848E-B8BDA6C19925}C:\program files (x86)\limewire plus+\limewire.exe" = protocol=17 | dir=in | app=c:\program files (x86)\limewire plus+\limewire.exe |
"UDP Query User{560CCCEA-2167-40AF-B3A0-FC6107184E1C}C:\program files (x86)\ea games\battlefield 2\bf2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ea games\battlefield 2\bf2.exe |
"UDP Query User{5D98988B-7921-48F4-9186-AA5A3C032E0E}C:\program files (x86)\electronic arts\medal of honor\mp\mohmpgame.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\medal of honor\mp\mohmpgame.exe |
"UDP Query User{6651C91D-E894-43C3-B156-1405C4561222}C:\program files (x86)\electronic arts\medal of honor\binaries\moh.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\medal of honor\binaries\moh.exe |
"UDP Query User{666E64F8-33AC-4C95-8B0D-1CBF5E2F4C65}C:\program files (x86)\ea games\battlefield 2\bf2_w32ded.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ea games\battlefield 2\bf2_w32ded.exe |
"UDP Query User{788C6D2A-D4A8-4FBB-9875-CCB4A6850B1E}C:\program files (x86)\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\backgrounddownloader.exe |
"UDP Query User{8E331774-8C59-4789-AE17-C7240DAAB339}C:\program files (x86)\electronic arts\battlefield bad company™ 2\bfbc2game.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company™ 2\bfbc2game.exe |
"UDP Query User{AFA9D525-EB72-46A4-A6B8-96C110DF8D27}C:\users\user\desktop\starcraft_2_na_en-us.exe" = protocol=17 | dir=in | app=c:\users\user\desktop\starcraft_2_na_en-us.exe |
"UDP Query User{BB101A11-3C74-41F0-B6B4-C8737DC2380F}C:\program files (x86)\gamespy arcade\aphex.exe" = protocol=17 | dir=in | app=c:\program files (x86)\gamespy arcade\aphex.exe |
"UDP Query User{BCAF9AD9-D3FB-4B3E-A215-72E575B0F48E}C:\program files (x86)\ea games\dead space 2\deadspace2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ea games\dead space 2\deadspace2.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03AC245F-4C64-425C-89CF-7783C1D3AB2C}" = Microsoft Sync Framework 2.0 Provider Services (x64) ENU
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{07EEE598-5F21-4B57-B40B-46592625B3D9}" = Zune Language Pack (PTB)
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{1111706F-666A-4037-7777-203648764D10}" = JavaFX 2.0.3 (64-bit)
"{119B2F5A-2A06-DB96-FF28-992EC2A10BDF}" = AMD Accelerated Video Transcoding
"{183C740A-0406-380F-A235-2EC2F8A28D13}" = Microsoft Windows SDK MSHelp (30514)
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{2222706F-666A-4037-7777-203648764D10}" = JavaFX 2.0.3 SDK (64-bit)
"{26A24AE4-039D-4CA4-87B4-2F86417003FF}" = Java™ 7 Update 3 (64-bit)
"{2A9DFFD8-4E09-4B91-B957-454805B0D7C4}" = Zune Language Pack (CHS)
"{2D290715-B0FC-3898-9247-62F803A585DF}" = Microsoft Windows SDK for Windows 7 Redistributable Components for Common Tools (30514)
"{3156336D-8E44-3671-A6FE-AE51D3D6564E}" = Microsoft Windows SDK for Windows 7 (7.1)
"{3589A659-F732-4E65-A89A-5438C332E59D}" = Zune Language Pack (ELL)
"{48A7B11D-C3E1-3BEE-AF6C-8976F6E705A6}" = Microsoft Windows SDK for Windows 7 Redistributable Components for Application Verifier (30514)
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{51C839E1-2BE4-4E77-A1BA-CCEA5DAFA741}" = Zune Language Pack (KOR)
"{57C51D56-B287-4C11-9192-EC3C46EF76A4}" = Zune Language Pack (RUS)
"{5C93E291-A1CC-4E51-85C6-E194209FCDB4}" = Zune Language Pack (PTG)
"{5DEFD397-4012-46C3-B6DA-E8013E660772}" = Zune Language Pack (NOR)
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{64A3A4F4-B792-11D6-A78A-00B0D0170030}" = Java™ SE Development Kit 7 Update 3 (64-bit)
"{67048E0C-29A5-534C-FF67-83C4BF948D48}" = AMD Drag and Drop Transcoding
"{6740BCB0-5863-47F4-80F4-44F394DE4FE2}" = Zune Language Pack (NLD)
"{68570626-1BF6-310B-AF69-6CD686C04AEA}" = Microsoft Windows SDK Net Fx Interop Headers And Libraries (30514)
"{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}" = Apple Mobile Device Support
"{6B33492E-FBBC-4EC3-8738-09E16E395A10}" = Zune Language Pack (ESP)
"{6C2E334F-37F5-C312-53BA-1482F9A6FD4D}" = ccc-utility64
"{6C8D7973-31F9-32E1-A820-8DD857910323}" = Microsoft Windows SDK for Windows 7 Utilities for Win32 Development (30514)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6EB931CD-A7DA-4A44-B74A-89C8EB50086F}" = Zune Language Pack (SVE)
"{7492BCA7-9F62-4265-A727-DC26A9E3DF10}" = Oracle VM VirtualBox 4.1.12
"{76BA306B-2AA0-47C0-AB6B-F313AB56C136}" = Zune Language Pack (MSL)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}" = iTunes
"{84452C2C-BDCC-36F3-A189-CE15F02A47FB}" = Microsoft Windows SDK for Windows 7 Headers and Libraries (30514)
"{84E30D73-E30F-3A02-BAA0-5353C04DD18A}" = Microsoft Windows SDK Intellisense and Reference Assemblies (30514)
"{88387B3B-B110-392F-B919-1A15B48F21D4}" = Microsoft Visual C++ Compilers 2010 Standard - enu - x64
"{88DAAF05-5A72-46D2-A7C5-C3759697E943}" = SyncToy 2.1 (x64)
"{89026002-A893-42D9-9E20-6829B844735E}" = Application Verifier (x64)
"{8960A0A1-BB5A-479E-92CF-65AB9D684B43}" = Zune Language Pack (PLK)
"{8B112338-2B08-4851-AF84-E7CAD74CEB32}" = Zune Language Pack (DAN)
"{8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A}" = Microsoft Sync Framework 2.0 Core Components (x64) ENU
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{92ECE3F9-591E-4C12-8A62-B9FCE38BF646}" = Zune Language Pack (IND)
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{951E6223-AC28-345E-BCF4-B55C1267E321}" = Microsoft Windows SDK for Windows 7 Samples (30514)
"{9B75648B-6C30-4A0D-9DE6-0D09D20AF5A5}" = Zune
"{A0B0F02C-410B-3DE3-9740-EC4C3D902532}" = Microsoft Windows SDK for Windows 7 Common Utilities (30514)
"{A2B4455D-1046-4732-BFBC-0821BEFC07BC}" = Hellgate: London
"{A2C55034-8DAF-3755-BA85-CC321707FE99}" = Microsoft Windows SDK for Visual Studio .NET 4.0 Framework Tools
"{A5A53EA8-A11E-49F0-BDF5-AE536426A31A}" = Zune Language Pack (CHT)
"{A8F2E50B-86E2-4D96-9BD2-9758BCC6F9B3}" = Zune Language Pack (CSY)
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B4870774-5F3A-46D9-9DFE-06FB5599E26B}" = Zune Language Pack (FIN)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{B7D0C3BC-CB39-3CA1-9295-A23A93994893}" = Microsoft Windows SDK for Windows 7 Redistributable Components for Windows Debugging Tools (30514)
"{BE236D9A-52EC-4A17-82DA-84B5EAD31E3E}" = Zune Language Pack (DEU)
"{C5D37FFA-7483-410B-982B-91E93FD3B7DA}" = Zune Language Pack (ITA)
"{C68D33B1-0204-4EBE-BC45-A6E432B1D13A}" = Zune Language Pack (FRA)
"{C6BE19C6-B102-4038-B2A6-1C313872DBB4}" = Zune Language Pack (HUN)
"{D4A6E342-907C-4CEF-96CC-FC2F4990DC9C}" = AVSDK5
"{D87047B9-BBC5-9941-00B4-719B9E56CACC}" = ATI AVIVO64 Codecs
"{D8A781C9-3892-4E2E-9320-480CF896CFBB}" = Zune Language Pack (JPN)
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{E6F5D8BE-0B00-6DD9-18F9-D4045798FCBE}" = AMD Media Foundation Decoders
"{E7F9E526-2324-437B-A609-E8C5309465CB}" = Microsoft Windows Performance Toolkit
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F1C4B89A-8BF0-3D7C-8095-BAE412FBEA3F}" = Microsoft Windows SDK .NET Framework Tools (30514)
"{F2CB8C3C-9C9E-4FAB-9067-655601C5F748}" = Windows Mobile Device Updater Component
"{F3F18612-7B5D-4C05-86C9-AB50F6F71727}" = KhalInstallWrapper
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}" = Microsoft Help Viewer 1.0
"CCleaner" = CCleaner
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.58
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"nbi-nb-base-7.0.1.0.0" = NetBeans IDE 7.0.1
"SDKSetup_7.1.7600.0.30514" = Microsoft Windows SDK for Windows 7 (7.1)
"Ultravnc2_is1" = UltraVnc
"Zune" = Zune

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{000E79B7-E725-4F01-870A-C12942B7F8E4}" = Crysis®
"{01496C89-6117-AD97-3CB3-98AF2026070C}" = CCC Help German
"{0214578F-4888-43FB-9E34-C14FCFDEDDEB}" = Razer Nostromo
"{0486991B-63F4-5106-06CE-404D7BA55041}" = CCC Help Italian
"{09B9A2C2-FB96-BA16-60E3-23B7B12A69BE}" = Application Profiles
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{177A3BC5-ECD3-BFF1-4D87-C4B417924DF2}" = CCC Help Russian
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19D368B2-5601-007B-A296-535706E00D97}" = CCC Help English
"{1D10C273-3F95-42A2-8371-AB6B1F59821B}" = WOT for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F77C418-2C90-459C-BD33-B56A4182B9FA}" = System Requirements Lab CYRI
"{23FBECC1-FA31-472A-83FB-27520B81EC3A}_is1" = TheMatrix Screen Saver version 1.14
"{278FA289-F502-D888-A3BA-5FA10308AAAD}" = CCC Help Danish
"{2A9A40C7-6670-4D5F-8F41-D12E2E08B48B}" = Star Wars®: Knights of the Old Republic ™
"{2D37F6AE-D201-4580-B91A-6BF9BB93ED2D}" = The Sims™ 2 Double Deluxe
"{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{370187B9-6964-38D0-851F-6C4898B0C2B1}" = Microsoft Visual C++ Compilers 2010 Standard - enu - x86
"{3B11D799-48E0-48ED-BFD7-EA655676D8BB}" = Star Wars: The Old Republic
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{44F77218-4BBD-1B74-88B7-FC302868F2B3}" = CCC Help Japanese
"{45410935-3E72-472B-8C35-AB1000008200}" = Bulletstorm
"{45410935-B52C-468A-A836-0D1000018201}" = BulletStorm
"{489BC3B4-AEF9-E14A-11BC-B70FDE9D543D}" = CCC Help Chinese Traditional
"{49C5BD36-F5B9-4E6A-9DC1-04818B9D55E3}" = Razer Nostromo Firmware Updater
"{4A85AE1B-9727-261D-9EAF-07C1AECCF977}" = CCC Help Turkish
"{502699FF-F586-54B1-91E8-E85D9FAE0D6D}" = CCC Help Greek
"{53EF1C4D-0705-98F2-1889-A69BBF9F03F3}" = CCC Help Thai
"{548A4EF3-BD97-0813-B469-E1E2FC9DE487}" = CCC Help Korean
"{55533224-CAD0-39B5-6297-E1B2D1D8F176}" = Catalyst Control Center
"{55DBE324-BA6A-4AE2-BC68-B406915C2C0B}" = Overwolf
"{590828E0-9BA6-3E4D-8491-A1D9CC3EB8CE}" = CCC Help French
"{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}" = GameSpy Comrade
"{6033673D-2530-4587-8AD0-EB059FC263F9}" = Crysis® 2
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{629F65FB-7F3C-4D66-A1C0-20722744B7B6}" = Star Wars® Knights of the Old Republic® II: The Sith Lords™
"{634F79E1-2A41-4C40-9E8D-89EC740AC9D6}" = Logitech Harmony Remote Software
"{65589581-920C-CAE1-58C2-2149D3AA3F39}" = HydraVision
"{6563FAF5-84F9-0A35-C032-182EBC4C3BDB}" = CCC Help Finnish
"{65DF3688-6EF3-4C86-83DE-54AB46029F07}" = Hellgate
"{6D46F639-5F2F-90F3-4B60-EB2EF264B82E}" = CCC Help Spanish
"{70210CF8-CAB1-8FEB-D964-C33AFE18730B}" = CCC Help Czech
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7353BAE6-5E49-46C4-A9B5-8A269A313789}" = Crysis WARHEAD®
"{75D84EF7-0D8C-4E70-B3FA-7B42A5D4E0EB}" = Mass Effect 2
"{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7BE49DA7-EDA4-4C63-AA06-DCDF6858C3F3}" = Razer Mamba
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B1AEC85-4507-28BD-F3BA-4A5D732752E7}" = CCC Help Hungarian
"{8C5ACED4-34D3-23BB-F90E-2F90420321BC}" = Catalyst Control Center Localization All
"{912193FD-A397-41F7-ABEA-D1AF442ABF89}" = DUNGEONS
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{98613C99-1399-416C-A07C-1EE1C585D872}" = SeaTools for Windows
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9E1BAB75-EB78-440D-94C0-A3857BE2E733}" = System Requirements Lab
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4)
"{AC76BA86-7AD7-5760-0000-A00000000003}" = Japanese Fonts Support For Adobe Reader X
"{B0B1A8A5-4711-BB6C-DD59-9794AD928368}" = CCC Help Dutch
"{B33D2348-2938-1A03-0CD3-E6F7101244E0}" = CCC Help Polish
"{B4E343DD-BAAB-4D59-AD9C-DEA0AFE09DF1}" = Mumble 1.2.3
"{B7C8D838-9C3A-1177-B80A-E3C512FD8AF5}" = CCC Help Swedish
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CEDE5F97-31F5-4689-86B0-20C69EC5386F}" = iSpy
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D08A5DFE-F0C2-74FC-DD56-A3B371E9344D}" = EA Shared Game Component: Activation
"{DDCB737A-EEC8-3815-42DA-69011A55E3E5}" = Catalyst Control Center Graphics Previews Common
"{E170E984-6B20-79C2-1E9F-0256EC5ADFB4}" = CCC Help Chinese Standard
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4197D6B-F046-33E7-ABDE-51FF373FDC76}" = Windows SDK IntellisenseNFX
"{E866E52C-1F56-4CCF-0071-CA915F8CFEDA}" = CCC Help Norwegian
"{EF036F44-A287-BC23-3F6E-AAE6FDEF47EF}" = Catalyst Control Center InstallProxy
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}" = The Witcher Enhanced Edition
"{F20C1251-1D0A-4944-B2AE-678581B33B19}" = Neverwinter Nights 2
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F5D245CC-C332-1E8E-CCB1-75E0C3C4D6F1}" = CCC Help Portuguese
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Android SDK Tools" = Android SDK Tools
"AnyDVD" = AnyDVD
"AVIcodec" = AVIcodec (remove only)
"BitTorrent" = BitTorrent
"Blueline_is1" = Blueline 1.1.1
"CloneCD" = CloneCD
"CloneDVD2" = CloneDVD2
"CloneDVDmobile" = CloneDVDmobile
"com.ea.Activation.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Shared Game Component: Activation
"Comodo Dragon" = Comodo Dragon
"Crysis WARHEAD®" = Crysis WARHEAD®
"Diablo III" = Diablo III
"ffdshow_is1" = ffdshow [rev 2527] [2008-12-19]
"FileZilla Client" = FileZilla Client 3.5.3
"Game Booster_is1" = Game Booster 3
"GFWL_{45410935-3E72-472B-8C35-AB1000008200}" = Bulletstorm
"Guild Wars" = Guild Wars
"Guild Wars 2" = Guild Wars 2
"HashCalc_is1" = HashCalc 2.02
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.1.1000
"Mozilla Firefox 15.0 (x86 en-US)" = Mozilla Firefox 15.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NoIPDUC" = No-IP DUC
"Origin" = Origin
"PowerISO" = PowerISO
"PunkBusterSvc" = PunkBuster Services
"Raptr" = Raptr
"Revo Uninstaller" = Revo Uninstaller 1.92
"SpeedFan" = SpeedFan (remove only)
"SpellForce - Platinum Edition_is1" = SpellForce - Platinum Edition
"Star Trek Online" = Star Trek Online
"StarCraft II" = StarCraft II
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"VLC media player" = VLC media player 2.0.1
"VLC Setup Helper_is1" = VLC Setup Helper
"WinISD Pro [alpha]" = WinISD Pro [alpha]
"World of Warcraft" = World of Warcraft
"Xfire" = Xfire (remove only)

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"101a9f93b8f0bb6f" = Curse Client
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"Mozilla Firefox 16.0.1 (x86 en-US)" = Mozilla Firefox 16.0.1 (x86 en-US)
"SOE-DC Universe Online Live" = DC Universe Online Live

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 9/30/2012 5:56:08 PM | Computer Name = Machine-PC | Source = Application Hang | ID = 1002
Description = The program Gw2.exe version 1.0.0.1 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Action Center control panel. Process ID: 22e10 Start Time:
01cd9f564b973140 Termination Time: 63 Application Path: C:\Program Files (x86)\Guild
Wars 2\Gw2.exe Report Id: a21bcfd1-0b49-11e2-98d3-002511649d1c

Error - 10/6/2012 8:25:50 AM | Computer Name = Machine-PC | Source = Application Error | ID = 1000
Description = Faulting application name: firefox.exe, version: 15.0.1.4631, time
stamp: 0x5047f9c5 Faulting module name: xul.dll, version: 15.0.1.4631, time stamp:
0x5047f93b Exception code: 0xc0000005 Fault offset: 0x0010e567 Faulting process id:
0xec4 Faulting application start time: 0x01cda38ca0816560 Faulting application path:
C:\Program Files (x86)\Mozilla Firefox\firefox.exe Faulting module path: C:\Program
Files (x86)\Mozilla Firefox\xul.dll Report Id: f6669f3c-0fb0-11e2-8660-002511649d1c

Error - 10/13/2012 9:14:32 PM | Computer Name = Machine-PC | Source = Application Hang | ID = 1002
Description = The program psi.exe version 2.0.0.3003 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Action Center control panel. Process ID: 4b4 Start Time:
01cda9a89214d8a0 Termination Time: 0 Application Path: C:\Program Files (x86)\Secunia\PSI\psi.exe

Report
Id: 44cb45b1-159c-11e2-89b5-002511649d1c

Error - 10/24/2012 5:01:34 PM | Computer Name = Machine-PC | Source = Microsoft-Windows-CAPI2 | ID = 512
Description = The Cryptographic Services service failed to initialize the VSS backup
"System Writer" object. Details: System Writer object failed to initialize VSS. System
Error: Incorrect function. .

Error - 10/24/2012 6:35:10 PM | Computer Name = Machine-PC | Source = Microsoft-Windows-CAPI2 | ID = 512
Description = The Cryptographic Services service failed to initialize the VSS backup
"System Writer" object. Details: System Writer object failed to initialize VSS. System
Error: Incorrect function. .

Error - 10/25/2012 12:21:46 AM | Computer Name = Machine-PC | Source = Microsoft-Windows-CAPI2 | ID = 512
Description = The Cryptographic Services service failed to initialize the VSS backup
"System Writer" object. Details: System Writer object failed to initialize VSS. System
Error: Incorrect function. .

Error - 2/27/2013 6:24:46 PM | Computer Name = Machine-PC | Source = Microsoft-Windows-CAPI2 | ID = 512
Description = The Cryptographic Services service failed to initialize the VSS backup
"System Writer" object. Details: Could not query the status of the EventSystem service.

System
Error: A system shutdown is in progress. .

Error - 2/27/2013 7:06:10 PM | Computer Name = Machine-PC | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 9.0.8112.16450,
time stamp: 0x503723f6 Faulting module name: MSHTML.dll, version: 9.0.8112.16450,
time stamp: 0x50372c8a Exception code: 0xc0000005 Fault offset: 0x003a16cd Faulting
process id: 0xc18 Faulting application start time: 0x01ce153ef6f414f0 Faulting application
path: C:\Program Files (x86)\Internet Explorer\iexplore.exe Faulting module path:
C:\Windows\system32\MSHTML.dll Report Id: 46055a40-8132-11e2-a42d-002511649d1c

Error - 2/27/2013 7:06:27 PM | Computer Name = Machine-PC | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 9.0.8112.16450,
time stamp: 0x503723f6 Faulting module name: MSHTML.dll, version: 9.0.8112.16450,
time stamp: 0x50372c8a Exception code: 0xc0000005 Fault offset: 0x003a16cd Faulting
process id: 0x1d0 Faulting application start time: 0x01ce153f0fb07ab0 Faulting application
path: C:\Program Files (x86)\Internet Explorer\iexplore.exe Faulting module path:
C:\Windows\system32\MSHTML.dll Report Id: 502a6600-8132-11e2-a42d-002511649d1c

Error - 2/27/2013 7:06:50 PM | Computer Name = Machine-PC | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 9.0.8112.16450,
time stamp: 0x503723f6 Faulting module name: MSHTML.dll, version: 9.0.8112.16450,
time stamp: 0x50372c8a Exception code: 0xc0000005 Fault offset: 0x003a16cd Faulting
process id: 0xc24 Faulting application start time: 0x01ce153f15638650 Faulting application
path: C:\Program Files (x86)\Internet Explorer\iexplore.exe Faulting module path:
C:\Windows\system32\MSHTML.dll Report Id: 5cb79820-8132-11e2-a42d-002511649d1c

Error - 2/27/2013 7:06:56 PM | Computer Name = Machine-PC | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 9.0.8112.16450,
time stamp: 0x503723f6 Faulting module name: MSHTML.dll, version: 9.0.8112.16450,
time stamp: 0x50372c8a Exception code: 0xc0000005 Fault offset: 0x003a16cd Faulting
process id: 0xda4 Faulting application start time: 0x01ce153f21b86a60 Faulting application
path: C:\Program Files (x86)\Internet Explorer\iexplore.exe Faulting module path:
C:\Windows\system32\MSHTML.dll Report Id: 60f764b0-8132-11e2-a42d-002511649d1c

[ iolo Applications Events ]
Error - 6/13/2012 2:22:57 PM | Computer Name = Machine-PC | Source = System Shield | ID = 11
Description =

Error - 10/24/2012 5:03:12 PM | Computer Name = Machine-PC | Source = System Shield | ID = 12
Description =

Error - 10/24/2012 6:35:12 PM | Computer Name = Machine-PC | Source = System Shield | ID = 12
Description =

Error - 10/25/2012 12:21:49 AM | Computer Name = Machine-PC | Source = System Shield | ID = 12
Description =

Error - 10/25/2012 12:29:14 AM | Computer Name = Machine-PC | Source = System Shield | ID = 12
Description =

[ Media Center Events ]
Error - 1/29/2011 7:57:08 PM | Computer Name = User-PC | Source = MCUpdate | ID = 0
Description = 5:57:08 PM - Error connecting to the internet. 5:57:08 PM - Unable
to contact server..

Error - 1/29/2011 7:57:14 PM | Computer Name = User-PC | Source = MCUpdate | ID = 0
Description = 5:57:13 PM - Error connecting to the internet. 5:57:13 PM - Unable
to contact server..

Error - 1/30/2011 4:09:32 AM | Computer Name = User-PC | Source = MCUpdate | ID = 0
Description = 2:09:32 AM - Error connecting to the internet. 2:09:32 AM - Unable
to contact server..

Error - 1/30/2011 4:09:38 AM | Computer Name = User-PC | Source = MCUpdate | ID = 0
Description = 2:09:38 AM - Error connecting to the internet. 2:09:38 AM - Unable
to contact server..

Error - 1/30/2011 4:13:26 PM | Computer Name = User-PC | Source = MCUpdate | ID = 0
Description = 2:13:26 PM - Error connecting to the internet. 2:13:26 PM - Unable
to contact server..

Error - 1/30/2011 4:13:32 PM | Computer Name = User-PC | Source = MCUpdate | ID = 0
Description = 2:13:32 PM - Error connecting to the internet. 2:13:32 PM - Unable
to contact server..

Error - 1/31/2011 4:12:21 AM | Computer Name = User-PC | Source = MCUpdate | ID = 0
Description = 2:12:21 AM - Error connecting to the internet. 2:12:21 AM - Unable
to contact server..

Error - 1/31/2011 4:12:27 AM | Computer Name = User-PC | Source = MCUpdate | ID = 0
Description = 2:12:27 AM - Error connecting to the internet. 2:12:27 AM - Unable
to contact server..

Error - 1/31/2011 4:15:09 PM | Computer Name = User-PC | Source = MCUpdate | ID = 0
Description = 2:15:08 PM - Error connecting to the internet. 2:15:08 PM - Unable
to contact server..

Error - 1/31/2011 4:15:14 PM | Computer Name = User-PC | Source = MCUpdate | ID = 0
Description = 2:15:14 PM - Error connecting to the internet. 2:15:14 PM - Unable
to contact server..

[ System Events ]
Error - 3/10/2013 7:43:12 PM | Computer Name = Machine-PC | Source = DCOM | ID = 10005
Description =

Error - 3/11/2013 7:43:14 PM | Computer Name = Machine-PC | Source = DCOM | ID = 10005
Description =

Error - 3/12/2013 7:43:15 PM | Computer Name = Machine-PC | Source = DCOM | ID = 10005
Description =

Error - 3/13/2013 7:43:17 PM | Computer Name = Machine-PC | Source = DCOM | ID = 10005
Description =

Error - 3/14/2013 7:43:19 PM | Computer Name = Machine-PC | Source = DCOM | ID = 10005
Description =

Error - 3/15/2013 7:43:20 PM | Computer Name = Machine-PC | Source = DCOM | ID = 10005
Description =

Error - 3/16/2013 7:36:47 PM | Computer Name = Machine-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR2.

Error - 3/16/2013 7:36:47 PM | Computer Name = Machine-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR2.

Error - 3/16/2013 7:36:48 PM | Computer Name = Machine-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR2.

Error - 3/16/2013 7:43:22 PM | Computer Name = Machine-PC | Source = DCOM | ID = 10005
Description =


< End of report >


Rogue Killer log

RogueKiller V8.5.3 [Mar 16 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo...13-roguekiller/
Website : http://tigzy.geeksto...roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Safe mode
User : User [Admin rights]
Mode : Scan -- Date : 03/16/2013 18:49:18
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 9 ¤¤¤
[HJPOL] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND
[HJPOL] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND
[HJPOL] HKLM\[...]\System : DisableTaskMgr (0) -> FOUND
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
[HJPOL] HKLM\[...]\Wow6432Node\System : DisableTaskMgr (0) -> FOUND
[HJPOL] HKLM\[...]\Wow6432Node\System : DisableRegistryTools (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[SCREENSV][SUSP PATH] HKCU\[...]\Desktop (C:\Windows\TheMatrix.scr) [-] -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST3750528AS ATA Device +++++
--- User ---
[MBR] ca9f07da9ccdeb7d2e26ea031a0e4322
[BSP] 9fb27e9bfa67abcf9247bb6f67e180c9 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 13312 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 27265024 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 27469824 | Size: 701990 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: OPTI3 Flash Disk USB Device +++++
--- User ---
[MBR] b9171ec7fd52b230d53ea96cb8bd513c
[BSP] cb886938434bac187830720cbbb1c39b : Empty MBR Code
Partition table:
0 - [ACTIVE] FAT16 (0x06) [VISIBLE] Offset (sectors): 32 | Size: 62 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Finished : << RKreport[1]_S_03162013_02d1849.txt >>
RKreport[1]_S_03162013_02d1849.txt



ADW log

# AdwCleaner v2.114 - Logfile created 03/16/2013 at 18:52:38
# Updated 05/03/2013 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)
# User : User - MACHINE-PC
# Boot Mode : Safe mode
# Running from : C:\Users\User\Desktop\AdwCleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

Folder Found : C:\Program Files (x86)\vShare

***** [Registry] *****

Key Found : HKCU\Software\AppDataLow\Software\NetNucleous
Key Found : HKCU\Software\AppDataLow\Software\Toolbar
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKCU\Software\Zugo
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKU\S-1-5-21-2925201978-3475927693-2139486491-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16450

[OK] Registry is clean.

-\\ Mozilla Firefox v15.0 (en-US)

-\\ Google Chrome v22.0.1229.94

*************************

AdwCleaner[R1].txt - [1694 octets] - [16/03/2013 18:52:38]

########## EOF - C:\AdwCleaner[R1].txt - [1754 octets] ##########


Security Check log

Results of screen317's Security Check version 0.99.61
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Security Center service is not running! This report may not be accurate!
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
iSpy
Malwarebytes Anti-Malware version 1.60.1.1000
Adobe Flash Player 11.4.402.287 Flash Player out of Date!
Mozilla Firefox (15.0)
Google Chrome 21.0.1180.83
Google Chrome 21.0.1180.89
Google Chrome 22.0.1229.79
Google Chrome 22.0.1229.92
Google Chrome 22.0.1229.94
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````


Hopefully I didn't forget anything.


  • 0

#4
Crowbar

Crowbar

    Teacher

  • GeekU Moderator
  • 4,130 posts
Hello,
I have a few questions, then some steps to follow.

I see that you have run combofix in the past, was this done recently? If so, please post the log file.
The iSpy program that I see installed, is that for controlling security cameras?

I notice that you have one or more P2P (Peer to Peer) file sharing programs installed on your computer.
  • bittorrent
  • frostwire
This is a very easy way to get infected, as many of the files that can be downloaded with these P2P programs are infected with all sorts of malware.
You put your system at a very big risk by downloading these files, and that is why we recommend
that you remove these programs from your computer.
Please visit the following site:
P2P File Sharing: Evaluate the Risks
If you do not want to remove them, please DO NOT use them while we are cleaning your machine.

If you need any help removing them I will be glad to assist you.

I see that you have iobit game booster installed, I don't know much about this program, but I do know that iobit is a rathery sketchy company that puts out a very questionable security program.

I see that you have ccleaner installed, while this might be a decent temp file remover, I don't recommend using the registry cleaner part at all. The registry of your computer should never be cleaned, or optimized. At best nothing will happen, no speed benefits, and at worst you can break Windows to the point of it never booting again.


Step 1
We need to do an OTL fix:

Note: If you have Malwarebytes 1.6 or higher installed please disable it for the duration of this fix as it may interfere with the successfully execution of the script below. If it still hangs then please uninstall MalwareBytes' and run this fix again.
Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :commands
    [createrestorepoint]
    :OTL
    IE - HKLM\..\SearchScopes\{00B6F611-DA87-419E-AD49-88ABB77F1E7C}: "URL" = http://www.tangosear...Terms}&a=SEARCH
    IE - HKLM\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = http://search.condui...&ctid=CT2418376
    IE - HKCU\..\SearchScopes\{00B6F611-DA87-419E-AD49-88ABB77F1E7C}: "URL" = http://www.tangosear...Terms}&a=SEARCH
    IE - HKCU\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = http://search.condui...&ctid=CT2418376
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O34 - HKLM BootExecute: (耀)
    :commands
    [emptytemp]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Post the log it produces in your next reply.

Step 2
Download AdwCleaner from here to your desktop
Run AdwCleaner and select Delete

Posted Image

Once done it will ask to reboot, allow this
On reboot a log will be produced at C:\ADWCleaner[XX].txt please attach that

Step 3
I would like the following run in normal mode, but if you can't, safe mode will do.

Download the latest version of TDSSKiller from here and save it to your Desktop.

  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

Posted Image

  • Put a checkmark beside loaded modules.

Posted Image

  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
Posted Image

  • Click the Start Scan button.
Posted Image
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
Posted Image
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
Posted Image
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Step 4
I would also like this run in normal mode, and if you can't, I will take it in safe mode.
Download OTL to your Desktop

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Select All Users
  • Under the Custom Scan box paste this in

drives


  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Post both logs in your next response

In your next reply I would like to see:
  • OTL fix log - shown right after the fix is run.
  • ADWCleaner log file
  • TDSSkiller log file
  • fresh OTL custom scan
  • answers to questions
  • How is the computer running now?

  • 1

#5
DrkMachine

DrkMachine

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 126 posts
I have run combofix, but that was a year ago or better.

The iSpy is for a security Camera yes.

I have used torrent apps in the past for certain file transactions I knew to be clean.

I only use gamebooster from iobit.

CCleaner is only used for my temp files.

Logs,

OTL (1)

All processes killed
========== COMMANDS ==========
Unable to start System Restore Service. Error code 1084
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{00B6F611-DA87-419E-AD49-88ABB77F1E7C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00B6F611-DA87-419E-AD49-88ABB77F1E7C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{00B6F611-DA87-419E-AD49-88ABB77F1E7C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00B6F611-DA87-419E-AD49-88ABB77F1E7C}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session manager\\BootExecute:耀 deleted successfully.
File not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56468 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

User: User
->Temp folder emptied: 227581297 bytes
->Temporary Internet Files folder emptied: 305438611 bytes
->Java cache emptied: 315378 bytes
->FireFox cache emptied: 70894916 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 169465 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 100092536 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 42574788 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 299340 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 666 bytes
RecycleBin emptied: 7072616 bytes

Total Files Cleaned = 720.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 03172013_095248

Files\Folders moved on Reboot...
C:\Users\User\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...


ADW log

# AdwCleaner v2.114 - Logfile created 03/17/2013 at 09:59:09
# Updated 05/03/2013 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)
# User : User - MACHINE-PC
# Boot Mode : Normal
# Running from : C:\Users\User\Desktop\AdwCleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

Folder Found : C:\Program Files (x86)\vShare

***** [Registry] *****

Key Found : HKCU\Software\AppDataLow\Software\NetNucleous
Key Found : HKCU\Software\AppDataLow\Software\Toolbar
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKCU\Software\Zugo
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16450

[OK] Registry is clean.

-\\ Mozilla Firefox v15.0 (en-US)

-\\ Google Chrome v22.0.1229.94

*************************

AdwCleaner[R1].txt - [1821 octets] - [16/03/2013 18:52:38]
AdwCleaner[R2].txt - [1370 octets] - [17/03/2013 09:59:09]

########## EOF - C:\AdwCleaner[R2].txt - [1430 octets] ##########


TDSSkiller log: (I had to run everything in safe mode as the system is still freezing shortly after login, so I could not get the "loaded Modules" box to stay checked after reboot. also instructions stated that I needed to use "cure" but that was not an option in the drop downs, only " skip, copy to quarentine, and delete")

10:29:28.0447 1196 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
10:29:28.0478 1196 ============================================================
10:29:28.0478 1196 Current date / time: 2013/03/17 10:29:28.0478
10:29:28.0478 1196 SystemInfo:
10:29:28.0478 1196
10:29:28.0478 1196 OS Version: 6.1.7601 ServicePack: 1.0
10:29:28.0478 1196 Product type: Workstation
10:29:28.0478 1196 ComputerName: MACHINE-PC
10:29:28.0478 1196 UserName: User
10:29:28.0478 1196 Windows directory: C:\Windows
10:29:28.0478 1196 System windows directory: C:\Windows
10:29:28.0478 1196 Running under WOW64
10:29:28.0478 1196 Processor architecture: Intel x64
10:29:28.0478 1196 Number of processors: 2
10:29:28.0478 1196 Page size: 0x1000
10:29:28.0478 1196 Boot type: Safe boot
10:29:28.0478 1196 ============================================================
10:29:29.0383 1196 BG loaded
10:29:29.0695 1196 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:29:29.0695 1196 Drive \Device\Harddisk1\DR1 - Size: 0x3EC0000 (0.06 Gb), SectorSize: 0x200, Cylinders: 0x7, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
10:29:29.0695 1196 ============================================================
10:29:29.0695 1196 \Device\Harddisk0\DR0:
10:29:29.0695 1196 MBR partitions:
10:29:29.0695 1196 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1A00800, BlocksNum 0x32000
10:29:29.0695 1196 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1A32800, BlocksNum 0x55B13000
10:29:29.0695 1196 \Device\Harddisk1\DR1:
10:29:29.0711 1196 MBR partitions:
10:29:29.0711 1196 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x6, StartLBA 0x20, BlocksNum 0x1F5E0
10:29:29.0711 1196 ============================================================
10:29:29.0726 1196 C: <-> \Device\Harddisk0\DR0\Partition2
10:29:29.0726 1196 ============================================================
10:29:29.0726 1196 Initialize success
10:29:29.0726 1196 ============================================================
10:30:43.0078 1308 ============================================================
10:30:43.0078 1308 Scan started
10:30:43.0078 1308 Mode: Manual; SigCheck; TDLFS;
10:30:43.0078 1308 ============================================================
10:30:43.0639 1308 ================ Scan system memory ========================
10:30:43.0639 1308 System memory - ok
10:30:43.0639 1308 ================ Scan services =============================
10:30:43.0733 1308 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
10:30:43.0951 1308 1394ohci - ok
10:30:43.0982 1308 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
10:30:43.0998 1308 ACPI - ok
10:30:43.0998 1308 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
10:30:44.0014 1308 AcpiPmi - ok
10:30:44.0138 1308 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:30:44.0138 1308 AdobeARMservice - ok
10:30:44.0232 1308 [ 9942DC4CC265CDA00486504444EF521D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:30:44.0248 1308 AdobeFlashPlayerUpdateSvc - ok
10:30:44.0279 1308 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
10:30:44.0294 1308 adp94xx - ok
10:30:44.0326 1308 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
10:30:44.0341 1308 adpahci - ok
10:30:44.0357 1308 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
10:30:44.0372 1308 adpu320 - ok
10:30:44.0404 1308 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
10:30:44.0450 1308 AeLookupSvc - ok
10:30:44.0497 1308 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
10:30:44.0544 1308 AFD - ok
10:30:44.0544 1308 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
10:30:44.0560 1308 agp440 - ok
10:30:44.0591 1308 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
10:30:44.0606 1308 ALG - ok
10:30:44.0622 1308 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
10:30:44.0638 1308 aliide - ok
10:30:44.0653 1308 [ B3E801135E0C81733542C14D9AA8120A ] Alpham1 C:\Windows\system32\DRIVERS\Alpham164.sys
10:30:44.0669 1308 Alpham1 - ok
10:30:44.0684 1308 [ 6493983FEDBC49D9112703ECE9B251FE ] Alpham2 C:\Windows\system32\DRIVERS\Alpham264.sys
10:30:44.0716 1308 Alpham2 - ok
10:30:44.0731 1308 [ 4C1E3649C89C7D542CD18ECC5210099D ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
10:30:44.0778 1308 AMD External Events Utility - ok
10:30:44.0778 1308 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
10:30:44.0794 1308 amdide - ok
10:30:44.0794 1308 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
10:30:44.0825 1308 AmdK8 - ok
10:30:44.0996 1308 [ A3C0A15B39F979E8F3EABA901D72ECD7 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
10:30:45.0215 1308 amdkmdag - ok
10:30:45.0246 1308 [ 20F3CD38B107C1BD747C0EA37D450165 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
10:30:45.0277 1308 amdkmdap - ok
10:30:45.0293 1308 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
10:30:45.0308 1308 AmdPPM - ok
10:30:45.0340 1308 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
10:30:45.0340 1308 amdsata - ok
10:30:45.0355 1308 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
10:30:45.0371 1308 amdsbs - ok
10:30:45.0386 1308 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
10:30:45.0386 1308 amdxata - ok
10:30:45.0418 1308 [ 7FF52FD7CB32FBEBA5960E8F9621D734 ] AMP C:\Windows\system32\Drivers\amp.sys
10:30:45.0464 1308 AMP - ok
10:30:45.0511 1308 [ 6221E6DE43BBBD96C122F0EDD0139809 ] AMPSE C:\Windows\system32\Drivers\ampse.sys
10:30:45.0558 1308 AMPSE - ok
10:30:45.0574 1308 [ 30682A098E12E2C85FA65518E1618195 ] AnyDVD C:\Windows\system32\Drivers\AnyDVD.sys
10:30:45.0589 1308 AnyDVD - ok
10:30:45.0605 1308 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
10:30:45.0667 1308 AppID - ok
10:30:45.0698 1308 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
10:30:45.0730 1308 AppIDSvc - ok
10:30:45.0761 1308 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
10:30:45.0808 1308 Appinfo - ok
10:30:45.0886 1308 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:30:45.0886 1308 Apple Mobile Device - ok
10:30:45.0917 1308 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
10:30:45.0917 1308 AppMgmt - ok
10:30:45.0932 1308 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
10:30:45.0948 1308 arc - ok
10:30:45.0948 1308 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
10:30:45.0964 1308 arcsas - ok
10:30:46.0042 1308 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:30:46.0073 1308 aspnet_state - ok
10:30:46.0073 1308 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
10:30:46.0135 1308 AsyncMac - ok
10:30:46.0182 1308 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
10:30:46.0182 1308 atapi - ok
10:30:46.0229 1308 [ B0790FF0E25B7A2674296052F2162C1A ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
10:30:46.0229 1308 AtiHDAudioService - ok
10:30:46.0260 1308 [ 54494B93BB5AD74C807100144EC30D64 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
10:30:46.0276 1308 atksgt - ok
10:30:46.0322 1308 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:30:46.0369 1308 AudioEndpointBuilder - ok
10:30:46.0385 1308 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
10:30:46.0416 1308 AudioSrv - ok
10:30:46.0463 1308 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
10:30:46.0494 1308 AxInstSV - ok
10:30:46.0510 1308 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
10:30:46.0541 1308 b06bdrv - ok
10:30:46.0572 1308 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
10:30:46.0588 1308 b57nd60a - ok
10:30:46.0619 1308 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
10:30:46.0650 1308 BDESVC - ok
10:30:46.0681 1308 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
10:30:46.0728 1308 Beep - ok
10:30:46.0775 1308 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
10:30:46.0806 1308 BFE - ok
10:30:46.0837 1308 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
10:30:46.0884 1308 BITS - ok
10:30:46.0915 1308 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
10:30:46.0931 1308 blbdrive - ok
10:30:47.0009 1308 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:30:47.0024 1308 Bonjour Service - ok
10:30:47.0056 1308 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
10:30:47.0056 1308 bowser - ok
10:30:47.0071 1308 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:30:47.0087 1308 BrFiltLo - ok
10:30:47.0087 1308 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:30:47.0102 1308 BrFiltUp - ok
10:30:47.0134 1308 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
10:30:47.0149 1308 Browser - ok
10:30:47.0149 1308 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
10:30:47.0196 1308 Brserid - ok
10:30:47.0212 1308 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
10:30:47.0227 1308 BrSerWdm - ok
10:30:47.0227 1308 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
10:30:47.0258 1308 BrUsbMdm - ok
10:30:47.0258 1308 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
10:30:47.0274 1308 BrUsbSer - ok
10:30:47.0274 1308 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
10:30:47.0290 1308 BTHMODEM - ok
10:30:47.0321 1308 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
10:30:47.0352 1308 bthserv - ok
10:30:47.0383 1308 [ 9887CA12F407D7FBC7F48F3678F5F0B6 ] BVRPMPR5a64 C:\Windows\system32\drivers\BVRPMPR5a64.SYS
10:30:47.0399 1308 BVRPMPR5a64 - ok
10:30:47.0399 1308 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
10:30:47.0461 1308 cdfs - ok
10:30:47.0492 1308 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
10:30:47.0524 1308 cdrom - ok
10:30:47.0555 1308 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
10:30:47.0602 1308 CertPropSvc - ok
10:30:47.0617 1308 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
10:30:47.0648 1308 circlass - ok
10:30:47.0680 1308 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
10:30:47.0695 1308 CLFS - ok
10:30:47.0758 1308 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:30:47.0758 1308 clr_optimization_v2.0.50727_32 - ok
10:30:47.0804 1308 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:30:47.0820 1308 clr_optimization_v2.0.50727_64 - ok
10:30:47.0867 1308 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:30:47.0929 1308 clr_optimization_v4.0.30319_32 - ok
10:30:47.0960 1308 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:30:47.0960 1308 clr_optimization_v4.0.30319_64 - ok
10:30:47.0976 1308 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
10:30:48.0007 1308 CmBatt - ok
10:30:48.0007 1308 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
10:30:48.0023 1308 cmdide - ok
10:30:48.0070 1308 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
10:30:48.0085 1308 CNG - ok
10:30:48.0132 1308 [ 66AC4FDAD5A2D4FF4E3DB41810B39DE2 ] COMMONFX.DLL C:\Windows\system32\COMMONFX.DLL
10:30:48.0163 1308 COMMONFX.DLL - ok
10:30:48.0163 1308 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
10:30:48.0179 1308 Compbatt - ok
10:30:48.0194 1308 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
10:30:48.0226 1308 CompositeBus - ok
10:30:48.0241 1308 COMSysApp - ok
10:30:48.0272 1308 [ 262969A3FAB32B9E17E63E2D17A57744 ] cpuz135 C:\Windows\system32\drivers\cpuz135_x64.sys
10:30:48.0288 1308 cpuz135 - ok
10:30:48.0319 1308 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
10:30:48.0319 1308 crcdisk - ok
10:30:48.0366 1308 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
10:30:48.0413 1308 CryptSvc - ok
10:30:48.0460 1308 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
10:30:48.0491 1308 CSC - ok
10:30:48.0522 1308 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
10:30:48.0569 1308 CscService - ok
10:30:48.0584 1308 [ 01BBD5CB85423B12E445209D243A49A9 ] CT20XUT.DLL C:\Windows\system32\CT20XUT.DLL
10:30:48.0600 1308 CT20XUT.DLL - ok
10:30:48.0631 1308 [ B81C989C6D3B770F44316A3DC5F607B3 ] ctac32k C:\Windows\system32\drivers\ctac32k.sys
10:30:48.0647 1308 ctac32k - ok
10:30:48.0662 1308 [ 7321BD704CC3B34B78F8574E64258F39 ] ctaud2k C:\Windows\system32\drivers\ctaud2k.sys
10:30:48.0678 1308 ctaud2k - ok
10:30:48.0709 1308 [ E873319F281115EBEA75E519C5B4D0C4 ] CTAUDFX.DLL C:\Windows\system32\CTAUDFX.DLL
10:30:48.0725 1308 CTAUDFX.DLL - ok
10:30:48.0740 1308 [ 06300545BEDF49B6A51FDFE1861F9CAF ] CTEAPSFX.DLL C:\Windows\system32\CTEAPSFX.DLL
10:30:48.0756 1308 CTEAPSFX.DLL - ok
10:30:48.0756 1308 [ 2D902F8EC247F0ED0D458CDCAF786544 ] CTEDSPFX.DLL C:\Windows\system32\CTEDSPFX.DLL
10:30:48.0772 1308 CTEDSPFX.DLL - ok
10:30:48.0787 1308 [ 0D3F99CDA2BEA14E4911A698441F1A29 ] CTEDSPIO.DLL C:\Windows\system32\CTEDSPIO.DLL
10:30:48.0787 1308 CTEDSPIO.DLL - ok
10:30:48.0803 1308 [ 9D26AA450AC1CAADDE25F1621BA89842 ] CTEDSPSY.DLL C:\Windows\system32\CTEDSPSY.DLL
10:30:48.0818 1308 CTEDSPSY.DLL - ok
10:30:48.0818 1308 [ E5F88DAD5EC69665DFA3E5E87791F800 ] CTERFXFX.DLL C:\Windows\system32\CTERFXFX.DLL
10:30:48.0834 1308 CTERFXFX.DLL - ok
10:30:48.0865 1308 [ FA6DCA331835997D2F7C83B9AAABC4BB ] CTEXFIFX.DLL C:\Windows\system32\CTEXFIFX.DLL
10:30:48.0912 1308 CTEXFIFX.DLL - ok
10:30:48.0912 1308 [ 9E6A0A3CA3825BB568D42F5F3CB09453 ] CTHWIUT.DLL C:\Windows\system32\CTHWIUT.DLL
10:30:48.0928 1308 CTHWIUT.DLL - ok
10:30:48.0943 1308 [ 6A05134810301FA6FDD6E95583A91F35 ] ctprxy2k C:\Windows\system32\drivers\ctprxy2k.sys
10:30:48.0943 1308 ctprxy2k - ok
10:30:48.0974 1308 [ 99047FCEBAB495410CD58AB17284720A ] CTSBLFX.DLL C:\Windows\system32\CTSBLFX.DLL
10:30:49.0006 1308 CTSBLFX.DLL - ok
10:30:49.0021 1308 [ F792246CF9D8EE17F2B32E9069415CDD ] ctsfm2k C:\Windows\system32\drivers\ctsfm2k.sys
10:30:49.0037 1308 ctsfm2k - ok
10:30:49.0068 1308 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
10:30:49.0130 1308 DcomLaunch - ok
10:30:49.0162 1308 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
10:30:49.0208 1308 defragsvc - ok
10:30:49.0240 1308 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
10:30:49.0255 1308 DfsC - ok
10:30:49.0286 1308 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
10:30:49.0333 1308 Dhcp - ok
10:30:49.0364 1308 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
10:30:49.0411 1308 discache - ok
10:30:49.0442 1308 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
10:30:49.0458 1308 Disk - ok
10:30:49.0489 1308 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
10:30:49.0520 1308 Dnscache - ok
10:30:49.0567 1308 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
10:30:49.0598 1308 dot3svc - ok
10:30:49.0614 1308 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
10:30:49.0676 1308 DPS - ok
10:30:49.0801 1308 [ 11D030A18B4CA496B8691278511B3AB5 ] DragonUpdater C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
10:30:49.0848 1308 DragonUpdater - ok
10:30:49.0879 1308 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
10:30:49.0910 1308 drmkaud - ok
10:30:49.0957 1308 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
10:30:49.0988 1308 DXGKrnl - ok
10:30:50.0004 1308 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
10:30:50.0035 1308 EapHost - ok
10:30:50.0129 1308 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
10:30:50.0222 1308 ebdrv - ok
10:30:50.0254 1308 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
10:30:50.0285 1308 EFS - ok
10:30:50.0332 1308 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
10:30:50.0363 1308 ehRecvr - ok
10:30:50.0378 1308 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
10:30:50.0410 1308 ehSched - ok
10:30:50.0441 1308 [ 9387A484D31209D7FC3F795A787294DB ] ElbyCDFL C:\Windows\system32\Drivers\ElbyCDFL.sys
10:30:50.0441 1308 ElbyCDFL - ok
10:30:50.0472 1308 [ A05FC7ECA0966EBB70E4D17B855A853B ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
10:30:50.0488 1308 ElbyCDIO - ok
10:30:50.0503 1308 [ F21A07780BBD64ADEF872F50E8CE2E75 ] ElRawDisk C:\Windows\system32\drivers\ElRawDsk.sys
10:30:50.0503 1308 ElRawDisk - ok
10:30:50.0550 1308 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
10:30:50.0566 1308 elxstor - ok
10:30:50.0597 1308 [ 1E2F860D9521FB73566C85CD17D58291 ] emupia C:\Windows\system32\drivers\emupia2k.sys
10:30:50.0612 1308 emupia - ok
10:30:50.0612 1308 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
10:30:50.0659 1308 ErrDev - ok
10:30:50.0690 1308 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
10:30:50.0722 1308 EventSystem - ok
10:30:50.0722 1308 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
10:30:50.0753 1308 exfat - ok
10:30:50.0784 1308 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
10:30:50.0815 1308 fastfat - ok
10:30:50.0846 1308 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
10:30:50.0878 1308 Fax - ok
10:30:50.0893 1308 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
10:30:50.0909 1308 fdc - ok
10:30:50.0924 1308 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
10:30:50.0956 1308 fdPHost - ok
10:30:50.0971 1308 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
10:30:51.0002 1308 FDResPub - ok
10:30:51.0018 1308 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
10:30:51.0018 1308 FileInfo - ok
10:30:51.0034 1308 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
10:30:51.0065 1308 Filetrace - ok
10:30:51.0080 1308 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
10:30:51.0080 1308 flpydisk - ok
10:30:51.0127 1308 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
10:30:51.0127 1308 FltMgr - ok
10:30:51.0174 1308 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
10:30:51.0205 1308 FontCache - ok
10:30:51.0252 1308 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:30:51.0252 1308 FontCache3.0.0.0 - ok
10:30:51.0283 1308 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
10:30:51.0299 1308 FsDepends - ok
10:30:51.0330 1308 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
10:30:51.0346 1308 Fs_Rec - ok
10:30:51.0361 1308 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
10:30:51.0377 1308 fvevol - ok
10:30:51.0377 1308 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
10:30:51.0392 1308 gagp30kx - ok
10:30:51.0424 1308 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:30:51.0424 1308 GEARAspiWDM - ok
10:30:51.0455 1308 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
10:30:51.0502 1308 gpsvc - ok
10:30:51.0548 1308 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:30:51.0564 1308 gupdate - ok
10:30:51.0564 1308 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:30:51.0580 1308 gupdatem - ok
10:30:51.0626 1308 [ B3F220AD6EEDDC2546780B84A8919B7A ] ha10kx2k C:\Windows\system32\drivers\ha10kx2k.sys
10:30:51.0689 1308 ha10kx2k - ok
10:30:51.0704 1308 [ 5D6AEC608B871CC2C724114F34CAD3C8 ] hap16v2k C:\Windows\system32\drivers\hap16v2k.sys
10:30:51.0704 1308 hap16v2k - ok
10:30:51.0720 1308 [ B95BA8D7EA73A47FAC3A59CF4A3B3043 ] hap17v2k C:\Windows\system32\drivers\hap17v2k.sys
10:30:51.0736 1308 hap17v2k - ok
10:30:51.0736 1308 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
10:30:51.0767 1308 hcw85cir - ok
10:30:51.0782 1308 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:30:51.0829 1308 HdAudAddService - ok
10:30:51.0876 1308 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
10:30:51.0907 1308 HDAudBus - ok
10:30:51.0923 1308 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
10:30:51.0938 1308 HidBatt - ok
10:30:51.0938 1308 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
10:30:51.0954 1308 HidBth - ok
10:30:51.0954 1308 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
10:30:51.0970 1308 HidIr - ok
10:30:52.0001 1308 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
10:30:52.0063 1308 hidserv - ok
10:30:52.0079 1308 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
10:30:52.0094 1308 HidUsb - ok
10:30:52.0110 1308 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
10:30:52.0157 1308 hkmsvc - ok
10:30:52.0204 1308 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:30:52.0235 1308 HomeGroupListener - ok
10:30:52.0266 1308 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:30:52.0282 1308 HomeGroupProvider - ok
10:30:52.0282 1308 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
10:30:52.0297 1308 HpSAMD - ok
10:30:52.0313 1308 [ 7C7C986776D00E575BFBDE5DCBDC615D ] HtcUsbMdmV64 C:\Windows\system32\DRIVERS\HtcUsbMdmV64.sys
10:30:52.0344 1308 HtcUsbMdmV64 ( UnsignedFile.Multi.Generic ) - warning
10:30:52.0344 1308 HtcUsbMdmV64 - detected UnsignedFile.Multi.Generic (1)
10:30:52.0375 1308 [ 7C7C986776D00E575BFBDE5DCBDC615D ] HtcVCom32 C:\Windows\system32\DRIVERS\HtcVComV64.sys
10:30:52.0375 1308 HtcVCom32 ( UnsignedFile.Multi.Generic ) - warning
10:30:52.0375 1308 HtcVCom32 - detected UnsignedFile.Multi.Generic (1)
10:30:52.0422 1308 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
10:30:52.0469 1308 HTTP - ok
10:30:52.0500 1308 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
10:30:52.0516 1308 hwpolicy - ok
10:30:52.0531 1308 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
10:30:52.0531 1308 i8042prt - ok
10:30:52.0578 1308 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
10:30:52.0609 1308 iaStorV - ok
10:30:52.0687 1308 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
10:30:52.0703 1308 IDriverT ( UnsignedFile.Multi.Generic ) - warning
10:30:52.0703 1308 IDriverT - detected UnsignedFile.Multi.Generic (1)
10:30:52.0781 1308 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:30:52.0796 1308 idsvc - ok
10:30:52.0828 1308 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
10:30:52.0843 1308 iirsp - ok
10:30:52.0859 1308 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
10:30:52.0921 1308 IKEEXT - ok
10:30:52.0968 1308 [ BC64B75E8E0A0B8982AB773483164E72 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
10:30:53.0030 1308 IntcAzAudAddService - ok
10:30:53.0030 1308 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
10:30:53.0046 1308 intelide - ok
10:30:53.0062 1308 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
10:30:53.0093 1308 intelppm - ok
10:30:53.0124 1308 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
10:30:53.0155 1308 IPBusEnum - ok
10:30:53.0186 1308 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:30:53.0233 1308 IpFilterDriver - ok
10:30:53.0264 1308 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
10:30:53.0311 1308 iphlpsvc - ok
10:30:53.0327 1308 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
10:30:53.0358 1308 IPMIDRV - ok
10:30:53.0374 1308 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
10:30:53.0405 1308 IPNAT - ok
10:30:53.0452 1308 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
10:30:53.0483 1308 iPod Service - ok
10:30:53.0498 1308 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
10:30:53.0530 1308 IRENUM - ok
10:30:53.0530 1308 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
10:30:53.0545 1308 isapnp - ok
10:30:53.0576 1308 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
10:30:53.0592 1308 iScsiPrt - ok
10:30:53.0608 1308 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
10:30:53.0623 1308 kbdclass - ok
10:30:53.0639 1308 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
10:30:53.0670 1308 kbdhid - ok
10:30:53.0701 1308 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
10:30:53.0717 1308 KeyIso - ok
10:30:53.0732 1308 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
10:30:53.0748 1308 KSecDD - ok
10:30:53.0779 1308 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
10:30:53.0795 1308 KSecPkg - ok
10:30:53.0795 1308 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
10:30:53.0842 1308 ksthunk - ok
10:30:53.0888 1308 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
10:30:53.0935 1308 KtmRm - ok
10:30:53.0966 1308 [ A6FE2E63441094074F57243FB0FDB45A ] L8042mou C:\Windows\system32\DRIVERS\L8042mou.Sys
10:30:53.0982 1308 L8042mou - ok
10:30:54.0013 1308 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
10:30:54.0076 1308 LanmanServer - ok
10:30:54.0091 1308 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:30:54.0138 1308 LanmanWorkstation - ok
10:30:54.0216 1308 [ 88E52495B47C67126B510AF53FDB0BC7 ] LBTServ C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
10:30:54.0216 1308 LBTServ - ok
10:30:54.0247 1308 [ B6552D382FF070B4ED34CBD6737277C0 ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
10:30:54.0263 1308 LHidFilt - ok
10:30:54.0278 1308 [ 5EA407821BB3104C31A705175AB4F309 ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
10:30:54.0294 1308 lirsgt - ok
10:30:54.0310 1308 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
10:30:54.0356 1308 lltdio - ok
10:30:54.0403 1308 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
10:30:54.0466 1308 lltdsvc - ok
10:30:54.0481 1308 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
10:30:54.0512 1308 lmhosts - ok
10:30:54.0528 1308 [ 73C1F563AB73D459DFFE682D66476558 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
10:30:54.0528 1308 LMouFilt - ok
10:30:54.0544 1308 [ F518C34C137348B7DBE5343ACC646A1C ] LMouKE C:\Windows\system32\DRIVERS\LMouKE.Sys
10:30:54.0544 1308 LMouKE - ok
10:30:54.0590 1308 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
10:30:54.0606 1308 LSI_FC - ok
10:30:54.0606 1308 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
10:30:54.0622 1308 LSI_SAS - ok
10:30:54.0637 1308 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:30:54.0653 1308 LSI_SAS2 - ok
10:30:54.0653 1308 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:30:54.0668 1308 LSI_SCSI - ok
10:30:54.0700 1308 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
10:30:54.0746 1308 luafv - ok
10:30:54.0778 1308 [ 79D51E7F5926E8CE1B3EBECEBAE28CFF ] mcdbus C:\Windows\system32\DRIVERS\mcdbus.sys
10:30:54.0793 1308 mcdbus - ok
10:30:54.0824 1308 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
10:30:54.0871 1308 Mcx2Svc - ok
10:30:54.0887 1308 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
10:30:54.0902 1308 megasas - ok
10:30:54.0934 1308 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
10:30:54.0949 1308 MegaSR - ok
10:30:54.0980 1308 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
10:30:55.0012 1308 MMCSS - ok
10:30:55.0012 1308 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
10:30:55.0058 1308 Modem - ok
10:30:55.0105 1308 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
10:30:55.0136 1308 monitor - ok
10:30:55.0168 1308 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
10:30:55.0168 1308 mouclass - ok
10:30:55.0199 1308 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
10:30:55.0199 1308 mouhid - ok
10:30:55.0230 1308 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
10:30:55.0230 1308 mountmgr - ok
10:30:55.0292 1308 [ 4D7F2682D29B92A6251B17957AA0B985 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:30:55.0308 1308 MozillaMaintenance - ok
10:30:55.0324 1308 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
10:30:55.0324 1308 mpio - ok
10:30:55.0355 1308 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
10:30:55.0386 1308 mpsdrv - ok
10:30:55.0433 1308 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
10:30:55.0464 1308 MpsSvc - ok
10:30:55.0495 1308 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
10:30:55.0542 1308 MRxDAV - ok
10:30:55.0558 1308 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
10:30:55.0589 1308 mrxsmb - ok
10:30:55.0636 1308 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:30:55.0667 1308 mrxsmb10 - ok
10:30:55.0698 1308 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:30:55.0698 1308 mrxsmb20 - ok
10:30:55.0714 1308 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
10:30:55.0729 1308 msahci - ok
10:30:55.0729 1308 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
10:30:55.0745 1308 msdsm - ok
10:30:55.0760 1308 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
10:30:55.0792 1308 MSDTC - ok
10:30:55.0823 1308 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
10:30:55.0854 1308 Msfs - ok
10:30:55.0870 1308 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
10:30:55.0916 1308 mshidkmdf - ok
10:30:55.0948 1308 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
10:30:55.0948 1308 msisadrv - ok
10:30:56.0010 1308 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
10:30:56.0041 1308 MSiSCSI - ok
10:30:56.0041 1308 msiserver - ok
10:30:56.0057 1308 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
10:30:56.0104 1308 MSKSSRV - ok
10:30:56.0104 1308 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
10:30:56.0135 1308 MSPCLOCK - ok
10:30:56.0150 1308 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
10:30:56.0182 1308 MSPQM - ok
10:30:56.0228 1308 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
10:30:56.0244 1308 MsRPC - ok
10:30:56.0260 1308 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
10:30:56.0260 1308 mssmbios - ok
10:30:56.0275 1308 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
10:30:56.0322 1308 MSTEE - ok
10:30:56.0353 1308 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
10:30:56.0353 1308 MTConfig - ok
10:30:56.0369 1308 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
10:30:56.0369 1308 Mup - ok
10:30:56.0400 1308 [ A906B08944EF1BEC17AE306E9FDB35D0 ] mv2 C:\Windows\system32\DRIVERS\mv2.sys
10:30:56.0416 1308 mv2 - ok
10:30:56.0447 1308 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
10:30:56.0509 1308 napagent - ok
10:30:56.0540 1308 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
10:30:56.0572 1308 NativeWifiP - ok
10:30:56.0618 1308 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
10:30:56.0650 1308 NDIS - ok
10:30:56.0665 1308 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
10:30:56.0696 1308 NdisCap - ok
10:30:56.0712 1308 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
10:30:56.0743 1308 NdisTapi - ok
10:30:56.0774 1308 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
10:30:56.0806 1308 Ndisuio - ok
10:30:56.0821 1308 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
10:30:56.0868 1308 NdisWan - ok
10:30:56.0915 1308 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
10:30:56.0930 1308 NDProxy - ok
10:30:56.0946 1308 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
10:30:56.0993 1308 NetBIOS - ok
10:30:57.0024 1308 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
10:30:57.0071 1308 NetBT - ok
10:30:57.0102 1308 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
10:30:57.0102 1308 Netlogon - ok
10:30:57.0133 1308 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
10:30:57.0164 1308 Netman - ok
10:30:57.0211 1308 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:30:57.0242 1308 NetMsmqActivator - ok
10:30:57.0242 1308 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:30:57.0242 1308 NetPipeActivator - ok
10:30:57.0274 1308 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
10:30:57.0320 1308 netprofm - ok
10:30:57.0352 1308 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:30:57.0352 1308 NetTcpActivator - ok
10:30:57.0367 1308 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:30:57.0367 1308 NetTcpPortSharing - ok
10:30:57.0398 1308 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
10:30:57.0414 1308 nfrd960 - ok
10:30:57.0445 1308 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
10:30:57.0492 1308 NlaSvc - ok
10:30:57.0508 1308 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
10:30:57.0539 1308 Npfs - ok
10:30:57.0554 1308 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
10:30:57.0601 1308 nsi - ok
10:30:57.0632 1308 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
10:30:57.0679 1308 nsiproxy - ok
10:30:57.0742 1308 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
10:30:57.0788 1308 Ntfs - ok
10:30:57.0804 1308 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
10:30:57.0835 1308 Null - ok
10:30:58.0069 1308 [ DD81FBC57AB9134CDDC5CE90880BFD80 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
10:30:58.0381 1308 nvlddmkm - ok
10:30:58.0381 1308 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
10:30:58.0397 1308 nvraid - ok
10:30:58.0444 1308 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
10:30:58.0459 1308 nvstor - ok
10:30:58.0490 1308 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
10:30:58.0506 1308 nv_agp - ok
10:30:58.0506 1308 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
10:30:58.0522 1308 ohci1394 - ok
10:30:58.0537 1308 [ 678CC7DCF607BBD69A9F9333D39C2F1D ] ossrv C:\Windows\system32\drivers\ctoss2k.sys
10:30:58.0537 1308 ossrv - ok
10:30:58.0584 1308 [ 80C30F531A54AE2846DC8F869010F51E ] OverwolfUpdaterService C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
10:30:58.0600 1308 OverwolfUpdaterService - ok
10:30:58.0615 1308 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
10:30:58.0646 1308 p2pimsvc - ok
10:30:58.0678 1308 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
10:30:58.0693 1308 p2psvc - ok
10:30:58.0709 1308 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
10:30:58.0709 1308 Parport - ok
10:30:58.0740 1308 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
10:30:58.0756 1308 partmgr - ok
10:30:58.0771 1308 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
10:30:58.0802 1308 PcaSvc - ok
10:30:58.0834 1308 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
10:30:58.0834 1308 pci - ok
10:30:58.0849 1308 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
10:30:58.0865 1308 pciide - ok
10:30:58.0865 1308 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
10:30:58.0880 1308 pcmcia - ok
10:30:58.0896 1308 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
10:30:58.0896 1308 pcw - ok
10:30:58.0912 1308 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
10:30:58.0974 1308 PEAUTH - ok
10:30:59.0021 1308 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
10:30:59.0083 1308 PeerDistSvc - ok
10:30:59.0146 1308 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
10:30:59.0161 1308 PerfHost - ok
10:30:59.0224 1308 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
10:30:59.0302 1308 pla - ok
10:30:59.0348 1308 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
10:30:59.0380 1308 PlugPlay - ok
10:30:59.0380 1308 PnkBstrA - ok
10:30:59.0426 1308 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
10:30:59.0442 1308 PNRPAutoReg - ok
10:30:59.0458 1308 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
10:30:59.0473 1308 PNRPsvc - ok
10:30:59.0489 1308 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
10:30:59.0520 1308 PolicyAgent - ok
10:30:59.0551 1308 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
10:30:59.0598 1308 Power - ok
10:30:59.0645 1308 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
10:30:59.0692 1308 PptpMiniport - ok
10:30:59.0707 1308 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
10:30:59.0738 1308 Processor - ok
10:30:59.0770 1308 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
10:30:59.0801 1308 ProfSvc - ok
10:30:59.0832 1308 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
10:30:59.0832 1308 ProtectedStorage - ok
10:30:59.0863 1308 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
10:30:59.0894 1308 Psched - ok
10:30:59.0957 1308 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
10:31:00.0019 1308 ql2300 - ok
10:31:00.0019 1308 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
10:31:00.0035 1308 ql40xx - ok
10:31:00.0066 1308 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
10:31:00.0097 1308 QWAVE - ok
10:31:00.0128 1308 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
10:31:00.0160 1308 QWAVEdrv - ok
10:31:00.0191 1308 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
10:31:00.0222 1308 RasAcd - ok
10:31:00.0253 1308 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
10:31:00.0284 1308 RasAgileVpn - ok
10:31:00.0300 1308 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
10:31:00.0331 1308 RasAuto - ok
10:31:00.0362 1308 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
10:31:00.0409 1308 Rasl2tp - ok
10:31:00.0440 1308 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
10:31:00.0472 1308 RasMan - ok
10:31:00.0472 1308 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
10:31:00.0503 1308 RasPppoe - ok
10:31:00.0518 1308 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
10:31:00.0565 1308 RasSstp - ok
10:31:00.0596 1308 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
10:31:00.0628 1308 rdbss - ok
10:31:00.0643 1308 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
10:31:00.0659 1308 rdpbus - ok
10:31:00.0674 1308 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
10:31:00.0721 1308 RDPCDD - ok
10:31:00.0768 1308 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
10:31:00.0768 1308 RDPDR - ok
10:31:00.0784 1308 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
10:31:00.0846 1308 RDPENCDD - ok
10:31:00.0846 1308 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
10:31:00.0877 1308 RDPREFMP - ok
10:31:00.0924 1308 [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
10:31:00.0986 1308 RdpVideoMiniport - ok
10:31:01.0018 1308 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
10:31:01.0049 1308 RDPWD - ok
10:31:01.0064 1308 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
10:31:01.0080 1308 rdyboost - ok
10:31:01.0127 1308 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
10:31:01.0174 1308 RemoteAccess - ok
10:31:01.0205 1308 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
10:31:01.0236 1308 RemoteRegistry - ok
10:31:01.0236 1308 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
10:31:01.0267 1308 RpcEptMapper - ok
10:31:01.0298 1308 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
10:31:01.0314 1308 RpcLocator - ok
10:31:01.0345 1308 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
10:31:01.0376 1308 RpcSs - ok
10:31:01.0392 1308 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
10:31:01.0423 1308 rspndr - ok
10:31:01.0454 1308 [ ABCB5A38A0D85BDF69B7877E1AD1EED5 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
10:31:01.0470 1308 RTL8167 - ok
10:31:01.0501 1308 [ B674400273552406F11A02387222CD0F ] rzjoystk C:\Windows\system32\DRIVERS\rzjoystk.sys
10:31:01.0532 1308 rzjoystk - ok
10:31:01.0564 1308 [ 95CBC73E98F4A5EF4366DBB4B4E5D436 ] RzSynapse C:\Windows\system32\DRIVERS\RzSynapse.sys
10:31:01.0595 1308 RzSynapse - ok
10:31:01.0626 1308 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
10:31:01.0642 1308 s3cap - ok
10:31:01.0673 1308 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
10:31:01.0673 1308 SamSs - ok
10:31:01.0688 1308 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
10:31:01.0704 1308 sbp2port - ok
10:31:01.0720 1308 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
10:31:01.0766 1308 SCardSvr - ok
10:31:01.0813 1308 [ 6CE6F98EA3D07A9C2CE3CD0A5A86352D ] SCDEmu C:\Windows\system32\drivers\SCDEmu.sys
10:31:01.0829 1308 SCDEmu - ok
10:31:01.0860 1308 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
10:31:01.0907 1308 scfilter - ok
10:31:01.0954 1308 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
10:31:02.0000 1308 Schedule - ok
10:31:02.0032 1308 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
10:31:02.0047 1308 SCPolicySvc - ok
10:31:02.0094 1308 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
10:31:02.0110 1308 SDRSVC - ok
10:31:02.0125 1308 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
10:31:02.0172 1308 secdrv - ok
10:31:02.0203 1308 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
10:31:02.0234 1308 seclogon - ok
10:31:02.0234 1308 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
10:31:02.0266 1308 SENS - ok
10:31:02.0281 1308 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
10:31:02.0312 1308 SensrSvc - ok
10:31:02.0312 1308 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
10:31:02.0328 1308 Serenum - ok
10:31:02.0344 1308 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
10:31:02.0359 1308 Serial - ok
10:31:02.0359 1308 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
10:31:02.0375 1308 sermouse - ok
10:31:02.0422 1308 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
10:31:02.0468 1308 SessionEnv - ok
10:31:02.0468 1308 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
10:31:02.0484 1308 sffdisk - ok
10:31:02.0500 1308 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
10:31:02.0500 1308 sffp_mmc - ok
10:31:02.0515 1308 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
10:31:02.0531 1308 sffp_sd - ok
10:31:02.0546 1308 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
10:31:02.0546 1308 sfloppy - ok
10:31:02.0593 1308 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
10:31:02.0640 1308 SharedAccess - ok
10:31:02.0671 1308 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:31:02.0702 1308 ShellHWDetection - ok
10:31:02.0702 1308 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:31:02.0718 1308 SiSRaid2 - ok
10:31:02.0718 1308 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
10:31:02.0734 1308 SiSRaid4 - ok
10:31:02.0749 1308 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
10:31:02.0780 1308 Smb - ok
10:31:02.0812 1308 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
10:31:02.0827 1308 SNMPTRAP - ok
10:31:02.0843 1308 [ 12583AF6CBE0050651EAF2723B3AD7B3 ] speedfan C:\Windows\syswow64\speedfan.sys
10:31:02.0858 1308 speedfan - ok
10:31:02.0858 1308 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
10:31:02.0874 1308 spldr - ok
10:31:02.0905 1308 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
10:31:02.0921 1308 Spooler - ok
10:31:02.0999 1308 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
10:31:03.0092 1308 sppsvc - ok
10:31:03.0108 1308 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
10:31:03.0155 1308 sppuinotify - ok
10:31:03.0217 1308 [ 9AB59CF736981ED1F83C6AB5FAA8BA5C ] sptd C:\Windows\system32\Drivers\sptd.sys
10:31:03.0233 1308 sptd - ok
10:31:03.0264 1308 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
10:31:03.0295 1308 srv - ok
10:31:03.0326 1308 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
10:31:03.0358 1308 srv2 - ok
10:31:03.0373 1308 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
10:31:03.0389 1308 srvnet - ok
10:31:03.0420 1308 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
10:31:03.0467 1308 SSDPSRV - ok
10:31:03.0467 1308 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
10:31:03.0498 1308 SstpSvc - ok
10:31:03.0545 1308 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
10:31:03.0560 1308 stexstor - ok
10:31:03.0607 1308 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
10:31:03.0623 1308 stisvc - ok
10:31:03.0654 1308 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
10:31:03.0670 1308 storflt - ok
10:31:03.0670 1308 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
10:31:03.0685 1308 storvsc - ok
10:31:03.0701 1308 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
10:31:03.0701 1308 swenum - ok
10:31:03.0732 1308 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
10:31:03.0794 1308 swprv - ok
10:31:03.0794 1308 Synth3dVsc - ok
10:31:03.0857 1308 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
10:31:03.0935 1308 SysMain - ok
10:31:03.0966 1308 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:31:03.0982 1308 TabletInputService - ok
10:31:03.0997 1308 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
10:31:04.0060 1308 TapiSrv - ok
10:31:04.0091 1308 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
10:31:04.0122 1308 TBS - ok
10:31:04.0184 1308 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
10:31:04.0247 1308 Tcpip - ok
10:31:04.0294 1308 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
10:31:04.0325 1308 TCPIP6 - ok
10:31:04.0356 1308 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
10:31:04.0403 1308 tcpipreg - ok
10:31:04.0434 1308 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
10:31:04.0450 1308 TDPIPE - ok
10:31:04.0496 1308 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
10:31:04.0496 1308 TDTCP - ok
10:31:04.0512 1308 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
10:31:04.0543 1308 tdx - ok
10:31:04.0559 1308 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
10:31:04.0559 1308 TermDD - ok
10:31:04.0590 1308 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
10:31:04.0621 1308 TermService - ok
10:31:04.0637 1308 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
10:31:04.0652 1308 Themes - ok
10:31:04.0684 1308 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
10:31:04.0715 1308 THREADORDER - ok
10:31:04.0730 1308 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
10:31:04.0777 1308 TrkWks - ok
10:31:04.0840 1308 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:31:04.0871 1308 TrustedInstaller - ok
10:31:04.0902 1308 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
10:31:04.0933 1308 tssecsrv - ok
10:31:04.0949 1308 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
10:31:04.0964 1308 TsUsbFlt - ok
10:31:04.0980 1308 tsusbhub - ok
10:31:05.0011 1308 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
10:31:05.0058 1308 tunnel - ok
10:31:05.0089 1308 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
10:31:05.0105 1308 uagp35 - ok
10:31:05.0183 1308 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
10:31:05.0245 1308 udfs - ok
10:31:05.0292 1308 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
10:31:05.0308 1308 UI0Detect - ok
10:31:05.0323 1308 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
10:31:05.0339 1308 uliagpkx - ok
10:31:05.0386 1308 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
10:31:05.0432 1308 umbus - ok
10:31:05.0448 1308 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
10:31:05.0479 1308 UmPass - ok
10:31:05.0510 1308 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
10:31:05.0557 1308 UmRdpService - ok
10:31:05.0620 1308 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
10:31:05.0682 1308 upnphost - ok
10:31:05.0698 1308 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
10:31:05.0729 1308 usbaudio - ok
10:31:05.0776 1308 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
10:31:05.0791 1308 usbccgp - ok
10:31:05.0822 1308 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
10:31:05.0838 1308 usbcir - ok
10:31:05.0854 1308 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
10:31:05.0885 1308 usbehci - ok
10:31:05.0963 1308 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
10:31:05.0994 1308 usbhub - ok
10:31:06.0010 1308 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
10:31:06.0041 1308 usbohci - ok
10:31:06.0072 1308 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
10:31:06.0103 1308 usbprint - ok
10:31:06.0134 1308 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:31:06.0166 1308 USBSTOR - ok
10:31:06.0181 1308 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
10:31:06.0197 1308 usbuhci - ok
10:31:06.0275 1308 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
10:31:06.0322 1308 UxSms - ok
10:31:06.0337 1308 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
10:31:06.0353 1308 VaultSvc - ok
10:31:06.0384 1308 [ 03837B80AD5D8A00996148AD57C09791 ] VBoxDrv C:\Windows\system32\DRIVERS\VBoxDrv.sys
10:31:06.0384 1308 VBoxDrv - ok
10:31:06.0400 1308 [ 51CEE8E2B356FDC351DB20C87F25F5A8 ] VBoxNetAdp C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
10:31:06.0415 1308 VBoxNetAdp - ok
10:31:06.0431 1308 [ CE7E80C7367B2ADAA023D9004C9F4691 ] VBoxNetFlt C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
10:31:06.0431 1308 VBoxNetFlt - ok
10:31:06.0446 1308 [ 9617A5D24439180E9D7DEF202FF79F4A ] VBoxUSB C:\Windows\system32\Drivers\VBoxUSB.sys
10:31:06.0462 1308 VBoxUSB - ok
10:31:06.0493 1308 [ 27C9A9F2FA94140DDCF7B9131E13E1B4 ] VBoxUSBMon C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
10:31:06.0493 1308 VBoxUSBMon - ok
10:31:06.0524 1308 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
10:31:06.0540 1308 vdrvroot - ok
10:31:06.0571 1308 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
10:31:06.0618 1308 vds - ok
10:31:06.0618 1308 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
10:31:06.0634 1308 vga - ok
10:31:06.0649 1308 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
10:31:06.0696 1308 VgaSave - ok
10:31:06.0696 1308 VGPU - ok
10:31:06.0712 1308 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
10:31:06.0727 1308 vhdmp - ok
10:31:06.0727 1308 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
10:31:06.0743 1308 viaide - ok
10:31:06.0774 1308 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
10:31:06.0774 1308 vmbus - ok
10:31:06.0790 1308 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
10:31:06.0805 1308 VMBusHID - ok
10:31:06.0821 1308 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
10:31:06.0821 1308 volmgr - ok
10:31:06.0836 1308 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
10:31:06.0852 1308 volmgrx - ok
10:31:06.0868 1308 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
10:31:06.0883 1308 volsnap - ok
10:31:06.0930 1308 [ 1DE8494EB32A68D2140FD120BAB2DE43 ] vseamps C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe
10:31:06.0930 1308 vseamps - ok
10:31:06.0961 1308 [ 53604F5091EB1100B930B7E34F593660 ] vsedsps C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe
10:31:06.0977 1308 vsedsps - ok
10:31:06.0977 1308 [ 54F18665937F657842BC195BD2CB489C ] vseqrts C:\Program Files\Common Files\Authentium\AntiVirus5\vseqrts.exe
10:31:06.0992 1308 vseqrts - ok
10:31:07.0008 1308 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
10:31:07.0008 1308 vsmraid - ok
10:31:07.0055 1308 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
10:31:07.0133 1308 VSS - ok
10:31:07.0164 1308 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
10:31:07.0195 1308 vwifibus - ok
10:31:07.0258 1308 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
10:31:07.0289 1308 W32Time - ok
10:31:07.0304 1308 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
10:31:07.0320 1308 WacomPen - ok
10:31:07.0351 1308 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
10:31:07.0398 1308 WANARP - ok
10:31:07.0414 1308 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
10:31:07.0445 1308 Wanarpv6 - ok
10:31:07.0507 1308 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
10:31:07.0554 1308 WatAdminSvc - ok
10:31:07.0585 1308 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
10:31:07.0648 1308 wbengine - ok
10:31:07.0694 1308 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
10:31:07.0710 1308 WbioSrvc - ok
10:31:07.0726 1308 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
10:31:07.0741 1308 wcncsvc - ok
10:31:07.0772 1308 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:31:07.0788 1308 WcsPlugInService - ok
10:31:07.0788 1308 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
10:31:07.0804 1308 Wd - ok
10:31:07.0819 1308 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
10:31:07.0850 1308 Wdf01000 - ok
10:31:07.0866 1308 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
10:31:07.0897 1308 WdiServiceHost - ok
10:31:07.0913 1308 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
10:31:07.0928 1308 WdiSystemHost - ok
10:31:07.0960 1308 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
10:31:07.0991 1308 WebClient - ok
10:31:08.0038 1308 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
10:31:08.0084 1308 Wecsvc - ok
10:31:08.0100 1308 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
10:31:08.0131 1308 wercplsupport - ok
10:31:08.0147 1308 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
10:31:08.0194 1308 WerSvc - ok
10:31:08.0209 1308 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
10:31:08.0240 1308 WfpLwf - ok
10:31:08.0256 1308 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
10:31:08.0272 1308 WIMMount - ok
10:31:08.0303 1308 WinDefend - ok
10:31:08.0303 1308 WinHttpAutoProxySvc - ok
10:31:08.0350 1308 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
10:31:08.0381 1308 Winmgmt - ok
10:31:08.0459 1308 [ 0C0195C48B6B8582FA6F6373032118DA ] WinRing0_1_2_0 C:\Program Files (x86)\IObit\Game Booster\Driver\WinRing0x64.sys
10:31:08.0459 1308 WinRing0_1_2_0 - ok
10:31:08.0521 1308 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
10:31:08.0599 1308 WinRM - ok
10:31:08.0630 1308 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
10:31:08.0646 1308 WinUsb - ok
10:31:08.0662 1308 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
10:31:08.0708 1308 Wlansvc - ok
10:31:08.0786 1308 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:31:08.0849 1308 wlidsvc - ok
10:31:08.0880 1308 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
10:31:08.0911 1308 WmiAcpi - ok
10:31:08.0958 1308 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
10:31:08.0974 1308 wmiApSrv - ok
10:31:09.0052 1308 [ 83B6CA03C846FCD47F9883D77D1EB27B ] WMZuneComm c:\Program Files\Zune\WMZuneComm.exe
10:31:09.0067 1308 WMZuneComm - ok
10:31:09.0098 1308 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
10:31:09.0098 1308 WPCSvc - ok
10:31:09.0130 1308 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
10:31:09.0145 1308 WPDBusEnum - ok
10:31:09.0176 1308 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
10:31:09.0208 1308 ws2ifsl - ok
10:31:09.0223 1308 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
10:31:09.0254 1308 wscsvc - ok
10:31:09.0254 1308 WSearch - ok
10:31:09.0332 1308 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
10:31:09.0395 1308 wuauserv - ok
10:31:09.0426 1308 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
10:31:09.0473 1308 WudfPf - ok
10:31:09.0504 1308 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
10:31:09.0551 1308 WUDFRd - ok
10:31:09.0598 1308 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
10:31:09.0629 1308 wudfsvc - ok
10:31:09.0660 1308 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
10:31:09.0691 1308 WwanSvc - ok
10:31:09.0754 1308 [ 4A5CE13408945E525503B5F73D29B9C5 ] xnacc C:\Windows\system32\DRIVERS\xnacc.sys
10:31:09.0769 1308 xnacc - ok
10:31:09.0800 1308 [ 2C6BC21B2D5B58D8B1D638C1704CB494 ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
10:31:09.0816 1308 xusb21 - ok
10:31:09.0941 1308 [ 67B787C34FB2888D01B130AE007042D8 ] ZuneNetworkSvc c:\Program Files\Zune\ZuneNss.exe
10:31:10.0128 1308 ZuneNetworkSvc - ok
10:31:10.0159 1308 [ 4D89FC1C20CF655739EFAC5DA81A67BC ] ZuneWlanCfgSvc c:\Program Files\Zune\ZuneWlanCfgSvc.exe
10:31:10.0175 1308 ZuneWlanCfgSvc - ok
10:31:10.0190 1308 ================ Scan global ===============================
10:31:10.0237 1308 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
10:31:10.0268 1308 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
10:31:10.0268 1308 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
10:31:10.0300 1308 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
10:31:10.0315 1308 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
10:31:10.0315 1308 [Global] - ok
10:31:10.0315 1308 ================ Scan MBR ==================================
10:31:10.0331 1308 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:31:10.0705 1308 \Device\Harddisk0\DR0 - ok
10:31:10.0752 1308 [ 5F549E0A200B7179806806E6C0CF098C ] \Device\Harddisk1\DR1
10:32:41.0825 1308 \Device\Harddisk1\DR1 - ok
10:32:41.0825 1308 ================ Scan VBR ==================================
10:32:41.0825 1308 [ 04CF8EA60793E0609F45F133763776C1 ] \Device\Harddisk0\DR0\Partition1
10:32:41.0825 1308 \Device\Harddisk0\DR0\Partition1 - ok
10:32:41.0840 1308 [ 98DAB75CECA5A0CC54F74BFE5E7F630B ] \Device\Harddisk0\DR0\Partition2
10:32:41.0840 1308 \Device\Harddisk0\DR0\Partition2 - ok
10:32:41.0856 1308 [ BE06008EBE54E11C32499F9A944D9B85 ] \Device\Harddisk1\DR1\Partition1
10:32:41.0856 1308 \Device\Harddisk1\DR1\Partition1 - ok
10:32:41.0856 1308 ============================================================
10:32:41.0856 1308 Scan finished
10:32:41.0856 1308 ============================================================
10:32:41.0872 1300 Detected object count: 3
10:32:41.0872 1300 Actual detected object count: 3
10:35:13.0582 1300 HtcUsbMdmV64 ( UnsignedFile.Multi.Generic ) - skipped by user
10:35:13.0582 1300 HtcUsbMdmV64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:35:13.0582 1300 HtcVCom32 ( UnsignedFile.Multi.Generic ) - skipped by user
10:35:13.0582 1300 HtcVCom32 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:35:13.0582 1300 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
10:35:13.0582 1300 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:35:48.0822 1624 ============================================================
10:35:48.0822 1624 Scan started
10:35:48.0822 1624 Mode: Manual; SigCheck; TDLFS;
10:35:48.0822 1624 ============================================================
10:35:49.0259 1624 ================ Scan system memory ========================
10:35:49.0259 1624 System memory - ok
10:35:49.0259 1624 ================ Scan services =============================
10:35:49.0352 1624 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
10:35:49.0368 1624 1394ohci - ok
10:35:49.0399 1624 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
10:35:49.0415 1624 ACPI - ok
10:35:49.0430 1624 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
10:35:49.0446 1624 AcpiPmi - ok
10:35:49.0524 1624 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:35:49.0524 1624 AdobeARMservice - ok
10:35:49.0602 1624 [ 9942DC4CC265CDA00486504444EF521D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:35:49.0618 1624 AdobeFlashPlayerUpdateSvc - ok
10:35:49.0633 1624 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
10:35:49.0649 1624 adp94xx - ok
10:35:49.0664 1624 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
10:35:49.0680 1624 adpahci - ok
10:35:49.0680 1624 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
10:35:49.0696 1624 adpu320 - ok
10:35:49.0711 1624 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
10:35:49.0742 1624 AeLookupSvc - ok
10:35:49.0774 1624 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
10:35:49.0789 1624 AFD - ok
10:35:49.0820 1624 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
10:35:49.0836 1624 agp440 - ok
10:35:49.0867 1624 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
10:35:49.0883 1624 ALG - ok
10:35:49.0883 1624 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
10:35:49.0898 1624 aliide - ok
10:35:49.0914 1624 [ B3E801135E0C81733542C14D9AA8120A ] Alpham1 C:\Windows\system32\DRIVERS\Alpham164.sys
10:35:49.0914 1624 Alpham1 - ok
10:35:49.0930 1624 [ 6493983FEDBC49D9112703ECE9B251FE ] Alpham2 C:\Windows\system32\DRIVERS\Alpham264.sys
10:35:49.0930 1624 Alpham2 - ok
10:35:49.0945 1624 [ 4C1E3649C89C7D542CD18ECC5210099D ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
10:35:49.0961 1624 AMD External Events Utility - ok
10:35:49.0976 1624 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
10:35:49.0976 1624 amdide - ok
10:35:49.0992 1624 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
10:35:49.0992 1624 AmdK8 - ok
10:35:50.0164 1624 [ A3C0A15B39F979E8F3EABA901D72ECD7 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
10:35:50.0273 1624 amdkmdag - ok
10:35:50.0304 1624 [ 20F3CD38B107C1BD747C0EA37D450165 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
10:35:50.0320 1624 amdkmdap - ok
10:35:50.0320 1624 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
10:35:50.0335 1624 AmdPPM - ok
10:35:50.0351 1624 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
10:35:50.0366 1624 amdsata - ok
10:35:50.0366 1624 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
10:35:50.0382 1624 amdsbs - ok
10:35:50.0413 1624 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
10:35:50.0429 1624 amdxata - ok
10:35:50.0460 1624 [ 7FF52FD7CB32FBEBA5960E8F9621D734 ] AMP C:\Windows\system32\Drivers\amp.sys
10:35:50.0460 1624 AMP - ok
10:35:50.0491 1624 [ 6221E6DE43BBBD96C122F0EDD0139809 ] AMPSE C:\Windows\system32\Drivers\ampse.sys
10:35:50.0522 1624 AMPSE - ok
10:35:50.0554 1624 [ 30682A098E12E2C85FA65518E1618195 ] AnyDVD C:\Windows\system32\Drivers\AnyDVD.sys
10:35:50.0569 1624 AnyDVD - ok
10:35:50.0585 1624 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
10:35:50.0616 1624 AppID - ok
10:35:50.0632 1624 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
10:35:50.0663 1624 AppIDSvc - ok
10:35:50.0694 1624 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
10:35:50.0725 1624 Appinfo - ok
10:35:50.0772 1624 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:35:50.0788 1624 Apple Mobile Device - ok
10:35:50.0803 1624 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
10:35:50.0819 1624 AppMgmt - ok
10:35:50.0834 1624 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
10:35:50.0834 1624 arc - ok
10:35:50.0850 1624 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
10:35:50.0850 1624 arcsas - ok
10:35:50.0944 1624 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:35:50.0944 1624 aspnet_state - ok
10:35:50.0975 1624 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
10:35:50.0990 1624 AsyncMac - ok
10:35:51.0022 1624 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
10:35:51.0037 1624 atapi - ok
10:35:51.0068 1624 [ B0790FF0E25B7A2674296052F2162C1A ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
10:35:51.0068 1624 AtiHDAudioService - ok
10:35:51.0100 1624 [ 54494B93BB5AD74C807100144EC30D64 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
10:35:51.0115 1624 atksgt - ok
10:35:51.0162 1624 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:35:51.0193 1624 AudioEndpointBuilder - ok
10:35:51.0209 1624 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
10:35:51.0240 1624 AudioSrv - ok
10:35:51.0271 1624 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
10:35:51.0287 1624 AxInstSV - ok
10:35:51.0318 1624 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
10:35:51.0334 1624 b06bdrv - ok
10:35:51.0349 1624 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
10:35:51.0349 1624 b57nd60a - ok
10:35:51.0396 1624 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
10:35:51.0412 1624 BDESVC - ok
10:35:51.0412 1624 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
10:35:51.0443 1624 Beep - ok
10:35:51.0474 1624 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
10:35:51.0521 1624 BFE - ok
10:35:51.0536 1624 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
10:35:51.0568 1624 BITS - ok
10:35:51.0599 1624 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
10:35:51.0599 1624 blbdrive - ok
10:35:51.0646 1624 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:35:51.0646 1624 Bonjour Service - ok
10:35:51.0677 1624 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
10:35:51.0692 1624 bowser - ok
10:35:51.0692 1624 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:35:51.0708 1624 BrFiltLo - ok
10:35:51.0708 1624 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:35:51.0724 1624 BrFiltUp - ok
10:35:51.0755 1624 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
10:35:51.0770 1624 Browser - ok
10:35:51.0786 1624 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
10:35:51.0786 1624 Brserid - ok
10:35:51.0802 1624 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
10:35:51.0817 1624 BrSerWdm - ok
10:35:51.0817 1624 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
10:35:51.0833 1624 BrUsbMdm - ok
10:35:51.0833 1624 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
10:35:51.0848 1624 BrUsbSer - ok
10:35:51.0848 1624 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
10:35:51.0864 1624 BTHMODEM - ok
10:35:51.0895 1624 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
10:35:51.0926 1624 bthserv - ok
10:35:51.0942 1624 [ 9887CA12F407D7FBC7F48F3678F5F0B6 ] BVRPMPR5a64 C:\Windows\system32\drivers\BVRPMPR5a64.SYS
10:35:51.0942 1624 BVRPMPR5a64 - ok
10:35:51.0958 1624 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
10:35:51.0989 1624 cdfs - ok
10:35:52.0020 1624 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
10:35:52.0036 1624 cdrom - ok
10:35:52.0051 1624 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
10:35:52.0082 1624 CertPropSvc - ok
10:35:52.0082 1624 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
10:35:52.0098 1624 circlass - ok
10:35:52.0114 1624 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
10:35:52.0129 1624 CLFS - ok
10:35:52.0192 1624 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:35:52.0207 1624 clr_optimization_v2.0.50727_32 - ok
10:35:52.0238 1624 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:35:52.0238 1624 clr_optimization_v2.0.50727_64 - ok
10:35:52.0285 1624 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:35:52.0301 1624 clr_optimization_v4.0.30319_32 - ok
10:35:52.0301 1624 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:35:52.0316 1624 clr_optimization_v4.0.30319_64 - ok
10:35:52.0316 1624 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
10:35:52.0332 1624 CmBatt - ok
10:35:52.0332 1624 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
10:35:52.0348 1624 cmdide - ok
10:35:52.0379 1624 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
10:35:52.0394 1624 CNG - ok
10:35:52.0441 1624 [ 66AC4FDAD5A2D4FF4E3DB41810B39DE2 ] COMMONFX.DLL C:\Windows\system32\COMMONFX.DLL
10:35:52.0457 1624 COMMONFX.DLL - ok
10:35:52.0457 1624 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
10:35:52.0472 1624 Compbatt - ok
10:35:52.0504 1624 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
10:35:52.0519 1624 CompositeBus - ok
10:35:52.0519 1624 COMSysApp - ok
10:35:52.0550 1624 [ 262969A3FAB32B9E17E63E2D17A57744 ] cpuz135 C:\Windows\system32\drivers\cpuz135_x64.sys
10:35:52.0566 1624 cpuz135 - ok
10:35:52.0566 1624 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
10:35:52.0582 1624 crcdisk - ok
10:35:52.0613 1624 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
10:35:52.0613 1624 CryptSvc - ok
10:35:52.0660 1624 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
10:35:52.0675 1624 CSC - ok
10:35:52.0691 1624 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
10:35:52.0706 1624 CscService - ok
10:35:52.0738 1624 [ 01BBD5CB85423B12E445209D243A49A9 ] CT20XUT.DLL C:\Windows\system32\CT20XUT.DLL
10:35:52.0753 1624 CT20XUT.DLL - ok
10:35:52.0769 1624 [ B81C989C6D3B770F44316A3DC5F607B3 ] ctac32k C:\Windows\system32\drivers\ctac32k.sys
10:35:52.0784 1624 ctac32k - ok
10:35:52.0800 1624 [ 7321BD704CC3B34B78F8574E64258F39 ] ctaud2k C:\Windows\system32\drivers\ctaud2k.sys
10:35:52.0816 1624 ctaud2k - ok
10:35:52.0847 1624 [ E873319F281115EBEA75E519C5B4D0C4 ] CTAUDFX.DLL C:\Windows\system32\CTAUDFX.DLL
10:35:52.0862 1624 CTAUDFX.DLL - ok
10:35:52.0878 1624 [ 06300545BEDF49B6A51FDFE1861F9CAF ] CTEAPSFX.DLL C:\Windows\system32\CTEAPSFX.DLL
10:35:52.0894 1624 CTEAPSFX.DLL - ok
10:35:52.0894 1624 [ 2D902F8EC247F0ED0D458CDCAF786544 ] CTEDSPFX.DLL C:\Windows\system32\CTEDSPFX.DLL
10:35:52.0909 1624 CTEDSPFX.DLL - ok
10:35:52.0925 1624 [ 0D3F99CDA2BEA14E4911A698441F1A29 ] CTEDSPIO.DLL C:\Windows\system32\CTEDSPIO.DLL
10:35:52.0925 1624 CTEDSPIO.DLL - ok
10:35:52.0940 1624 [ 9D26AA450AC1CAADDE25F1621BA89842 ] CTEDSPSY.DLL C:\Windows\system32\CTEDSPSY.DLL
10:35:52.0956 1624 CTEDSPSY.DLL - ok
10:35:52.0956 1624 [ E5F88DAD5EC69665DFA3E5E87791F800 ] CTERFXFX.DLL C:\Windows\system32\CTERFXFX.DLL
10:35:52.0972 1624 CTERFXFX.DLL - ok
10:35:52.0987 1624 [ FA6DCA331835997D2F7C83B9AAABC4BB ] CTEXFIFX.DLL C:\Windows\system32\CTEXFIFX.DLL
10:35:53.0018 1624 CTEXFIFX.DLL - ok
10:35:53.0018 1624 [ 9E6A0A3CA3825BB568D42F5F3CB09453 ] CTHWIUT.DLL C:\Windows\system32\CTHWIUT.DLL
10:35:53.0034 1624 CTHWIUT.DLL - ok
10:35:53.0050 1624 [ 6A05134810301FA6FDD6E95583A91F35 ] ctprxy2k C:\Windows\system32\drivers\ctprxy2k.sys
10:35:53.0050 1624 ctprxy2k - ok
10:35:53.0081 1624 [ 99047FCEBAB495410CD58AB17284720A ] CTSBLFX.DLL C:\Windows\system32\CTSBLFX.DLL
10:35:53.0096 1624 CTSBLFX.DLL - ok
10:35:53.0112 1624 [ F792246CF9D8EE17F2B32E9069415CDD ] ctsfm2k C:\Windows\system32\drivers\ctsfm2k.sys
10:35:53.0112 1624 ctsfm2k - ok
10:35:53.0174 1624 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
10:35:53.0206 1624 DcomLaunch - ok
10:35:53.0221 1624 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
10:35:53.0252 1624 defragsvc - ok
10:35:53.0284 1624 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
10:35:53.0315 1624 DfsC - ok
10:35:53.0330 1624 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
10:35:53.0362 1624 Dhcp - ok
10:35:53.0377 1624 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
10:35:53.0408 1624 discache - ok
10:35:53.0424 1624 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
10:35:53.0424 1624 Disk - ok
10:35:53.0455 1624 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
10:35:53.0471 1624 Dnscache - ok
10:35:53.0502 1624 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
10:35:53.0533 1624 dot3svc - ok
10:35:53.0564 1624 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
10:35:53.0596 1624 DPS - ok
10:35:53.0689 1624 [ 11D030A18B4CA496B8691278511B3AB5 ] DragonUpdater C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
10:35:53.0720 1624 DragonUpdater - ok
10:35:53.0767 1624 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
10:35:53.0767 1624 drmkaud - ok
10:35:53.0830 1624 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
10:35:53.0845 1624 DXGKrnl - ok
10:35:53.0876 1624 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
10:35:53.0908 1624 EapHost - ok
10:35:53.0986 1624 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
10:35:54.0032 1624 ebdrv - ok
10:35:54.0079 1624 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
10:35:54.0079 1624 EFS - ok
10:35:54.0110 1624 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
10:35:54.0142 1624 ehRecvr - ok
10:35:54.0157 1624 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
10:35:54.0157 1624 ehSched - ok
10:35:54.0188 1624 [ 9387A484D31209D7FC3F795A787294DB ] ElbyCDFL C:\Windows\system32\Drivers\ElbyCDFL.sys
10:35:54.0204 1624 ElbyCDFL - ok
10:35:54.0235 1624 [ A05FC7ECA0966EBB70E4D17B855A853B ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
10:35:54.0235 1624 ElbyCDIO - ok
10:35:54.0266 1624 [ F21A07780BBD64ADEF872F50E8CE2E75 ] ElRawDisk C:\Windows\system32\drivers\ElRawDsk.sys
10:35:54.0282 1624 ElRawDisk - ok
10:35:54.0298 1624 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
10:35:54.0298 1624 elxstor - ok
10:35:54.0313 1624 [ 1E2F860D9521FB73566C85CD17D58291 ] emupia C:\Windows\system32\drivers\emupia2k.sys
10:35:54.0329 1624 emupia - ok
10:35:54.0329 1624 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
10:35:54.0344 1624 ErrDev - ok
10:35:54.0376 1624 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
10:35:54.0407 1624 EventSystem - ok
10:35:54.0422 1624 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
10:35:54.0454 1624 exfat - ok
10:35:54.0485 1624 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
10:35:54.0516 1624 fastfat - ok
10:35:54.0563 1624 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
10:35:54.0578 1624 Fax - ok
10:35:54.0578 1624 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
10:35:54.0594 1624 fdc - ok
10:35:54.0610 1624 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
10:35:54.0641 1624 fdPHost - ok
10:35:54.0656 1624 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
10:35:54.0688 1624 FDResPub - ok
10:35:54.0703 1624 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
10:35:54.0703 1624 FileInfo - ok
10:35:54.0719 1624 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
10:35:54.0750 1624 Filetrace - ok
10:35:54.0750 1624 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
10:35:54.0766 1624 flpydisk - ok
10:35:54.0797 1624 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
10:35:54.0812 1624 FltMgr - ok
10:35:54.0844 1624 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
10:35:54.0875 1624 FontCache - ok
10:35:54.0922 1624 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:35:54.0922 1624 FontCache3.0.0.0 - ok
10:35:54.0953 1624 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
10:35:54.0968 1624 FsDepends - ok
10:35:55.0000 1624 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
10:35:55.0000 1624 Fs_Rec - ok
10:35:55.0015 1624 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
10:35:55.0031 1624 fvevol - ok
10:35:55.0046 1624 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
10:35:55.0046 1624 gagp30kx - ok
10:35:55.0078 1624 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:35:55.0093 1624 GEARAspiWDM - ok
10:35:55.0124 1624 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
10:35:55.0156 1624 gpsvc - ok
10:35:55.0202 1624 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:35:55.0202 1624 gupdate - ok
10:35:55.0218 1624 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:35:55.0218 1624 gupdatem - ok
10:35:55.0280 1624 [ B3F220AD6EEDDC2546780B84A8919B7A ] ha10kx2k C:\Windows\system32\drivers\ha10kx2k.sys
10:35:55.0296 1624 ha10kx2k - ok
10:35:55.0312 1624 [ 5D6AEC608B871CC2C724114F34CAD3C8 ] hap16v2k C:\Windows\system32\drivers\hap16v2k.sys
10:35:55.0327 1624 hap16v2k - ok
10:35:55.0327 1624 [ B95BA8D7EA73A47FAC3A59CF4A3B3043 ] hap17v2k C:\Windows\system32\drivers\hap17v2k.sys
10:35:55.0343 1624 hap17v2k - ok
10:35:55.0358 1624 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
10:35:55.0358 1624 hcw85cir - ok
10:35:55.0390 1624 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:35:55.0405 1624 HdAudAddService - ok
10:35:55.0452 1624 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
10:35:55.0468 1624 HDAudBus - ok
10:35:55.0468 1624 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
10:35:55.0483 1624 HidBatt - ok
10:35:55.0499 1624 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
10:35:55.0499 1624 HidBth - ok
10:35:55.0514 1624 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
10:35:55.0530 1624 HidIr - ok
10:35:55.0546 1624 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
10:35:55.0577 1624 hidserv - ok
10:35:55.0592 1624 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
10:35:55.0592 1624 HidUsb - ok
10:35:55.0624 1624 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
10:35:55.0655 1624 hkmsvc - ok
10:35:55.0686 1624 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:35:55.0686 1624 HomeGroupListener - ok
10:35:55.0717 1624 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:35:55.0717 1624 HomeGroupProvider - ok
10:35:55.0733 1624 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
10:35:55.0733 1624 HpSAMD - ok
10:35:55.0748 1624 [ 7C7C986776D00E575BFBDE5DCBDC615D ] HtcUsbMdmV64 C:\Windows\system32\DRIVERS\HtcUsbMdmV64.sys
10:35:55.0764 1624 HtcUsbMdmV64 ( UnsignedFile.Multi.Generic ) - warning
10:35:55.0764 1624 HtcUsbMdmV64 - detected UnsignedFile.Multi.Generic (1)
10:35:55.0764 1624 [ 7C7C986776D00E575BFBDE5DCBDC615D ] HtcVCom32 C:\Windows\system32\DRIVERS\HtcVComV64.sys
10:35:55.0780 1624 HtcVCom32 ( UnsignedFile.Multi.Generic ) - warning
10:35:55.0780 1624 HtcVCom32 - detected UnsignedFile.Multi.Generic (1)
10:35:55.0795 1624 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
10:35:55.0826 1624 HTTP - ok
10:35:55.0858 1624 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
10:35:55.0858 1624 hwpolicy - ok
10:35:55.0873 1624 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
10:35:55.0889 1624 i8042prt - ok
10:35:55.0904 1624 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
10:35:55.0920 1624 iaStorV - ok
10:35:55.0982 1624 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
10:35:55.0982 1624 IDriverT ( UnsignedFile.Multi.Generic ) - warning
10:35:55.0982 1624 IDriverT - detected UnsignedFile.Multi.Generic (1)
10:35:56.0060 1624 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:35:56.0076 1624 idsvc - ok
10:35:56.0107 1624 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
10:35:56.0107 1624 iirsp - ok
10:35:56.0138 1624 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
10:35:56.0170 1624 IKEEXT - ok
10:35:56.0232 1624 [ BC64B75E8E0A0B8982AB773483164E72 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
10:35:56.0263 1624 IntcAzAudAddService - ok
10:35:56.0263 1624 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
10:35:56.0279 1624 intelide - ok
10:35:56.0294 1624 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
10:35:56.0294 1624 intelppm - ok
10:35:56.0326 1624 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
10:35:56.0357 1624 IPBusEnum - ok
10:35:56.0388 1624 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:35:56.0404 1624 IpFilterDriver - ok
10:35:56.0450 1624 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
10:35:56.0482 1624 iphlpsvc - ok
10:35:56.0482 1624 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
10:35:56.0497 1624 IPMIDRV - ok
10:35:56.0497 1624 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
10:35:56.0528 1624 IPNAT - ok
10:35:56.0575 1624 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
10:35:56.0591 1624 iPod Service - ok
10:35:56.0606 1624 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
10:35:56.0606 1624 IRENUM - ok
10:35:56.0622 1624 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
10:35:56.0622 1624 isapnp - ok
10:35:56.0669 1624 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
10:35:56.0669 1624 iScsiPrt - ok
10:35:56.0700 1624 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
10:35:56.0716 1624 kbdclass - ok
10:35:56.0731 1624 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
10:35:56.0731 1624 kbdhid - ok
10:35:56.0747 1624 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
10:35:56.0762 1624 KeyIso - ok
10:35:56.0794 1624 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
10:35:56.0794 1624 KSecDD - ok
10:35:56.0825 1624 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
10:35:56.0840 1624 KSecPkg - ok
10:35:56.0840 1624 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
10:35:56.0872 1624 ksthunk - ok
10:35:56.0887 1624 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
10:35:56.0918 1624 KtmRm - ok
10:35:56.0950 1624 [ A6FE2E63441094074F57243FB0FDB45A ] L8042mou C:\Windows\system32\DRIVERS\L8042mou.Sys
10:35:56.0965 1624 L8042mou - ok
10:35:56.0981 1624 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
10:35:57.0012 1624 LanmanServer - ok
10:35:57.0012 1624 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:35:57.0043 1624 LanmanWorkstation - ok
10:35:57.0106 1624 [ 88E52495B47C67126B510AF53FDB0BC7 ] LBTServ C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
10:35:57.0106 1624 LBTServ - ok
10:35:57.0137 1624 [ B6552D382FF070B4ED34CBD6737277C0 ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
10:35:57.0152 1624 LHidFilt - ok
10:35:57.0184 1624 [ 5EA407821BB3104C31A705175AB4F309 ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
10:35:57.0184 1624 lirsgt - ok
10:35:57.0199 1624 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
10:35:57.0230 1624 lltdio - ok
10:35:57.0262 1624 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
10:35:57.0293 1624 lltdsvc - ok
10:35:57.0308 1624 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
10:35:57.0340 1624 lmhosts - ok
10:35:57.0355 1624 [ 73C1F563AB73D459DFFE682D66476558 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
10:35:57.0371 1624 LMouFilt - ok
10:35:57.0371 1624 [ F518C34C137348B7DBE5343ACC646A1C ] LMouKE C:\Windows\system32\DRIVERS\LMouKE.Sys
10:35:57.0386 1624 LMouKE - ok
10:35:57.0418 1624 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
10:35:57.0433 1624 LSI_FC - ok
10:35:57.0433 1624 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
10:35:57.0449 1624 LSI_SAS - ok
10:35:57.0449 1624 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:35:57.0464 1624 LSI_SAS2 - ok
10:35:57.0464 1624 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:35:57.0480 1624 LSI_SCSI - ok
10:35:57.0511 1624 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
10:35:57.0542 1624 luafv - ok
10:35:57.0574 1624 [ 79D51E7F5926E8CE1B3EBECEBAE28CFF ] mcdbus C:\Windows\system32\DRIVERS\mcdbus.sys
10:35:57.0589 1624 mcdbus - ok
10:35:57.0620 1624 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
10:35:57.0620 1624 Mcx2Svc - ok
10:35:57.0636 1624 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
10:35:57.0652 1624 megasas - ok
10:35:57.0652 1624 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
10:35:57.0667 1624 MegaSR - ok
10:35:57.0714 1624 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
10:35:57.0745 1624 MMCSS - ok
10:35:57.0745 1624 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
10:35:57.0776 1624 Modem - ok
10:35:57.0808 1624 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
10:35:57.0823 1624 monitor - ok
10:35:57.0839 1624 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
10:35:57.0854 1624 mouclass - ok
10:35:57.0870 1624 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
10:35:57.0886 1624 mouhid - ok
10:35:57.0917 1624 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
10:35:57.0932 1624 mountmgr - ok
10:35:57.0995 1624 [ 4D7F2682D29B92A6251B17957AA0B985 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:35:57.0995 1624 MozillaMaintenance - ok
10:35:58.0010 1624 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
10:35:58.0026 1624 mpio - ok
10:35:58.0042 1624 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
10:35:58.0057 1624 mpsdrv - ok
10:35:58.0104 1624 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
10:35:58.0135 1624 MpsSvc - ok
10:35:58.0166 1624 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
10:35:58.0182 1624 MRxDAV - ok
10:35:58.0198 1624 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
10:35:58.0213 1624 mrxsmb - ok
10:35:58.0244 1624 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:35:58.0260 1624 mrxsmb10 - ok
10:35:58.0276 1624 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:35:58.0276 1624 mrxsmb20 - ok
10:35:58.0291 1624 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
10:35:58.0307 1624 msahci - ok
10:35:58.0307 1624 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
10:35:58.0322 1624 msdsm - ok
10:35:58.0338 1624 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
10:35:58.0354 1624 MSDTC - ok
10:35:58.0369 1624 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
10:35:58.0400 1624 Msfs - ok
10:35:58.0416 1624 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
10:35:58.0432 1624 mshidkmdf - ok
10:35:58.0447 1624 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
10:35:58.0463 1624 msisadrv - ok
10:35:58.0494 1624 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
10:35:58.0525 1624 MSiSCSI - ok
10:35:58.0525 1624 msiserver - ok
10:35:58.0541 1624 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
10:35:58.0572 1624 MSKSSRV - ok
10:35:58.0572 1624 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
10:35:58.0603 1624 MSPCLOCK - ok
10:35:58.0603 1624 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
10:35:58.0634 1624 MSPQM - ok
10:35:58.0681 1624 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
10:35:58.0697 1624 MsRPC - ok
10:35:58.0712 1624 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
10:35:58.0712 1624 mssmbios - ok
10:35:58.0712 1624 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
10:35:58.0744 1624 MSTEE - ok
10:35:58.0759 1624 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
10:35:58.0775 1624 MTConfig - ok
10:35:58.0790 1624 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
10:35:58.0790 1624 Mup - ok
10:35:58.0822 1624 [ A906B08944EF1BEC17AE306E9FDB35D0 ] mv2 C:\Windows\system32\DRIVERS\mv2.sys
10:35:58.0837 1624 mv2 - ok
10:35:58.0868 1624 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
10:35:58.0900 1624 napagent - ok
10:35:58.0915 1624 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
10:35:58.0931 1624 NativeWifiP - ok
10:35:58.0978 1624 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
10:35:59.0009 1624 NDIS - ok
10:35:59.0056 1624 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
10:35:59.0071 1624 NdisCap - ok
10:35:59.0087 1624 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
10:35:59.0118 1624 NdisTapi - ok
10:35:59.0149 1624 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
10:35:59.0180 1624 Ndisuio - ok
10:35:59.0212 1624 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
10:35:59.0243 1624 NdisWan - ok
10:35:59.0274 1624 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
10:35:59.0290 1624 NDProxy - ok
10:35:59.0305 1624 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
10:35:59.0336 1624 NetBIOS - ok
10:35:59.0352 1624 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
10:35:59.0383 1624 NetBT - ok
10:35:59.0399 1624 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
10:35:59.0414 1624 Netlogon - ok
10:35:59.0446 1624 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
10:35:59.0477 1624 Netman - ok
10:35:59.0508 1624 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:35:59.0524 1624 NetMsmqActivator - ok
10:35:59.0524 1624 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:35:59.0539 1624 NetPipeActivator - ok
10:35:59.0555 1624 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
10:35:59.0586 1624 netprofm - ok
10:35:59.0602 1624 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:35:59.0602 1624 NetTcpActivator - ok
10:35:59.0602 1624 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:35:59.0617 1624 NetTcpPortSharing - ok
10:35:59.0648 1624 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
10:35:59.0648 1624 nfrd960 - ok
10:35:59.0695 1624 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
10:35:59.0726 1624 NlaSvc - ok
10:35:59.0742 1624 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
10:35:59.0773 1624 Npfs - ok
10:35:59.0789 1624 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
10:35:59.0804 1624 nsi - ok
10:35:59.0820 1624 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
10:35:59.0851 1624 nsiproxy - ok
10:35:59.0898 1624 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
10:35:59.0929 1624 Ntfs - ok
10:35:59.0945 1624 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
10:35:59.0976 1624 Null - ok
10:36:00.0210 1624 [ DD81FBC57AB9134CDDC5CE90880BFD80 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
10:36:00.0382 1624 nvlddmkm - ok
10:36:00.0382 1624 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
10:36:00.0397 1624 nvraid - ok
10:36:00.0428 1624 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
10:36:00.0444 1624 nvstor - ok
10:36:00.0491 1624 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
10:36:00.0491 1624 nv_agp - ok
10:36:00.0506 1624 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
10:36:00.0522 1624 ohci1394 - ok
10:36:00.0538 1624 [ 678CC7DCF607BBD69A9F9333D39C2F1D ] ossrv C:\Windows\system32\drivers\ctoss2k.sys
10:36:00.0538 1624 ossrv - ok
10:36:00.0584 1624 [ 80C30F531A54AE2846DC8F869010F51E ] OverwolfUpdaterService C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
10:36:00.0584 1624 OverwolfUpdaterService - ok
10:36:00.0616 1624 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
10:36:00.0616 1624 p2pimsvc - ok
10:36:00.0647 1624 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
10:36:00.0647 1624 p2psvc - ok
10:36:00.0662 1624 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
10:36:00.0678 1624 Parport - ok
10:36:00.0694 1624 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
10:36:00.0709 1624 partmgr - ok
10:36:00.0725 1624 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
10:36:00.0740 1624 PcaSvc - ok
10:36:00.0756 1624 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
10:36:00.0772 1624 pci - ok
10:36:00.0772 1624 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
10:36:00.0787 1624 pciide - ok
10:36:00.0787 1624 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
10:36:00.0803 1624 pcmcia - ok
10:36:00.0834 1624 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
10:36:00.0834 1624 pcw - ok
10:36:00.0850 1624 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
10:36:00.0881 1624 PEAUTH - ok
10:36:00.0928 1624 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
10:36:00.0959 1624 PeerDistSvc - ok
10:36:01.0006 1624 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
10:36:01.0021 1624 PerfHost - ok
10:36:01.0068 1624 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
10:36:01.0115 1624 pla - ok
10:36:01.0146 1624 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
10:36:01.0146 1624 PlugPlay - ok
10:36:01.0162 1624 PnkBstrA - ok
10:36:01.0177 1624 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
10:36:01.0193 1624 PNRPAutoReg - ok
10:36:01.0208 1624 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
10:36:01.0224 1624 PNRPsvc - ok
10:36:01.0240 1624 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
10:36:01.0271 1624 PolicyAgent - ok
10:36:01.0302 1624 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
10:36:01.0333 1624 Power - ok
10:36:01.0349 1624 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
10:36:01.0380 1624 PptpMiniport - ok
10:36:01.0396 1624 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
10:36:01.0411 1624 Processor - ok
10:36:01.0458 1624 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
10:36:01.0458 1624 ProfSvc - ok
10:36:01.0474 1624 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
10:36:01.0489 1624 ProtectedStorage - ok
10:36:01.0520 1624 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
10:36:01.0536 1624 Psched - ok
10:36:01.0598 1624 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
10:36:01.0630 1624 ql2300 - ok
10:36:01.0630 1624 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
10:36:01.0645 1624 ql40xx - ok
10:36:01.0676 1624 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
10:36:01.0692 1624 QWAVE - ok
10:36:01.0692 1624 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
10:36:01.0708 1624 QWAVEdrv - ok
10:36:01.0723 1624 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
10:36:01.0754 1624 RasAcd - ok
10:36:01.0770 1624 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
10:36:01.0801 1624 RasAgileVpn - ok
10:36:01.0801 1624 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
10:36:01.0848 1624 RasAuto - ok
10:36:01.0848 1624 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
10:36:01.0879 1624 Rasl2tp - ok
10:36:01.0895 1624 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
10:36:01.0926 1624 RasMan - ok
10:36:01.0942 1624 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
10:36:01.0973 1624 RasPppoe - ok
10:36:01.0988 1624 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
10:36:02.0020 1624 RasSstp - ok
10:36:02.0035 1624 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
10:36:02.0066 1624 rdbss - ok
10:36:02.0082 1624 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
10:36:02.0082 1624 rdpbus - ok
10:36:02.0098 1624 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
10:36:02.0129 1624 RDPCDD - ok
10:36:02.0160 1624 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
10:36:02.0176 1624 RDPDR - ok
10:36:02.0176 1624 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
10:36:02.0207 1624 RDPENCDD - ok
10:36:02.0222 1624 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
10:36:02.0254 1624 RDPREFMP - ok
10:36:02.0285 1624 [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
10:36:02.0300 1624 RdpVideoMiniport - ok
10:36:02.0332 1624 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
10:36:02.0347 1624 RDPWD - ok
10:36:02.0378 1624 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
10:36:02.0394 1624 rdyboost - ok
10:36:02.0410 1624 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
10:36:02.0441 1624 RemoteAccess - ok
10:36:02.0456 1624 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
10:36:02.0472 1624 RemoteRegistry - ok
10:36:02.0488 1624 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
10:36:02.0519 1624 RpcEptMapper - ok
10:36:02.0519 1624 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
10:36:02.0534 1624 RpcLocator - ok
10:36:02.0566 1624 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
10:36:02.0597 1624 RpcSs - ok
10:36:02.0612 1624 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
10:36:02.0644 1624 rspndr - ok
10:36:02.0675 1624 [ ABCB5A38A0D85BDF69B7877E1AD1EED5 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
10:36:02.0690 1624 RTL8167 - ok
10:36:02.0722 1624 [ B674400273552406F11A02387222CD0F ] rzjoystk C:\Windows\system32\DRIVERS\rzjoystk.sys
10:36:02.0722 1624 rzjoystk - ok
10:36:02.0768 1624 [ 95CBC73E98F4A5EF4366DBB4B4E5D436 ] RzSynapse C:\Windows\system32\DRIVERS\RzSynapse.sys
10:36:02.0768 1624 RzSynapse - ok
10:36:02.0831 1624 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
10:36:02.0831 1624 s3cap - ok
10:36:02.0862 1624 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
10:36:02.0878 1624 SamSs - ok
10:36:02.0878 1624 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
10:36:02.0893 1624 sbp2port - ok
10:36:02.0909 1624 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
10:36:02.0940 1624 SCardSvr - ok
10:36:02.0971 1624 [ 6CE6F98EA3D07A9C2CE3CD0A5A86352D ] SCDEmu C:\Windows\system32\drivers\SCDEmu.sys
10:36:02.0987 1624 SCDEmu - ok
10:36:03.0018 1624 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
10:36:03.0049 1624 scfilter - ok
10:36:03.0096 1624 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
10:36:03.0127 1624 Schedule - ok
10:36:03.0158 1624 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
10:36:03.0174 1624 SCPolicySvc - ok
10:36:03.0221 1624 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
10:36:03.0221 1624 SDRSVC - ok
10:36:03.0236 1624 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
10:36:03.0268 1624 secdrv - ok
10:36:03.0283 1624 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
10:36:03.0314 1624 seclogon - ok
10:36:03.0330 1624 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
10:36:03.0361 1624 SENS - ok
10:36:03.0361 1624 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
10:36:03.0377 1624 SensrSvc - ok
10:36:03.0377 1624 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
10:36:03.0392 1624 Serenum - ok
10:36:03.0392 1624 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
10:36:03.0408 1624 Serial - ok
10:36:03.0424 1624 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
10:36:03.0424 1624 sermouse - ok
10:36:03.0486 1624 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
10:36:03.0517 1624 SessionEnv - ok
10:36:03.0517 1624 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
10:36:03.0533 1624 sffdisk - ok
10:36:03.0533 1624 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
10:36:03.0548 1624 sffp_mmc - ok
10:36:03.0548 1624 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
10:36:03.0564 1624 sffp_sd - ok
10:36:03.0564 1624 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
10:36:03.0580 1624 sfloppy - ok
10:36:03.0611 1624 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
10:36:03.0642 1624 SharedAccess - ok
10:36:03.0658 1624 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:36:03.0689 1624 ShellHWDetection - ok
10:36:03.0689 1624 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:36:03.0704 1624 SiSRaid2 - ok
10:36:03.0704 1624 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
10:36:03.0720 1624 SiSRaid4 - ok
10:36:03.0736 1624 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
10:36:03.0767 1624 Smb - ok
10:36:03.0782 1624 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
10:36:03.0798 1624 SNMPTRAP - ok
10:36:03.0814 1624 [ 12583AF6CBE0050651EAF2723B3AD7B3 ] speedfan C:\Windows\syswow64\speedfan.sys
10:36:03.0814 1624 speedfan - ok
10:36:03.0829 1624 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
10:36:03.0845 1624 spldr - ok
10:36:03.0876 1624 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
10:36:03.0892 1624 Spooler - ok
10:36:03.0970 1624 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
10:36:04.0032 1624 sppsvc - ok
10:36:04.0048 1624 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
10:36:04.0063 1624 sppuinotify - ok
10:36:04.0110 1624 [ 9AB59CF736981ED1F83C6AB5FAA8BA5C ] sptd C:\Windows\system32\Drivers\sptd.sys
10:36:04.0126 1624 sptd - ok
10:36:04.0157 1624 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
10:36:04.0172 1624 srv - ok
10:36:04.0188 1624 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
10:36:04.0204 1624 srv2 - ok
10:36:04.0219 1624 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
10:36:04.0235 1624 srvnet - ok
10:36:04.0250 1624 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
10:36:04.0282 1624 SSDPSRV - ok
10:36:04.0282 1624 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
10:36:04.0313 1624 SstpSvc - ok
10:36:04.0313 1624 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
10:36:04.0328 1624 stexstor - ok
10:36:04.0360 1624 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
10:36:04.0391 1624 stisvc - ok
10:36:04.0406 1624 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
10:36:04.0406 1624 storflt - ok
10:36:04.0422 1624 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
10:36:04.0422 1624 storvsc - ok
10:36:04.0438 1624 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
10:36:04.0453 1624 swenum - ok
10:36:04.0469 1624 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
10:36:04.0500 1624 swprv - ok
10:36:04.0516 1624 Synth3dVsc - ok
10:36:04.0562 1624 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
10:36:04.0594 1624 SysMain - ok
10:36:04.0625 1624 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:36:04.0640 1624 TabletInputService - ok
10:36:04.0656 1624 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
10:36:04.0687 1624 TapiSrv - ok
10:36:04.0687 1624 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
10:36:04.0718 1624 TBS - ok
10:36:04.0781 1624 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
10:36:04.0812 1624 Tcpip - ok
10:36:04.0859 1624 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
10:36:04.0890 1624 TCPIP6 - ok
10:36:04.0921 1624 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
10:36:04.0952 1624 tcpipreg - ok
10:36:04.0968 1624 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
10:36:04.0968 1624 TDPIPE - ok
10:36:04.0999 1624 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
10:36:04.0999 1624 TDTCP - ok
10:36:05.0030 1624 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
10:36:05.0062 1624 tdx - ok
10:36:05.0077 1624 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
10:36:05.0077 1624 TermDD - ok
10:36:05.0108 1624 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
10:36:05.0140 1624 TermService - ok
10:36:05.0155 1624 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
10:36:05.0171 1624 Themes - ok
10:36:05.0202 1624 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
10:36:05.0233 1624 THREADORDER - ok
10:36:05.0249 1624 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
10:36:05.0280 1624 TrkWks - ok
10:36:05.0311 1624 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:36:05.0327 1624 TrustedInstaller - ok
10:36:05.0358 1624 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
10:36:05.0389 1624 tssecsrv - ok
10:36:05.0436 1624 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
10:36:05.0436 1624 TsUsbFlt - ok
10:36:05.0452 1624 tsusbhub - ok
10:36:05.0483 1624 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
10:36:05.0514 1624 tunnel - ok
10:36:05.0514 1624 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
10:36:05.0530 1624 uagp35 - ok
10:36:05.0545 1624 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
10:36:05.0576 1624 udfs - ok
10:36:05.0623 1624 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
10:36:05.0623 1624 UI0Detect - ok
10:36:05.0639 1624 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
10:36:05.0639 1624 uliagpkx - ok
10:36:05.0670 1624 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
10:36:05.0686 1624 umbus - ok
10:36:05.0686 1624 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
10:36:05.0701 1624 UmPass - ok
10:36:05.0732 1624 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
10:36:05.0748 1624 UmRdpService - ok
10:36:05.0764 1624 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
10:36:05.0795 1624 upnphost - ok
10:36:05.0795 1624 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
10:36:05.0810 1624 usbaudio - ok
10:36:05.0842 1624 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
10:36:05.0857 1624 usbccgp - ok
10:36:05.0857 1624 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
10:36:05.0873 1624 usbcir - ok
10:36:05.0904 1624 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
10:36:05.0904 1624 usbehci - ok
10:36:05.0935 1624 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
10:36:05.0935 1624 usbhub - ok
10:36:05.0966 1624 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
10:36:05.0982 1624 usbohci - ok
10:36:05.0982 1624 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
10:36:05.0998 1624 usbprint - ok
10:36:06.0013 1624 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:36:06.0013 1624 USBSTOR - ok
10:36:06.0029 1624 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
10:36:06.0029 1624 usbuhci - ok
10:36:06.0060 1624 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
10:36:06.0091 1624 UxSms - ok
10:36:06.0107 1624 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
10:36:06.0107 1624 VaultSvc - ok
10:36:06.0154 1624 [ 03837B80AD5D8A00996148AD57C09791 ] VBoxDrv C:\Windows\system32\DRIVERS\VBoxDrv.sys
10:36:06.0154 1624 VBoxDrv - ok
10:36:06.0169 1624 [ 51CEE8E2B356FDC351DB20C87F25F5A8 ] VBoxNetAdp C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
10:36:06.0185 1624 VBoxNetAdp - ok
10:36:06.0200 1624 [ CE7E80C7367B2ADAA023D9004C9F4691 ] VBoxNetFlt C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
10:36:06.0200 1624 VBoxNetFlt - ok
10:36:06.0216 1624 [ 9617A5D24439180E9D7DEF202FF79F4A ] VBoxUSB C:\Windows\system32\Drivers\VBoxUSB.sys
10:36:06.0232 1624 VBoxUSB - ok
10:36:06.0263 1624 [ 27C9A9F2FA94140DDCF7B9131E13E1B4 ] VBoxUSBMon C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
10:36:06.0263 1624 VBoxUSBMon - ok
10:36:06.0278 1624 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
10:36:06.0294 1624 vdrvroot - ok
10:36:06.0325 1624 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
10:36:06.0372 1624 vds - ok
10:36:06.0372 1624 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
10:36:06.0388 1624 vga - ok
10:36:06.0403 1624 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
10:36:06.0434 1624 VgaSave - ok
10:36:06.0434 1624 VGPU - ok
10:36:06.0466 1624 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
10:36:06.0481 1624 vhdmp - ok
10:36:06.0497 1624 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
10:36:06.0497 1624 viaide - ok
10:36:06.0528 1624 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
10:36:06.0544 1624 vmbus - ok
10:36:06.0544 1624 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
10:36:06.0559 1624 VMBusHID - ok
10:36:06.0622 1624 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
10:36:06.0622 1624 volmgr - ok
10:36:06.0637 1624 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
10:36:06.0653 1624 volmgrx - ok
10:36:06.0668 1624 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
10:36:06.0668 1624 volsnap - ok
10:36:06.0731 1624 [ 1DE8494EB32A68D2140FD120BAB2DE43 ] vseamps C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe
10:36:06.0746 1624 vseamps - ok
10:36:06.0762 1624 [ 53604F5091EB1100B930B7E34F593660 ] vsedsps C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe
10:36:06.0778 1624 vsedsps - ok
10:36:06.0793 1624 [ 54F18665937F657842BC195BD2CB489C ] vseqrts C:\Program Files\Common Files\Authentium\AntiVirus5\vseqrts.exe
10:36:06.0793 1624 vseqrts - ok
10:36:06.0809 1624 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
10:36:06.0809 1624 vsmraid - ok
10:36:06.0871 1624 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
10:36:06.0902 1624 VSS - ok
10:36:06.0918 1624 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
10:36:06.0934 1624 vwifibus - ok
10:36:06.0980 1624 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
10:36:07.0012 1624 W32Time - ok
10:36:07.0027 1624 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
10:36:07.0043 1624 WacomPen - ok
10:36:07.0043 1624 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
10:36:07.0074 1624 WANARP - ok
10:36:07.0090 1624 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
10:36:07.0105 1624 Wanarpv6 - ok
10:36:07.0152 1624 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
10:36:07.0183 1624 WatAdminSvc - ok
10:36:07.0230 1624 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
10:36:07.0246 1624 wbengine - ok
10:36:07.0277 1624 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
10:36:07.0292 1624 WbioSrvc - ok
10:36:07.0308 1624 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
10:36:07.0339 1624 wcncsvc - ok
10:36:07.0355 1624 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:36:07.0370 1624 WcsPlugInService - ok
10:36:07.0370 1624 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
10:36:07.0386 1624 Wd - ok
10:36:07.0402 1624 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
10:36:07.0417 1624 Wdf01000 - ok
10:36:07.0433 1624 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
10:36:07.0448 1624 WdiServiceHost - ok
10:36:07.0448 1624 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
10:36:07.0464 1624 WdiSystemHost - ok
10:36:07.0480 1624 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
10:36:07.0495 1624 WebClient - ok
10:36:07.0511 1624 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
10:36:07.0542 1624 Wecsvc - ok
10:36:07.0573 1624 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
10:36:07.0604 1624 wercplsupport - ok
10:36:07.0620 1624 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
10:36:07.0636 1624 WerSvc - ok
10:36:07.0667 1624 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
10:36:07.0698 1624 WfpLwf - ok
10:36:07.0698 1624 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
10:36:07.0714 1624 WIMMount - ok
10:36:07.0745 1624 WinDefend - ok
10:36:07.0760 1624 WinHttpAutoProxySvc - ok
10:36:07.0807 1624 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
10:36:07.0838 1624 Winmgmt - ok
10:36:07.0901 1624 [ 0C0195C48B6B8582FA6F6373032118DA ] WinRing0_1_2_0 C:\Program Files (x86)\IObit\Game Booster\Driver\WinRing0x64.sys
10:36:07.0916 1624 WinRing0_1_2_0 - ok
10:36:07.0963 1624 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
10:36:08.0010 1624 WinRM - ok
10:36:08.0026 1624 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
10:36:08.0041 1624 WinUsb - ok
10:36:08.0072 1624 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
10:36:08.0104 1624 Wlansvc - ok
10:36:08.0150 1624 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:36:08.0197 1624 wlidsvc - ok
10:36:08.0244 1624 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
10:36:08.0244 1624 WmiAcpi - ok
10:36:08.0275 1624 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
10:36:08.0291 1624 wmiApSrv - ok
10:36:08.0338 1624 [ 83B6CA03C846FCD47F9883D77D1EB27B ] WMZuneComm c:\Program Files\Zune\WMZuneComm.exe
10:36:08.0353 1624 WMZuneComm - ok
10:36:08.0369 1624 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
10:36:08.0384 1624 WPCSvc - ok
10:36:08.0416 1624 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
10:36:08.0431 1624 WPDBusEnum - ok
10:36:08.0447 1624 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
10:36:08.0478 1624 ws2ifsl - ok
10:36:08.0509 1624 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
10:36:08.0525 1624 wscsvc - ok
10:36:08.0525 1624 WSearch - ok
10:36:08.0587 1624 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
10:36:08.0634 1624 wuauserv - ok
10:36:08.0650 1624 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
10:36:08.0681 1624 WudfPf - ok
10:36:08.0696 1624 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
10:36:08.0728 1624 WUDFRd - ok
10:36:08.0743 1624 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
10:36:08.0774 1624 wudfsvc - ok
10:36:08.0790 1624 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
10:36:08.0806 1624 WwanSvc - ok
10:36:08.0852 1624 [ 4A5CE13408945E525503B5F73D29B9C5 ] xnacc C:\Windows\system32\DRIVERS\xnacc.sys
10:36:08.0868 1624 xnacc - ok
10:36:08.0899 1624 [ 2C6BC21B2D5B58D8B1D638C1704CB494 ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
10:36:08.0899 1624 xusb21 - ok
10:36:09.0024 1624 [ 67B787C34FB2888D01B130AE007042D8 ] ZuneNetworkSvc c:\Program Files\Zune\ZuneNss.exe
10:36:09.0133 1624 ZuneNetworkSvc - ok
10:36:09.0180 1624 [ 4D89FC1C20CF655739EFAC5DA81A67BC ] ZuneWlanCfgSvc c:\Program Files\Zune\ZuneWlanCfgSvc.exe
10:36:09.0196 1624 ZuneWlanCfgSvc - ok
10:36:09.0211 1624 ================ Scan global ===============================
10:36:09.0242 1624 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
10:36:09.0258 1624 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
10:36:09.0274 1624 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
10:36:09.0289 1624 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
10:36:09.0305 1624 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
10:36:09.0305 1624 [Global] - ok
10:36:09.0305 1624 ================ Scan MBR ==================================
10:36:09.0320 1624 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:36:09.0695 1624 \Device\Harddisk0\DR0 - ok
10:36:09.0726 1624 [ 5F549E0A200B7179806806E6C0CF098C ] \Device\Harddisk1\DR1
10:37:40.0814 1624 \Device\Harddisk1\DR1 - ok
10:37:40.0814 1624 ================ Scan VBR ==================================
10:37:40.0814 1624 [ 04CF8EA60793E0609F45F133763776C1 ] \Device\Harddisk0\DR0\Partition1
10:37:40.0814 1624 \Device\Harddisk0\DR0\Partition1 - ok
10:37:40.0830 1624 [ 98DAB75CECA5A0CC54F74BFE5E7F630B ] \Device\Harddisk0\DR0\Partition2
10:37:40.0830 1624 \Device\Harddisk0\DR0\Partition2 - ok
10:37:40.0846 1624 [ BE06008EBE54E11C32499F9A944D9B85 ] \Device\Harddisk1\DR1\Partition1
10:37:40.0846 1624 \Device\Harddisk1\DR1\Partition1 - ok
10:37:40.0846 1624 ============================================================
10:37:40.0846 1624 Scan finished
10:37:40.0846 1624 ============================================================
10:37:40.0861 1616 Detected object count: 3
10:37:40.0861 1616 Actual detected object count: 3
10:38:05.0166 1616 HtcUsbMdmV64 ( UnsignedFile.Multi.Generic ) - skipped by user
10:38:05.0166 1616 HtcUsbMdmV64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:38:05.0166 1616 HtcVCom32 ( UnsignedFile.Multi.Generic ) - skipped by user
10:38:05.0166 1616 HtcVCom32 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:38:05.0182 1616 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
10:38:05.0182 1616 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:38:09.0893 1192 Deinitialize success


OTL (the ones I ended up with)

OTL logfile created on: 3/17/2013 10:41:03 AM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\User\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 3.44 Gb Available Physical Memory | 86.12% Memory free
8.00 Gb Paging File | 7.47 Gb Available in Paging File | 93.42% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 685.54 Gb Total Space | 390.15 Gb Free Space | 56.91% Space Free | Partition Type: NTFS
Drive D: | 3.09 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive F: | 62.47 Mb Total Space | 28.61 Mb Free Space | 45.79% Space Free | Partition Type: FAT

Computer Name: MACHINE-PC | User Name: User | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/02/27 18:08:04 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe


========== Modules (No Company Name) ==========


========== Services (SafeList) ==========

SRV:64bit: - [2012/09/27 20:38:16 | 000,239,616 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012/05/25 12:53:24 | 000,180,576 | ---- | M] (Commtouch, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Authentium\AntiVirus5\vseqrts.exe -- (vseqrts)
SRV:64bit: - [2012/05/25 12:53:20 | 000,119,136 | R--- | M] (Commtouch, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe -- (vsedsps)
SRV:64bit: - [2012/05/25 12:53:12 | 000,121,184 | R--- | M] (Commtouch, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe -- (vseamps)
SRV:64bit: - [2011/08/05 12:53:12 | 000,467,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Zune\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV:64bit: - [2011/08/05 12:53:12 | 000,306,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Zune\WMZuneComm.exe -- (WMZuneComm)
SRV:64bit: - [2011/08/05 12:53:06 | 008,277,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV:64bit: - [2009/07/20 12:36:14 | 000,160,784 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 20:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013/02/27 18:21:30 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/01/24 06:52:00 | 002,074,256 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe -- (DragonUpdater)
SRV - [2012/10/12 04:58:52 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/09/13 12:57:52 | 000,018,360 | ---- | M] (Overwolf Ltd) [On_Demand | Stopped] -- C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe -- (OverwolfUpdaterService)
SRV - [2012/07/27 15:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/06/02 19:32:55 | 000,066,872 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/09/27 21:21:20 | 010,697,216 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012/09/27 20:12:52 | 000,460,288 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012/05/25 12:58:30 | 000,173,408 | R--- | M] (Commtouch, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\amp.sys -- (AMP)
DRV:64bit: - [2012/05/25 12:58:28 | 001,496,416 | R--- | M] (Commtouch, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\ampse.sys -- (AMPSE)
DRV:64bit: - [2012/05/14 01:12:30 | 000,096,896 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2012/04/17 08:25:02 | 000,031,432 | ---- | M] (EldoS Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\ElRawDsk.sys -- (ElRawDisk)
DRV:64bit: - [2012/04/03 14:19:10 | 000,147,248 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:64bit: - [2012/03/26 18:42:14 | 000,138,360 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AnyDVD.sys -- (AnyDVD)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/09/27 23:15:26 | 000,012,904 | ---- | M] (UVNC BVBA) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mv2.sys -- (mv2)
DRV:64bit: - [2011/07/14 17:18:52 | 000,157,184 | ---- | M] (Razer USA Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RzSynapse.sys -- (RzSynapse)
DRV:64bit: - [2011/05/18 00:35:08 | 000,310,728 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2011/05/18 00:18:33 | 000,043,168 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2011/03/24 14:35:36 | 000,019,968 | ---- | M] (Razer USA Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rzjoystk.sys -- (rzjoystk)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/10 22:51:38 | 000,868,848 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010/12/16 17:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2010/11/20 08:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 06:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 06:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010/11/09 15:35:24 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135)
DRV:64bit: - [2010/04/12 03:55:00 | 000,091,568 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2010/03/08 14:08:36 | 000,121,800 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HtcVComV64.sys -- (HtcVCom32)
DRV:64bit: - [2010/03/08 14:03:54 | 000,121,800 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HtcUsbMdmV64.sys -- (HtcUsbMdmV64)
DRV:64bit: - [2010/01/06 01:44:20 | 000,035,840 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BVRPMPR5a64.SYS -- (BVRPMPR5a64)
DRV:64bit: - [2009/08/21 01:52:10 | 000,079,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 19:01:09 | 000,679,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xnacc.sys -- (xnacc)
DRV:64bit: - [2009/06/17 11:54:38 | 000,112,144 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouKE.Sys -- (LMouKE)
DRV:64bit: - [2009/06/17 11:54:30 | 000,057,872 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2009/06/17 11:54:22 | 000,055,312 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2009/06/17 11:53:42 | 000,089,616 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L8042mou.Sys -- (L8042mou)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/03/01 23:05:32 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/02/24 19:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcdbus.sys -- (mcdbus)
DRV:64bit: - [2007/07/23 09:57:04 | 000,052,992 | ---- | M] (Ideazon Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Alpham164.sys -- (Alpham1)
DRV:64bit: - [2007/04/12 08:10:28 | 000,151,296 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\COMMONFX.DLL -- (COMMONFX.DLL)
DRV:64bit: - [2007/04/10 06:07:54 | 000,580,904 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ctac32k.sys -- (ctac32k)
DRV:64bit: - [2007/04/10 04:41:54 | 000,295,208 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\haP17v2k.sys -- (hap17v2k)
DRV:64bit: - [2007/04/10 04:41:20 | 000,259,880 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\haP16v2k.sys -- (hap16v2k)
DRV:64bit: - [2007/04/10 04:40:24 | 001,359,144 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ha10kx2k.sys -- (ha10kx2k)
DRV:64bit: - [2007/04/10 04:39:48 | 000,147,752 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\emupia2k.sys -- (emupia)
DRV:64bit: - [2007/04/10 04:38:40 | 000,290,600 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV:64bit: - [2007/04/10 04:38:10 | 000,017,192 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV:64bit: - [2007/04/10 04:37:36 | 000,218,408 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ctoss2k.sys -- (ossrv)
DRV:64bit: - [2007/04/10 04:35:28 | 000,863,016 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ctaud2k.sys -- (ctaud2k)
DRV:64bit: - [2007/04/10 04:17:22 | 000,123,688 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTHWIUT.DLL -- (CTHWIUT.DLL)
DRV:64bit: - [2007/04/10 04:17:00 | 000,252,712 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CT20XUT.DLL -- (CT20XUT.DLL)
DRV:64bit: - [2007/04/10 04:16:20 | 001,571,112 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTEXFIFX.DLL -- (CTEXFIFX.DLL)
DRV:64bit: - [2007/04/10 04:15:44 | 000,363,304 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTEDSPSY.DLL -- (CTEDSPSY.DLL)
DRV:64bit: - [2007/04/10 04:15:10 | 000,190,248 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTEDSPIO.DLL -- (CTEDSPIO.DLL)
DRV:64bit: - [2007/04/10 04:14:28 | 000,142,120 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTERFXFX.DLL -- (CTERFXFX.DLL)
DRV:64bit: - [2007/04/10 04:13:38 | 000,321,832 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTEDSPFX.DLL -- (CTEDSPFX.DLL)
DRV:64bit: - [2007/04/10 04:13:08 | 000,219,432 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTEAPSFX.DLL -- (CTEAPSFX.DLL)
DRV:64bit: - [2007/04/10 04:12:22 | 000,681,256 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTSBLFX.DLL -- (CTSBLFX.DLL)
DRV:64bit: - [2007/04/10 04:11:46 | 000,700,200 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTAUDFX.DLL -- (CTAUDFX.DLL)
DRV:64bit: - [2007/03/20 11:51:04 | 000,021,760 | ---- | M] (Ideazon Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Alpham264.sys -- (Alpham2)
DRV:64bit: - [2007/02/15 19:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2012/03/26 18:42:14 | 000,138,360 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2010/11/01 06:08:46 | 000,014,544 | ---- | M] (OpenLibSys.org) [File_System | On_Demand | Stopped] -- C:\Program Files (x86)\IObit\Game Booster\Driver\WinRing0x64.sys -- (WinRing0_1_2_0)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/02/24 19:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\mcdbus.sys -- (mcdbus)
DRV - [2007/02/15 19:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\ElbyCDFL.sys -- (ElbyCDFL)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7


IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2925201978-3475927693-2139486491-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
IE - HKU\S-1-5-21-2925201978-3475927693-2139486491-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-2925201978-3475927693-2139486491-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D0 82 C5 DD 1D DD CB 01 [binary data]
IE - HKU\S-1-5-21-2925201978-3475927693-2139486491-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2925201978-3475927693-2139486491-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-2925201978-3475927693-2139486491-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...&rlz=1I7WZPC_en
IE - HKU\S-1-5-21-2925201978-3475927693-2139486491-1000\..\SearchScopes\{AC01EF9D-04A3-4A38-8296-B18B88403052}: "URL" = http://search.avg.co...}&ychte=us&nt=1
IE - HKU\S-1-5-21-2925201978-3475927693-2139486491-1000\..\SearchScopes\{F6066676-1EEB-BD50-8DCD-39409136EB4C}: "URL" = http://www.bing.com/...UGO&form=ZGAIDF
IE - HKU\S-1-5-21-2925201978-3475927693-2139486491-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2925201978-3475927693-2139486491-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/ig"
FF - prefs.js..extensions.enabledAddons: {097d3191-e6fa-4728-9826-b533d755359d}:0.7.18
FF - prefs.js..extensions.enabledAddons: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20120926
FF - prefs.js..extensions.enabledAddons: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.5.9rc2
FF - prefs.js..extensions.enabledAddons: [email protected]:2.0.7
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.3.1: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.3.1: C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@logitech.com/HarmonyRemote,version=1.0.0: C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll (Logitech Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\User\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\User\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/10/12 04:58:53 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/10/12 04:58:53 | 000,000,000 | ---D | M]

[2010/10/18 22:29:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Extensions
[2010/10/18 22:29:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Extensions\[email protected]
[2012/10/23 00:44:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\5wmol7ea.default\extensions
[2012/10/03 23:02:39 | 000,000,000 | ---D | M] (WOT) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\5wmol7ea.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2012/10/13 23:08:27 | 000,000,000 | ---D | M] (LavaFox V2) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\5wmol7ea.default\extensions\[email protected]
[2012/09/05 01:03:23 | 000,455,379 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\5wmol7ea.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi
[2011/10/25 16:09:36 | 000,007,532 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\5wmol7ea.default\extensions\{27c60876-b5c9-4335-b4f3-52b26782220c}.xpi
[2012/10/23 00:36:18 | 000,529,958 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\5wmol7ea.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2012/10/20 00:59:53 | 000,002,112 | ---- | M] () -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\5wmol7ea.default\searchplugins\wot-safe-search.xml
[2012/10/12 04:58:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/10/12 04:58:53 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/09/05 01:03:12 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/10/12 04:58:50 | 000,002,058 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: WOT Safe Search (Enabled)
CHR - default_search_provider: search_url = http://search.surfca...ms}&partner=wot
CHR - default_search_provider: suggest_url = http://www.surfcanyo...?q={searchTerms}
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\User\AppData\Local\Google\Chrome\Application\14.0.835.202\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.270.7 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U27 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\User\AppData\Local\Google\Chrome\Application\14.0.835.202\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\User\AppData\Local\Google\Chrome\Application\14.0.835.202\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: WOT = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\1.2.2_0\
CHR - Extension: Late Night = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgbdhkpacgdhfabeceekiafonfkipohm\1.0_0\

O1 HOSTS File: ([2011/05/15 00:26:27 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O2 - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files (x86)\WOT\WOT.dll ()
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O3 - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll ()
O3 - HKU\S-1-5-21-2925201978-3475927693-2139486491-1000\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll ()
O4:64bit: - HKLM..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL File not found
O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Zune Launcher] c:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AsioThk32Reg] C:\Windows\SysWow64\ctasio.dll (Creative Technology Ltd)
O4 - HKLM..\Run: [CloneCDTray] C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.)
O4 - HKLM..\Run: [CTHelper] C:\Windows\SysWow64\CtHelper.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [CTxfiHlp] C:\Windows\SysWow64\Ctxfihlp.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Razer Mamba Driver] C:\Program Files (x86)\Razer\Mamba\RazerTray.exe (Razer USA Ltd)
O4 - HKLM..\Run: [Razer Nostromo Driver] C:\Program Files (x86)\Razer\Nostromo\RazerNostromoSysTray.exe (Razer USA Ltd)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\.DEFAULT..\Run: [DevconDefaultDB] C:\Windows\SysWow64\READREG.exe (Creative Technology Limited)
O4 - HKU\S-1-5-18..\Run: [DevconDefaultDB] C:\Windows\SysWow64\READREG.exe (Creative Technology Limited)
O4 - HKU\S-1-5-21-2925201978-3475927693-2139486491-1000..\Run: [DevconDefaultDB] C:\Windows\SysWow64\readreg.exe (Creative Technology Limited)
O4 - HKU\S-1-5-21-2925201978-3475927693-2139486491-1000..\Run: [googletalk] C:\Users\User\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)
O4 - HKLM..\RunOnce: [925DEFE5-B852-4777-8C40-7B9570E073C0] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2925201978-3475927693-2139486491-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2925201978-3475927693-2139486491-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-2925201978-3475927693-2139486491-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-2925201978-3475927693-2139486491-1000\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-2925201978-3475927693-2139486491-1000\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-2925201978-3475927693-2139486491-1000\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-2925201978-3475927693-2139486491-1000\..Trusted Domains: sony.com ([]* in Trusted sites)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.3.1)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_03)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} http://content.syste...ri_4.1.71.0.cab (SysInfo Class)
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} http://www.fileplane..._2.3.10.115.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} http://content.syste...ri_4.4.26.0.cab (SysInfo Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.220.0.10 24.220.0.11 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E0439918-EAA4-47CF-82BD-89B1CA356508}: DhcpNameServer = 24.220.0.10 24.220.0.11 192.168.1.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wot - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Overwolf\SKYPE4~2.DLL (Skype Technologies)
O18 - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll ()
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/04/12 04:38:58 | 000,000,122 | R--- | M] () - D:\autorun.inf -- [ UDF ]
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/03/17 10:12:41 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\User\Desktop\tdsskiller.exe
[2013/03/17 09:52:48 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/03/16 18:47:50 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\RK_Quarantine
[2013/02/27 20:36:17 | 000,000,000 | ---D | C] -- C:\FRST
[2013/02/27 15:16:40 | 000,056,072 | ---- | C] (COMODO CA Limited) -- C:\Windows\SysNative\certsentry.dll
[2013/02/27 15:16:40 | 000,047,368 | ---- | C] (COMODO CA Limited) -- C:\Windows\SysWow64\certsentry.dll

========== Files - Modified Within 30 Days ==========

[2013/03/17 10:32:54 | 000,792,614 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/03/17 10:32:54 | 000,669,048 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/03/17 10:32:54 | 000,125,234 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/03/17 10:28:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/03/17 10:28:41 | 3220,623,360 | -HS- | M] () -- C:\hiberfil.sys
[2013/03/17 10:14:59 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/03/17 09:56:02 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/03/17 09:49:30 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\User\Desktop\tdsskiller.exe
[2013/03/16 18:35:02 | 000,890,798 | ---- | M] () -- C:\Users\User\Desktop\SecurityCheck.exe
[2013/03/16 18:34:34 | 000,597,667 | ---- | M] () -- C:\Users\User\Desktop\AdwCleaner.exe
[2013/03/16 18:32:40 | 000,815,616 | ---- | M] () -- C:\Users\User\Desktop\RogueKiller.exe
[2013/02/27 18:19:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2925201978-3475927693-2139486491-1000UA.job
[2013/02/27 18:08:04 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
[2013/02/27 18:07:43 | 000,001,050 | ---- | M] () -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013/02/27 18:07:13 | 000,001,016 | ---- | M] () -- C:\Users\User\Desktop\Dropbox.lnk
[2013/02/27 17:31:49 | 000,009,688 | ---- | M] () -- C:\bootsqm.dat
[2013/02/27 15:26:10 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2925201978-3475927693-2139486491-1000Core.job
[2013/02/27 15:16:40 | 000,056,072 | ---- | M] (COMODO CA Limited) -- C:\Windows\SysNative\certsentry.dll
[2013/02/27 15:16:40 | 000,047,368 | ---- | M] (COMODO CA Limited) -- C:\Windows\SysWow64\certsentry.dll
[2013/02/27 15:16:31 | 000,020,768 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/02/27 15:16:31 | 000,020,768 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/02/27 14:38:46 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

========== Files Created - No Company Name ==========

[2013/03/16 18:54:27 | 000,890,798 | ---- | C] () -- C:\Users\User\Desktop\SecurityCheck.exe
[2013/03/16 18:51:57 | 000,597,667 | ---- | C] () -- C:\Users\User\Desktop\AdwCleaner.exe
[2013/03/16 18:47:45 | 000,815,616 | ---- | C] () -- C:\Users\User\Desktop\RogueKiller.exe
[2013/02/27 17:31:49 | 000,009,688 | ---- | C] () -- C:\bootsqm.dat
[2013/02/27 15:11:10 | 000,001,751 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk
[2013/02/27 15:11:10 | 000,001,050 | ---- | C] () -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2012/10/24 23:11:49 | 000,000,408 | ---- | C] () -- C:\Windows\SysWow64\iolo.ini
[2012/07/25 17:51:44 | 000,042,440 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2012/03/25 16:39:58 | 000,000,145 | ---- | C] () -- C:\Users\User\.appletviewer
[2012/03/09 14:06:14 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012/02/14 21:36:36 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012/02/14 21:36:36 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2011/10/25 22:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll
[2011/10/13 23:19:58 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\CmdLineExt03.dll
[2011/09/12 17:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011/06/23 00:18:44 | 000,001,854 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2011/06/18 12:30:37 | 000,000,214 | -HS- | C] () -- C:\ProgramData\.zreglib
[2011/06/05 15:23:26 | 000,001,770 | ---- | C] () -- C:\Users\User\AppData\Roaming\Profile0.dat
[2011/05/29 15:06:39 | 000,000,600 | ---- | C] () -- C:\Users\User\AppData\Local\PUTTY.RND
[2011/05/15 00:22:02 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2011/05/15 00:22:02 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/05/15 00:22:02 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe
[2011/05/15 00:22:02 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/05/15 00:22:02 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/03/31 23:36:42 | 000,007,594 | ---- | C] () -- C:\Users\User\AppData\Local\Resmon.ResmonCfg
[2011/03/30 22:41:11 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011/03/22 19:27:15 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2011/03/15 14:14:29 | 000,000,092 | ---- | C] () -- C:\Users\User\AppData\Local\fusioncache.dat

========== ZeroAccess Check ==========

[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 00:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 23:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 07:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/07/14 08:44:10 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\.minecraft
[2012/10/07 14:37:23 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\.techniclauncher
[2011/08/19 01:10:10 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\10moons
[2011/03/10 17:42:51 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Audacity
[2012/05/10 02:53:33 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\BitTorrent
[2011/03/10 22:49:38 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\DAEMON Tools
[2011/03/11 20:14:38 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\DAEMON Tools Lite
[2011/03/09 23:45:03 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\DAEMON Tools Pro
[2013/03/17 10:15:37 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Dropbox
[2012/08/11 01:11:07 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\FileZilla
[2011/05/15 00:52:31 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\FrostWire
[2011/06/04 12:33:16 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Ideazon
[2011/07/05 01:52:10 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\IObit
[2011/07/24 15:54:46 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\iSpy
[2011/05/15 11:15:13 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Kalypso Media
[2011/04/01 01:07:02 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Leadertech
[2011/03/15 18:33:24 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\MotioninJoy
[2012/04/13 12:44:27 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Mumble
[2011/10/26 17:58:20 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Need for Speed World
[2011/10/16 11:12:57 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Origin
[2011/03/15 20:17:29 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\PowerUp Software
[2012/10/04 17:59:39 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Raptr
[2011/07/04 20:25:40 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\SystemRequirementsLab
[2011/06/05 03:07:53 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\TightVNC
[2012/09/22 15:43:21 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\TS3Client
[2012/09/08 11:38:32 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\ts3overlay

========== Purity Check ==========



========== Custom Scans ==========

========== Drive Information ==========

Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: ST3750528AS ATA Device
Partitions: 3
Status: OK
Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE1 - Removable Media
Interface type: USB
Media Type: Removable Media
Model: OPTI3 Flash Disk USB Device
Partitions: 1
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 13.00GB
Starting Offset: 1048576
Hidden sectors: 0


DeviceID: Disk #0, Partition #1
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 100.00MB
Starting Offset: 13959692288
Hidden sectors: 0


DeviceID: Disk #0, Partition #2
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 686.00GB
Starting Offset: 14064549888
Hidden sectors: 0


DeviceID: Disk #1, Partition #0
PartitionType: MS-DOS V4 Huge
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 63.00MB
Starting Offset: 16384
Hidden sectors: 0


========== Alternate Data Streams ==========

@Alternate Data Stream - 128 bytes -> C:\Windows\SysWow64\zlib.dll:SummaryInformation
@Alternate Data Stream - 128 bytes -> C:\Windows\SysWow64\zlib.dll:DocumentSummaryInformation

< End of report >


Extras

OTL Extras logfile created on: 3/16/2013 6:38:22 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\User\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 3.18 Gb Available Physical Memory | 79.56% Memory free
8.00 Gb Paging File | 7.34 Gb Available in Paging File | 91.79% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 685.54 Gb Total Space | 389.34 Gb Free Space | 56.79% Space Free | Partition Type: NTFS
Drive D: | 3.09 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive F: | 62.47 Mb Total Space | 28.83 Mb Free Space | 46.15% Space Free | Partition Type: FAT

Computer Name: MACHINE-PC | User Name: User | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02B5CDCB-2D9D-42EE-9E59-3A4E8B93C683}" = lport=10243 | protocol=6 | dir=in | app=system |
"{043311F6-0BC5-4281-ABA7-3A3FA98D5061}" = lport=58149 | protocol=6 | dir=in | name=pando media booster |
"{04725B7D-6623-4C64-9C7D-CF34C8B0A045}" = lport=56566 | protocol=17 | dir=in | name=pando media booster |
"{0CBA4C36-8572-4333-BBAE-F4C5C480EFB7}" = lport=139 | protocol=6 | dir=in | app=system |
"{0D0E64FB-02FD-472D-A8A7-8575508B62E0}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0D6F2D0F-BBEC-4D1C-A1BD-4D0BBED75639}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1AA6D374-1020-45E5-BDE1-AAA62312093B}" = rport=445 | protocol=6 | dir=out | app=system |
"{1BA7E0F8-B6CF-4AC2-A785-E1A39522CBBD}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2DAACB89-CC3D-4818-BE44-8391AB5A1733}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{2DFC6F6E-0539-40A4-9048-0D7DD63E0E47}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3B4712A4-00D3-4CB5-8B16-446503379C50}" = rport=10243 | protocol=6 | dir=out | app=system |
"{3F9B1208-76E7-4CD6-84B9-270114A706F7}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{41E4DC9E-4C59-4A91-9B9D-43D75842128B}" = lport=5900 | protocol=6 | dir=in | name=vnc5900 |
"{48A7F30C-1C61-4AF7-9A58-96D30F7E4B78}" = lport=138 | protocol=17 | dir=in | app=system |
"{4CFB0A4D-4310-4829-A02D-03F338494AD3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{55E7D7AC-4754-48A8-8832-43FB957F6BD7}" = lport=58149 | protocol=17 | dir=in | name=pando media booster |
"{579220CC-7549-42FE-AEA8-479BC9480DF0}" = rport=138 | protocol=17 | dir=out | app=system |
"{6F1134EC-F6F7-413C-AE8C-6DA4E41B9550}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7F20D037-02AE-4A4A-AEDB-3E5F0A04236B}" = lport=445 | protocol=6 | dir=in | app=system |
"{828BCE21-6A96-495C-933C-858396E872DA}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{83EB3FC4-40F7-4478-9B05-3EA4F6D00EBF}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{892C5381-CC3B-4C45-86C8-A4DFD063A6BF}" = lport=2869 | protocol=6 | dir=in | app=system |
"{98498EF1-90E8-4461-A278-D93290ACEDFA}" = lport=56566 | protocol=6 | dir=in | name=pando media booster |
"{98B71F2A-2292-4A1D-8868-3B54813ED418}" = rport=139 | protocol=6 | dir=out | app=system |
"{A26ED7B5-533B-4732-913E-EB326E944A58}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{AEA64C17-9E3E-4063-B2A5-F48BF7F91BA3}" = lport=58149 | protocol=17 | dir=in | name=pando media booster |
"{B32107A5-99B4-4EC5-BC70-5522E6986371}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B639ECBD-5432-4447-81C8-406E1960FFFE}" = lport=58149 | protocol=6 | dir=in | name=pando media booster |
"{C03EAB1B-D361-47B1-B2A3-BD17F7C417D8}" = lport=56566 | protocol=17 | dir=in | name=pando media booster |
"{C05ED4E7-5D1A-429F-838D-0338F7B144F6}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{CC7863CC-D160-429D-B5ED-871B872A8854}" = rport=137 | protocol=17 | dir=out | app=system |
"{D8B029AE-419F-49C3-8640-1E257E694E8C}" = lport=137 | protocol=17 | dir=in | app=system |
"{ECA2C02A-039E-4582-A24E-405817055923}" = lport=56566 | protocol=6 | dir=in | name=pando media booster |
"{FDC2A1D2-5D8D-4D63-9550-1711533D78C5}" = lport=5800 | protocol=6 | dir=in | name=vnc5800 |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04A87815-AD06-4198-81A4-DCDAA8EB92FE}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{07D16807-5583-4E1B-84D9-D84BC5537EF5}" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.exe |
"{083173A0-88C9-4CC3-A5A4-3494A440F4EE}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{0CD92698-2974-47E5-98F2-91FCA71429BF}" = protocol=58 | dir=in | [email protected],-28545 |
"{0CDBDBA0-438C-49F4-9788-DA696F2480F5}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{0FAFA7FF-28E5-4B74-9273-D978E56D7054}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
"{106C1D83-0825-41E0-9981-85DEC6811362}" = protocol=6 | dir=in | app=c:\program files (x86)\iolo\system mechanic professional\sysmech.exe |
"{1EA1E312-6D36-4EE0-996D-D8BAEB0E0B9A}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{20266739-653D-43E2-98A6-525548C90489}" = protocol=6 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"{20B6A5E7-AC50-43B2-A07C-33E21563C508}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"{2160F437-868C-40AE-8D99-72701D702E0E}" = protocol=17 | dir=in | app=c:\program files (x86)\atari\neverwinter nights 2\nwupdate.exe |
"{22FA1DE8-0209-4318-882B-8D745F54258F}" = protocol=17 | dir=in | app=c:\program files (x86)\atari\neverwinter nights 2\nwn2server.exe |
"{252160A1-183F-4E46-B11B-8D13279E37BF}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin64\crysis.exe |
"{299D2333-F698-4053-A785-084512E2C6A4}" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.patch.exe |
"{2A4C12DA-B73E-4451-9B10-47581E899334}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\mass effect™ 2\masseffect2launcher.exe |
"{2AA45D59-CD38-49C9-8885-A9AEF62375A3}" = protocol=6 | dir=in | app=c:\program files (x86)\atari\neverwinter nights 2\nwn2main.exe |
"{2BBD06E7-D252-4E51-A2E6-ED5F8FBE4ADA}" = protocol=17 | dir=in | app=c:\program files\ultravnc\vncviewer.exe |
"{2DF64B53-45A8-4269-91E4-9D446A3E7641}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{2EF1A9C0-5F5C-4148-AFCE-3E2A4E3948F5}" = protocol=17 | dir=in | app=c:\program files (x86)\atari\neverwinter nights 2\nwn2main_amdxp.exe |
"{33E6EFE9-AC84-4F02-85D9-E7E3F54EF83A}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
"{34E6C33D-0545-4607-9BD0-100E93EFAB8D}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
"{36093FA7-D6C0-4E49-9F11-AA7874AAB81A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3ABD143B-E2B8-46B0-8461-9BB9D40DF5A2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{43603EDD-A4EA-4BA5-B8E5-B90E1A392BBD}" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.patch.exe |
"{451F1A6B-9206-4F64-997B-B0BD2D7A366A}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\mass effect™ 2\masseffect2launcher.exe |
"{49322D9C-E892-47F6-A61C-33998ABC8D5A}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\launcher.exe |
"{4C80C075-9388-47E5-A8F8-E27F9B64EFAB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4D1E30B4-0600-434A-ADBD-90083FF480B6}" = protocol=17 | dir=in | app=c:\program files (x86)\iolo\system mechanic professional\sysmech.exe |
"{58FF6034-49CD-4E48-92BB-FB17C4BAD8CC}" = protocol=17 | dir=in | app=c:\users\user\appdata\local\apps\2.0\rmr5zrd2.rj3\lty1d7dd.lx1\curs..tion_eee711038731a406_0004.0000_efb506202a7c3b08\curseclient.exe |
"{5F2D03F4-EC8C-4622-9543-3D7CD869D3CE}" = protocol=6 | dir=in | app=c:\program files (x86)\iolo\system mechanic professional\sysmech.exe |
"{639950D3-64E2-4204-A109-0298BEF42F80}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{6549ACB8-C915-4BD6-B996-EC06F8042A00}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{67C1C51B-991A-4A77-98BB-82D6BCAC1906}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
"{6B18DADD-1945-4A11-B840-FF6602C457C1}" = protocol=17 | dir=in | app=c:\program files\flagship studios\hellgate london\launcher.exe |
"{6F21B768-F9D5-42FA-B1DE-0A898092127D}" = protocol=6 | dir=in | app=c:\program files (x86)\atari\neverwinter nights 2\nwn2main_amdxp.exe |
"{7442FB43-6DA9-4259-9346-6E9D8FF86B29}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7659DBE4-77B4-4EDA-85BF-F5281BE7B668}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"{7766F19B-E253-4275-8175-79BFA405FAD9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{79DB79FE-5F19-4BC1-8008-89163317EB9C}" = protocol=6 | dir=in | app=c:\program files\flagship studios\hellgate london\launcher.exe |
"{7FF0626E-03BA-4722-86BB-072410F05F9C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{81FD17C7-3D69-4151-87B8-FAABCB3117E1}" = protocol=58 | dir=out | [email protected],-28546 |
"{837262D5-E100-4B78-AA10-3B5A26E697EB}" = protocol=17 | dir=in | app=c:\t3fun\hellgate\hgllauncher.exe |
"{8945540E-FBBB-4B0B-90AD-1101C435519D}" = protocol=6 | dir=in | app=c:\users\user\appdata\local\apps\2.0\rmr5zrd2.rj3\lty1d7dd.lx1\curs..tion_eee711038731a406_0004.0000_efb506202a7c3b08\curseclient.exe |
"{8A72E522-F72D-40DC-BB75-BE29E4C31CAA}" = protocol=17 | dir=in | app=c:\program files (x86)\ea\bulletstorm\binaries\win32\shippingpc-stormgame.exe |
"{8AD8D779-44B7-4581-BE71-D02F759BE7AB}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin32\crysis.exe |
"{925F7C0E-C277-42F7-A1B6-9E980F28468A}" = protocol=17 | dir=in | app=c:\users\user\appdata\roaming\dropbox\bin\dropbox.exe |
"{94EF9EE7-FF6D-4395-97AD-6D9308A299F7}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{9E6C417F-B0A9-4FFB-8235-1984EB27DE89}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{A2B3008C-81DD-4E8D-8F0C-D636DFDC2ADD}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{A71D8811-4010-4984-B825-DB880DAC4640}" = protocol=6 | dir=in | app=c:\program files\ultravnc\vncviewer.exe |
"{A8207F12-A423-443B-8E58-97CD81B35836}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin32\crysisdedicatedserver.exe |
"{ACCBC04E-4EE8-41B2-B4CD-D95C3357A1EC}" = protocol=17 | dir=in | app=c:\program files (x86)\frostwire\frostwire.exe |
"{AD4D229C-087D-4A1E-802D-87BE2BA01F8C}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\launcher.exe |
"{AD837274-98DD-44D0-B69E-0D9869C4E717}" = protocol=17 | dir=in | app=c:\program files (x86)\atari\neverwinter nights 2\nwn2main.exe |
"{B4CB77A8-18A5-4376-A5ED-6C3DEF524E01}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{B7AC0266-45D2-46EE-B891-D8EDFDCC25E3}" = protocol=6 | dir=in | app=c:\users\user\appdata\roaming\dropbox\bin\dropbox.exe |
"{B7DCC743-B37B-4529-B665-B5209D6A5A70}" = protocol=17 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"{B7F49E35-A27F-4466-8541-9A0D4B6ACC11}" = protocol=1 | dir=out | [email protected],-28544 |
"{B84E3C67-E23A-49F2-A4C0-D2B7668F5CBB}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B8AF3D2B-5B64-4C97-A188-5ABCAE0BD248}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin32\crysisdedicatedserver.exe |
"{BBBD646B-6E96-44A9-8500-9DAAA5C96BA8}" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.exe |
"{C0B741AF-827A-4AA2-8A0A-84C6A1B50CE1}" = protocol=6 | dir=in | app=c:\program files (x86)\atari\neverwinter nights 2\nwupdate.exe |
"{C1B90484-A496-4B81-8012-133638233E8C}" = protocol=6 | dir=out | app=system |
"{C33C3293-6BDA-49E0-86C9-324866D2019D}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{C8E490A5-45A7-4BD9-901B-AFC6ED568B91}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C9847996-AD85-4951-A246-82F20583EB0A}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgmfapx.exe |
"{C9A713BB-310A-4C6A-BF77-DFB850A71A86}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{C9FEDF07-A168-4BF8-9184-993464C0A96C}" = dir=out | app=field |
"{CCF6DF89-B865-45CA-B3B3-F73EB794D080}" = protocol=1 | dir=in | [email protected],-28543 |
"{CE486B01-7BC1-4567-8CD6-FC21CBBAB0D2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D0918A84-C6EF-40D5-A901-5CB216A8F99C}" = protocol=17 | dir=in | app=c:\program files (x86)\iolo\system mechanic professional\sysmech.exe |
"{D21FD5BC-F8BC-42E2-948A-2DD596D794A5}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{D462E39A-1663-4692-BEA4-BDEE94456CD6}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin32\crysis.exe |
"{D4D1A818-9BC1-480C-BC28-1C00C42EDF00}" = protocol=6 | dir=in | app=c:\program files (x86)\ea\bulletstorm\binaries\win32\shippingpc-stormgame.exe |
"{D7CA5391-4C6C-4021-942E-48F52D5F8304}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{D80237A5-AAA5-44F5-B1C3-F3638D8EAB27}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2updater.exe |
"{D9C088AA-F99E-44F4-8C79-B46C8C39C93F}" = protocol=6 | dir=in | app=c:\program files (x86)\atari\neverwinter nights 2\nwn2server.exe |
"{DB0353C4-F6A6-4234-BD08-2F6D016F67D4}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\launcher.exe |
"{DB4013AB-B070-4077-B9C6-4E2785AA7D18}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\comodo\geekbuddyrsp.exe |
"{DB5760DF-9D10-4778-B8BD-678C39E9597A}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2updater.exe |
"{E15E1D9D-369A-4255-A1D7-DEC05EF1D7C8}" = protocol=17 | dir=in | app=c:\users\user\appdata\roaming\dropbox\bin\dropbox.exe |
"{E7FCE130-8F34-407A-A04B-9BB72E58C559}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E8C08952-4E96-4602-A786-134BAAE0B5C8}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{E949B56D-280C-4DA0-9B09-053B0E8BFF61}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin64\crysisdedicatedserver.exe |
"{ED4BB927-E49D-4AF7-BB01-9D3D8155FFAF}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{EF0E8C7C-E0B2-40B9-A0C8-25F48E965E36}" = protocol=6 | dir=in | app=c:\t3fun\hellgate\hgllauncher.exe |
"{EFC8BF9D-7D80-46C0-9425-4963101F20D7}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{F0C59D0F-DB7C-409A-9949-53B630787A8A}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin64\crysisdedicatedserver.exe |
"{F16E42AD-B82B-485F-9592-42CE082127C8}" = dir=out | app=%systemroot%\explorer.exe |
"{F1A65AC1-CDBD-4C9C-88DC-E0857B4B9D2D}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\launcher.exe |
"{F22E22E3-B9F5-46F1-8417-C5A57E956351}" = protocol=6 | dir=in | app=c:\program files (x86)\frostwire\frostwire.exe |
"{F2D1C6B7-FE1D-4D37-98AA-3B12EA2C50DF}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgmfapx.exe |
"{F58EFB07-D12C-46A8-ABC3-193D967F3EEA}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F9A934CA-BF76-4A3B-B08D-883688441E4E}" = protocol=6 | dir=in | app=c:\users\user\appdata\roaming\dropbox\bin\dropbox.exe |
"{FBB3C7D3-24C6-4727-AA8C-0B36C72EE18C}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin64\crysis.exe |
"{FC054828-18F0-4DD6-8A46-B822055193C2}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{FD00D482-D6AA-4899-8588-AA5F7BD82850}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\comodo\geekbuddyrsp.exe |
"TCP Query User{0C5C7CDB-0802-4355-9878-F014DDD71242}C:\program files (x86)\electronic arts\medal of honor\binaries\moh.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\medal of honor\binaries\moh.exe |
"TCP Query User{23CFD2FB-6ABB-45CD-BA0C-5AF273A43129}C:\program files (x86)\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\backgrounddownloader.exe |
"TCP Query User{2A4B951E-F816-4E82-A847-302C74316763}C:\program files (x86)\electronic arts\battlefield bad company™ 2\bfbc2game.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company™ 2\bfbc2game.exe |
"TCP Query User{47C4E511-10BE-491B-86B8-3D60DEC94F1E}C:\program files (x86)\ea games\battlefield 2\bf2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ea games\battlefield 2\bf2.exe |
"TCP Query User{4882E086-C106-4DF0-A021-62D32A6D7BF3}C:\program files (x86)\dead space 2\deadspace2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\dead space 2\deadspace2.exe |
"TCP Query User{8C59A72C-2FCD-4E0D-865E-2F8A9F57A650}C:\users\user\desktop\starcraft_2_na_en-us.exe" = protocol=6 | dir=in | app=c:\users\user\desktop\starcraft_2_na_en-us.exe |
"TCP Query User{A87BCD57-E235-4ADE-9BC5-5147889E9DA0}C:\program files (x86)\limewire plus+\limewire.exe" = protocol=6 | dir=in | app=c:\program files (x86)\limewire plus+\limewire.exe |
"TCP Query User{BA5D7F59-0826-429B-8724-B92CE8D35F6E}C:\program files (x86)\gamespy arcade\aphex.exe" = protocol=6 | dir=in | app=c:\program files (x86)\gamespy arcade\aphex.exe |
"TCP Query User{DEA8640A-4632-415C-8C49-8606F970D79E}C:\program files (x86)\electronic arts\medal of honor\mp\mohmpgame.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\medal of honor\mp\mohmpgame.exe |
"TCP Query User{E64103F0-C125-4795-824E-1E54B7D57E92}C:\program files (x86)\ea games\dead space 2\deadspace2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ea games\dead space 2\deadspace2.exe |
"TCP Query User{EB37E12F-2739-4143-B668-85571502F31D}C:\program files (x86)\ea games\battlefield 2\bf2_w32ded.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ea games\battlefield 2\bf2_w32ded.exe |
"UDP Query User{0F6526FC-9AAA-41B5-B4A0-26BA28E1AAF0}C:\program files (x86)\dead space 2\deadspace2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\dead space 2\deadspace2.exe |
"UDP Query User{2A28912A-5BAC-44BB-848E-B8BDA6C19925}C:\program files (x86)\limewire plus+\limewire.exe" = protocol=17 | dir=in | app=c:\program files (x86)\limewire plus+\limewire.exe |
"UDP Query User{560CCCEA-2167-40AF-B3A0-FC6107184E1C}C:\program files (x86)\ea games\battlefield 2\bf2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ea games\battlefield 2\bf2.exe |
"UDP Query User{5D98988B-7921-48F4-9186-AA5A3C032E0E}C:\program files (x86)\electronic arts\medal of honor\mp\mohmpgame.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\medal of honor\mp\mohmpgame.exe |
"UDP Query User{6651C91D-E894-43C3-B156-1405C4561222}C:\program files (x86)\electronic arts\medal of honor\binaries\moh.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\medal of honor\binaries\moh.exe |
"UDP Query User{666E64F8-33AC-4C95-8B0D-1CBF5E2F4C65}C:\program files (x86)\ea games\battlefield 2\bf2_w32ded.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ea games\battlefield 2\bf2_w32ded.exe |
"UDP Query User{788C6D2A-D4A8-4FBB-9875-CCB4A6850B1E}C:\program files (x86)\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\backgrounddownloader.exe |
"UDP Query User{8E331774-8C59-4789-AE17-C7240DAAB339}C:\program files (x86)\electronic arts\battlefield bad company™ 2\bfbc2game.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company™ 2\bfbc2game.exe |
"UDP Query User{AFA9D525-EB72-46A4-A6B8-96C110DF8D27}C:\users\user\desktop\starcraft_2_na_en-us.exe" = protocol=17 | dir=in | app=c:\users\user\desktop\starcraft_2_na_en-us.exe |
"UDP Query User{BB101A11-3C74-41F0-B6B4-C8737DC2380F}C:\program files (x86)\gamespy arcade\aphex.exe" = protocol=17 | dir=in | app=c:\program files (x86)\gamespy arcade\aphex.exe |
"UDP Query User{BCAF9AD9-D3FB-4B3E-A215-72E575B0F48E}C:\program files (x86)\ea games\dead space 2\deadspace2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ea games\dead space 2\deadspace2.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03AC245F-4C64-425C-89CF-7783C1D3AB2C}" = Microsoft Sync Framework 2.0 Provider Services (x64) ENU
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{07EEE598-5F21-4B57-B40B-46592625B3D9}" = Zune Language Pack (PTB)
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{1111706F-666A-4037-7777-203648764D10}" = JavaFX 2.0.3 (64-bit)
"{119B2F5A-2A06-DB96-FF28-992EC2A10BDF}" = AMD Accelerated Video Transcoding
"{183C740A-0406-380F-A235-2EC2F8A28D13}" = Microsoft Windows SDK MSHelp (30514)
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{2222706F-666A-4037-7777-203648764D10}" = JavaFX 2.0.3 SDK (64-bit)
"{26A24AE4-039D-4CA4-87B4-2F86417003FF}" = Java™ 7 Update 3 (64-bit)
"{2A9DFFD8-4E09-4B91-B957-454805B0D7C4}" = Zune Language Pack (CHS)
"{2D290715-B0FC-3898-9247-62F803A585DF}" = Microsoft Windows SDK for Windows 7 Redistributable Components for Common Tools (30514)
"{3156336D-8E44-3671-A6FE-AE51D3D6564E}" = Microsoft Windows SDK for Windows 7 (7.1)
"{3589A659-F732-4E65-A89A-5438C332E59D}" = Zune Language Pack (ELL)
"{48A7B11D-C3E1-3BEE-AF6C-8976F6E705A6}" = Microsoft Windows SDK for Windows 7 Redistributable Components for Application Verifier (30514)
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{51C839E1-2BE4-4E77-A1BA-CCEA5DAFA741}" = Zune Language Pack (KOR)
"{57C51D56-B287-4C11-9192-EC3C46EF76A4}" = Zune Language Pack (RUS)
"{5C93E291-A1CC-4E51-85C6-E194209FCDB4}" = Zune Language Pack (PTG)
"{5DEFD397-4012-46C3-B6DA-E8013E660772}" = Zune Language Pack (NOR)
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{64A3A4F4-B792-11D6-A78A-00B0D0170030}" = Java™ SE Development Kit 7 Update 3 (64-bit)
"{67048E0C-29A5-534C-FF67-83C4BF948D48}" = AMD Drag and Drop Transcoding
"{6740BCB0-5863-47F4-80F4-44F394DE4FE2}" = Zune Language Pack (NLD)
"{68570626-1BF6-310B-AF69-6CD686C04AEA}" = Microsoft Windows SDK Net Fx Interop Headers And Libraries (30514)
"{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}" = Apple Mobile Device Support
"{6B33492E-FBBC-4EC3-8738-09E16E395A10}" = Zune Language Pack (ESP)
"{6C2E334F-37F5-C312-53BA-1482F9A6FD4D}" = ccc-utility64
"{6C8D7973-31F9-32E1-A820-8DD857910323}" = Microsoft Windows SDK for Windows 7 Utilities for Win32 Development (30514)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6EB931CD-A7DA-4A44-B74A-89C8EB50086F}" = Zune Language Pack (SVE)
"{7492BCA7-9F62-4265-A727-DC26A9E3DF10}" = Oracle VM VirtualBox 4.1.12
"{76BA306B-2AA0-47C0-AB6B-F313AB56C136}" = Zune Language Pack (MSL)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}" = iTunes
"{84452C2C-BDCC-36F3-A189-CE15F02A47FB}" = Microsoft Windows SDK for Windows 7 Headers and Libraries (30514)
"{84E30D73-E30F-3A02-BAA0-5353C04DD18A}" = Microsoft Windows SDK Intellisense and Reference Assemblies (30514)
"{88387B3B-B110-392F-B919-1A15B48F21D4}" = Microsoft Visual C++ Compilers 2010 Standard - enu - x64
"{88DAAF05-5A72-46D2-A7C5-C3759697E943}" = SyncToy 2.1 (x64)
"{89026002-A893-42D9-9E20-6829B844735E}" = Application Verifier (x64)
"{8960A0A1-BB5A-479E-92CF-65AB9D684B43}" = Zune Language Pack (PLK)
"{8B112338-2B08-4851-AF84-E7CAD74CEB32}" = Zune Language Pack (DAN)
"{8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A}" = Microsoft Sync Framework 2.0 Core Components (x64) ENU
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{92ECE3F9-591E-4C12-8A62-B9FCE38BF646}" = Zune Language Pack (IND)
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{951E6223-AC28-345E-BCF4-B55C1267E321}" = Microsoft Windows SDK for Windows 7 Samples (30514)
"{9B75648B-6C30-4A0D-9DE6-0D09D20AF5A5}" = Zune
"{A0B0F02C-410B-3DE3-9740-EC4C3D902532}" = Microsoft Windows SDK for Windows 7 Common Utilities (30514)
"{A2B4455D-1046-4732-BFBC-0821BEFC07BC}" = Hellgate: London
"{A2C55034-8DAF-3755-BA85-CC321707FE99}" = Microsoft Windows SDK for Visual Studio .NET 4.0 Framework Tools
"{A5A53EA8-A11E-49F0-BDF5-AE536426A31A}" = Zune Language Pack (CHT)
"{A8F2E50B-86E2-4D96-9BD2-9758BCC6F9B3}" = Zune Language Pack (CSY)
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B4870774-5F3A-46D9-9DFE-06FB5599E26B}" = Zune Language Pack (FIN)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{B7D0C3BC-CB39-3CA1-9295-A23A93994893}" = Microsoft Windows SDK for Windows 7 Redistributable Components for Windows Debugging Tools (30514)
"{BE236D9A-52EC-4A17-82DA-84B5EAD31E3E}" = Zune Language Pack (DEU)
"{C5D37FFA-7483-410B-982B-91E93FD3B7DA}" = Zune Language Pack (ITA)
"{C68D33B1-0204-4EBE-BC45-A6E432B1D13A}" = Zune Language Pack (FRA)
"{C6BE19C6-B102-4038-B2A6-1C313872DBB4}" = Zune Language Pack (HUN)
"{D4A6E342-907C-4CEF-96CC-FC2F4990DC9C}" = AVSDK5
"{D87047B9-BBC5-9941-00B4-719B9E56CACC}" = ATI AVIVO64 Codecs
"{D8A781C9-3892-4E2E-9320-480CF896CFBB}" = Zune Language Pack (JPN)
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{E6F5D8BE-0B00-6DD9-18F9-D4045798FCBE}" = AMD Media Foundation Decoders
"{E7F9E526-2324-437B-A609-E8C5309465CB}" = Microsoft Windows Performance Toolkit
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F1C4B89A-8BF0-3D7C-8095-BAE412FBEA3F}" = Microsoft Windows SDK .NET Framework Tools (30514)
"{F2CB8C3C-9C9E-4FAB-9067-655601C5F748}" = Windows Mobile Device Updater Component
"{F3F18612-7B5D-4C05-86C9-AB50F6F71727}" = KhalInstallWrapper
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}" = Microsoft Help Viewer 1.0
"CCleaner" = CCleaner
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.58
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"nbi-nb-base-7.0.1.0.0" = NetBeans IDE 7.0.1
"SDKSetup_7.1.7600.0.30514" = Microsoft Windows SDK for Windows 7 (7.1)
"Ultravnc2_is1" = UltraVnc
"Zune" = Zune

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{000E79B7-E725-4F01-870A-C12942B7F8E4}" = Crysis®
"{01496C89-6117-AD97-3CB3-98AF2026070C}" = CCC Help German
"{0214578F-4888-43FB-9E34-C14FCFDEDDEB}" = Razer Nostromo
"{0486991B-63F4-5106-06CE-404D7BA55041}" = CCC Help Italian
"{09B9A2C2-FB96-BA16-60E3-23B7B12A69BE}" = Application Profiles
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{177A3BC5-ECD3-BFF1-4D87-C4B417924DF2}" = CCC Help Russian
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19D368B2-5601-007B-A296-535706E00D97}" = CCC Help English
"{1D10C273-3F95-42A2-8371-AB6B1F59821B}" = WOT for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F77C418-2C90-459C-BD33-B56A4182B9FA}" = System Requirements Lab CYRI
"{23FBECC1-FA31-472A-83FB-27520B81EC3A}_is1" = TheMatrix Screen Saver version 1.14
"{278FA289-F502-D888-A3BA-5FA10308AAAD}" = CCC Help Danish
"{2A9A40C7-6670-4D5F-8F41-D12E2E08B48B}" = Star Wars®: Knights of the Old Republic ™
"{2D37F6AE-D201-4580-B91A-6BF9BB93ED2D}" = The Sims™ 2 Double Deluxe
"{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{370187B9-6964-38D0-851F-6C4898B0C2B1}" = Microsoft Visual C++ Compilers 2010 Standard - enu - x86
"{3B11D799-48E0-48ED-BFD7-EA655676D8BB}" = Star Wars: The Old Republic
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{44F77218-4BBD-1B74-88B7-FC302868F2B3}" = CCC Help Japanese
"{45410935-3E72-472B-8C35-AB1000008200}" = Bulletstorm
"{45410935-B52C-468A-A836-0D1000018201}" = BulletStorm
"{489BC3B4-AEF9-E14A-11BC-B70FDE9D543D}" = CCC Help Chinese Traditional
"{49C5BD36-F5B9-4E6A-9DC1-04818B9D55E3}" = Razer Nostromo Firmware Updater
"{4A85AE1B-9727-261D-9EAF-07C1AECCF977}" = CCC Help Turkish
"{502699FF-F586-54B1-91E8-E85D9FAE0D6D}" = CCC Help Greek
"{53EF1C4D-0705-98F2-1889-A69BBF9F03F3}" = CCC Help Thai
"{548A4EF3-BD97-0813-B469-E1E2FC9DE487}" = CCC Help Korean
"{55533224-CAD0-39B5-6297-E1B2D1D8F176}" = Catalyst Control Center
"{55DBE324-BA6A-4AE2-BC68-B406915C2C0B}" = Overwolf
"{590828E0-9BA6-3E4D-8491-A1D9CC3EB8CE}" = CCC Help French
"{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}" = GameSpy Comrade
"{6033673D-2530-4587-8AD0-EB059FC263F9}" = Crysis® 2
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{629F65FB-7F3C-4D66-A1C0-20722744B7B6}" = Star Wars® Knights of the Old Republic® II: The Sith Lords™
"{634F79E1-2A41-4C40-9E8D-89EC740AC9D6}" = Logitech Harmony Remote Software
"{65589581-920C-CAE1-58C2-2149D3AA3F39}" = HydraVision
"{6563FAF5-84F9-0A35-C032-182EBC4C3BDB}" = CCC Help Finnish
"{65DF3688-6EF3-4C86-83DE-54AB46029F07}" = Hellgate
"{6D46F639-5F2F-90F3-4B60-EB2EF264B82E}" = CCC Help Spanish
"{70210CF8-CAB1-8FEB-D964-C33AFE18730B}" = CCC Help Czech
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7353BAE6-5E49-46C4-A9B5-8A269A313789}" = Crysis WARHEAD®
"{75D84EF7-0D8C-4E70-B3FA-7B42A5D4E0EB}" = Mass Effect 2
"{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7BE49DA7-EDA4-4C63-AA06-DCDF6858C3F3}" = Razer Mamba
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B1AEC85-4507-28BD-F3BA-4A5D732752E7}" = CCC Help Hungarian
"{8C5ACED4-34D3-23BB-F90E-2F90420321BC}" = Catalyst Control Center Localization All
"{912193FD-A397-41F7-ABEA-D1AF442ABF89}" = DUNGEONS
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{98613C99-1399-416C-A07C-1EE1C585D872}" = SeaTools for Windows
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9E1BAB75-EB78-440D-94C0-A3857BE2E733}" = System Requirements Lab
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4)
"{AC76BA86-7AD7-5760-0000-A00000000003}" = Japanese Fonts Support For Adobe Reader X
"{B0B1A8A5-4711-BB6C-DD59-9794AD928368}" = CCC Help Dutch
"{B33D2348-2938-1A03-0CD3-E6F7101244E0}" = CCC Help Polish
"{B4E343DD-BAAB-4D59-AD9C-DEA0AFE09DF1}" = Mumble 1.2.3
"{B7C8D838-9C3A-1177-B80A-E3C512FD8AF5}" = CCC Help Swedish
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CEDE5F97-31F5-4689-86B0-20C69EC5386F}" = iSpy
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D08A5DFE-F0C2-74FC-DD56-A3B371E9344D}" = EA Shared Game Component: Activation
"{DDCB737A-EEC8-3815-42DA-69011A55E3E5}" = Catalyst Control Center Graphics Previews Common
"{E170E984-6B20-79C2-1E9F-0256EC5ADFB4}" = CCC Help Chinese Standard
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4197D6B-F046-33E7-ABDE-51FF373FDC76}" = Windows SDK IntellisenseNFX
"{E866E52C-1F56-4CCF-0071-CA915F8CFEDA}" = CCC Help Norwegian
"{EF036F44-A287-BC23-3F6E-AAE6FDEF47EF}" = Catalyst Control Center InstallProxy
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}" = The Witcher Enhanced Edition
"{F20C1251-1D0A-4944-B2AE-678581B33B19}" = Neverwinter Nights 2
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F5D245CC-C332-1E8E-CCB1-75E0C3C4D6F1}" = CCC Help Portuguese
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Android SDK Tools" = Android SDK Tools
"AnyDVD" = AnyDVD
"AVIcodec" = AVIcodec (remove only)
"BitTorrent" = BitTorrent
"Blueline_is1" = Blueline 1.1.1
"CloneCD" = CloneCD
"CloneDVD2" = CloneDVD2
"CloneDVDmobile" = CloneDVDmobile
"com.ea.Activation.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Shared Game Component: Activation
"Comodo Dragon" = Comodo Dragon
"Crysis WARHEAD®" = Crysis WARHEAD®
"Diablo III" = Diablo III
"ffdshow_is1" = ffdshow [rev 2527] [2008-12-19]
"FileZilla Client" = FileZilla Client 3.5.3
"Game Booster_is1" = Game Booster 3
"GFWL_{45410935-3E72-472B-8C35-AB1000008200}" = Bulletstorm
"Guild Wars" = Guild Wars
"Guild Wars 2" = Guild Wars 2
"HashCalc_is1" = HashCalc 2.02
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.1.1000
"Mozilla Firefox 15.0 (x86 en-US)" = Mozilla Firefox 15.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NoIPDUC" = No-IP DUC
"Origin" = Origin
"PowerISO" = PowerISO
"PunkBusterSvc" = PunkBuster Services
"Raptr" = Raptr
"Revo Uninstaller" = Revo Uninstaller 1.92
"SpeedFan" = SpeedFan (remove only)
"SpellForce - Platinum Edition_is1" = SpellForce - Platinum Edition
"Star Trek Online" = Star Trek Online
"StarCraft II" = StarCraft II
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"VLC media player" = VLC media player 2.0.1
"VLC Setup Helper_is1" = VLC Setup Helper
"WinISD Pro [alpha]" = WinISD Pro [alpha]
"World of Warcraft" = World of Warcraft
"Xfire" = Xfire (remove only)

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"101a9f93b8f0bb6f" = Curse Client
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"Mozilla Firefox 16.0.1 (x86 en-US)" = Mozilla Firefox 16.0.1 (x86 en-US)
"SOE-DC Universe Online Live" = DC Universe Online Live

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 9/30/2012 5:56:08 PM | Computer Name = Machine-PC | Source = Application Hang | ID = 1002
Description = The program Gw2.exe version 1.0.0.1 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Action Center control panel. Process ID: 22e10 Start Time:
01cd9f564b973140 Termination Time: 63 Application Path: C:\Program Files (x86)\Guild
Wars 2\Gw2.exe Report Id: a21bcfd1-0b49-11e2-98d3-002511649d1c

Error - 10/6/2012 8:25:50 AM | Computer Name = Machine-PC | Source = Application Error | ID = 1000
Description = Faulting application name: firefox.exe, version: 15.0.1.4631, time
stamp: 0x5047f9c5 Faulting module name: xul.dll, version: 15.0.1.4631, time stamp:
0x5047f93b Exception code: 0xc0000005 Fault offset: 0x0010e567 Faulting process id:
0xec4 Faulting application start time: 0x01cda38ca0816560 Faulting application path:
C:\Program Files (x86)\Mozilla Firefox\firefox.exe Faulting module path: C:\Program
Files (x86)\Mozilla Firefox\xul.dll Report Id: f6669f3c-0fb0-11e2-8660-002511649d1c

Error - 10/13/2012 9:14:32 PM | Computer Name = Machine-PC | Source = Application Hang | ID = 1002
Description = The program psi.exe version 2.0.0.3003 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Action Center control panel. Process ID: 4b4 Start Time:
01cda9a89214d8a0 Termination Time: 0 Application Path: C:\Program Files (x86)\Secunia\PSI\psi.exe

Report
Id: 44cb45b1-159c-11e2-89b5-002511649d1c

Error - 10/24/2012 5:01:34 PM | Computer Name = Machine-PC | Source = Microsoft-Windows-CAPI2 | ID = 512
Description = The Cryptographic Services service failed to initialize the VSS backup
"System Writer" object. Details: System Writer object failed to initialize VSS. System
Error: Incorrect function. .

Error - 10/24/2012 6:35:10 PM | Computer Name = Machine-PC | Source = Microsoft-Windows-CAPI2 | ID = 512
Description = The Cryptographic Services service failed to initialize the VSS backup
"System Writer" object. Details: System Writer object failed to initialize VSS. System
Error: Incorrect function. .

Error - 10/25/2012 12:21:46 AM | Computer Name = Machine-PC | Source = Microsoft-Windows-CAPI2 | ID = 512
Description = The Cryptographic Services service failed to initialize the VSS backup
"System Writer" object. Details: System Writer object failed to initialize VSS. System
Error: Incorrect function. .

Error - 2/27/2013 6:24:46 PM | Computer Name = Machine-PC | Source = Microsoft-Windows-CAPI2 | ID = 512
Description = The Cryptographic Services service failed to initialize the VSS backup
"System Writer" object. Details: Could not query the status of the EventSystem service.

System
Error: A system shutdown is in progress. .

Error - 2/27/2013 7:06:10 PM | Computer Name = Machine-PC | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 9.0.8112.16450,
time stamp: 0x503723f6 Faulting module name: MSHTML.dll, version: 9.0.8112.16450,
time stamp: 0x50372c8a Exception code: 0xc0000005 Fault offset: 0x003a16cd Faulting
process id: 0xc18 Faulting application start time: 0x01ce153ef6f414f0 Faulting application
path: C:\Program Files (x86)\Internet Explorer\iexplore.exe Faulting module path:
C:\Windows\system32\MSHTML.dll Report Id: 46055a40-8132-11e2-a42d-002511649d1c

Error - 2/27/2013 7:06:27 PM | Computer Name = Machine-PC | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 9.0.8112.16450,
time stamp: 0x503723f6 Faulting module name: MSHTML.dll, version: 9.0.8112.16450,
time stamp: 0x50372c8a Exception code: 0xc0000005 Fault offset: 0x003a16cd Faulting
process id: 0x1d0 Faulting application start time: 0x01ce153f0fb07ab0 Faulting application
path: C:\Program Files (x86)\Internet Explorer\iexplore.exe Faulting module path:
C:\Windows\system32\MSHTML.dll Report Id: 502a6600-8132-11e2-a42d-002511649d1c

Error - 2/27/2013 7:06:50 PM | Computer Name = Machine-PC | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 9.0.8112.16450,
time stamp: 0x503723f6 Faulting module name: MSHTML.dll, version: 9.0.8112.16450,
time stamp: 0x50372c8a Exception code: 0xc0000005 Fault offset: 0x003a16cd Faulting
process id: 0xc24 Faulting application start time: 0x01ce153f15638650 Faulting application
path: C:\Program Files (x86)\Internet Explorer\iexplore.exe Faulting module path:
C:\Windows\system32\MSHTML.dll Report Id: 5cb79820-8132-11e2-a42d-002511649d1c

Error - 2/27/2013 7:06:56 PM | Computer Name = Machine-PC | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 9.0.8112.16450,
time stamp: 0x503723f6 Faulting module name: MSHTML.dll, version: 9.0.8112.16450,
time stamp: 0x50372c8a Exception code: 0xc0000005 Fault offset: 0x003a16cd Faulting
process id: 0xda4 Faulting application start time: 0x01ce153f21b86a60 Faulting application
path: C:\Program Files (x86)\Internet Explorer\iexplore.exe Faulting module path:
C:\Windows\system32\MSHTML.dll Report Id: 60f764b0-8132-11e2-a42d-002511649d1c

[ iolo Applications Events ]
Error - 6/13/2012 2:22:57 PM | Computer Name = Machine-PC | Source = System Shield | ID = 11
Description =

Error - 10/24/2012 5:03:12 PM | Computer Name = Machine-PC | Source = System Shield | ID = 12
Description =

Error - 10/24/2012 6:35:12 PM | Computer Name = Machine-PC | Source = System Shield | ID = 12
Description =

Error - 10/25/2012 12:21:49 AM | Computer Name = Machine-PC | Source = System Shield | ID = 12
Description =

Error - 10/25/2012 12:29:14 AM | Computer Name = Machine-PC | Source = System Shield | ID = 12
Description =

[ Media Center Events ]
Error - 1/29/2011 7:57:08 PM | Computer Name = User-PC | Source = MCUpdate | ID = 0
Description = 5:57:08 PM - Error connecting to the internet. 5:57:08 PM - Unable
to contact server..

Error - 1/29/2011 7:57:14 PM | Computer Name = User-PC | Source = MCUpdate | ID = 0
Description = 5:57:13 PM - Error connecting to the internet. 5:57:13 PM - Unable
to contact server..

Error - 1/30/2011 4:09:32 AM | Computer Name = User-PC | Source = MCUpdate | ID = 0
Description = 2:09:32 AM - Error connecting to the internet. 2:09:32 AM - Unable
to contact server..

Error - 1/30/2011 4:09:38 AM | Computer Name = User-PC | Source = MCUpdate | ID = 0
Description = 2:09:38 AM - Error connecting to the internet. 2:09:38 AM - Unable
to contact server..

Error - 1/30/2011 4:13:26 PM | Computer Name = User-PC | Source = MCUpdate | ID = 0
Description = 2:13:26 PM - Error connecting to the internet. 2:13:26 PM - Unable
to contact server..

Error - 1/30/2011 4:13:32 PM | Computer Name = User-PC | Source = MCUpdate | ID = 0
Description = 2:13:32 PM - Error connecting to the internet. 2:13:32 PM - Unable
to contact server..

Error - 1/31/2011 4:12:21 AM | Computer Name = User-PC | Source = MCUpdate | ID = 0
Description = 2:12:21 AM - Error connecting to the internet. 2:12:21 AM - Unable
to contact server..

Error - 1/31/2011 4:12:27 AM | Computer Name = User-PC | Source = MCUpdate | ID = 0
Description = 2:12:27 AM - Error connecting to the internet. 2:12:27 AM - Unable
to contact server..

Error - 1/31/2011 4:15:09 PM | Computer Name = User-PC | Source = MCUpdate | ID = 0
Description = 2:15:08 PM - Error connecting to the internet. 2:15:08 PM - Unable
to contact server..

Error - 1/31/2011 4:15:14 PM | Computer Name = User-PC | Source = MCUpdate | ID = 0
Description = 2:15:14 PM - Error connecting to the internet. 2:15:14 PM - Unable
to contact server..

[ System Events ]
Error - 3/10/2013 7:43:12 PM | Computer Name = Machine-PC | Source = DCOM | ID = 10005
Description =

Error - 3/11/2013 7:43:14 PM | Computer Name = Machine-PC | Source = DCOM | ID = 10005
Description =

Error - 3/12/2013 7:43:15 PM | Computer Name = Machine-PC | Source = DCOM | ID = 10005
Description =

Error - 3/13/2013 7:43:17 PM | Computer Name = Machine-PC | Source = DCOM | ID = 10005
Description =

Error - 3/14/2013 7:43:19 PM | Computer Name = Machine-PC | Source = DCOM | ID = 10005
Description =

Error - 3/15/2013 7:43:20 PM | Computer Name = Machine-PC | Source = DCOM | ID = 10005
Description =

Error - 3/16/2013 7:36:47 PM | Computer Name = Machine-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR2.

Error - 3/16/2013 7:36:47 PM | Computer Name = Machine-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR2.

Error - 3/16/2013 7:36:48 PM | Computer Name = Machine-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR2.

Error - 3/16/2013 7:43:22 PM | Computer Name = Machine-PC | Source = DCOM | ID = 10005
Description =


< End of report >


Unfortunately my system is still becoming unresposive after login.


  • 0

#6
Crowbar

Crowbar

    Teacher

  • GeekU Moderator
  • 4,130 posts
Hi,
It looks like you did not choose Delete when you last ran ADWCleaner so let's try that again.
Download AdwCleaner from here to your desktop
Run AdwCleaner and select Delete

Posted Image

Once done it will ask to reboot, allow this
On reboot a log will be produced at C:\ADWCleaner[XX].txt please attach that

Please do that while I examine your other logs.
  • 0

#7
DrkMachine

DrkMachine

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 126 posts
I swore I did, but here it is. :)

ADW

# AdwCleaner v2.114 - Logfile created 03/18/2013 at 11:27:51
# Updated 05/03/2013 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)
# User : User - MACHINE-PC
# Boot Mode : Safe mode
# Running from : C:\Users\User\Desktop\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16450

[OK] Registry is clean.

-\\ Mozilla Firefox v15.0 (en-US)

-\\ Google Chrome v22.0.1229.94

*************************

AdwCleaner[R1].txt - [1821 octets] - [16/03/2013 18:52:38]
AdwCleaner[R2].txt - [1499 octets] - [17/03/2013 09:59:09]
AdwCleaner[S2].txt - [706 octets] - [18/03/2013 11:27:51]

########## EOF - C:\AdwCleaner[S2].txt - [765 octets] ##########



  • 0

#8
Crowbar

Crowbar

    Teacher

  • GeekU Moderator
  • 4,130 posts
Ok I see what happened, you must have posted the first log.

ADWCleaner looks good. Still don't see why you can't start in normal mode.
Step 1
Let's look at the event logs -
First I would like you to boot into normal mode, and let it freeze up.
Then restart and boot into safe mode as you have been doing, then run this:
  • Please download the Event Viewer Tool by Vino Rosso VEW and save it to your Desktop:
  • right-click VEW.exe and select Run as administrator
  • Under 'Select log to query', select:
  • Application
  • System
<li>Under 'Select type to list', select :
  • Error
  • Warning
Then use the 'Date of events' or 'Number of events' as follows:

  • Click the radio button for 'Number of events'
    Type 20 in the 1 to 20 box
    Then click the Run button.
    Notepad will open with the output log.
Please post the Output log in your next reply



Step 2
Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

In your next reply I would like to see:
  • VEW event viewer log
  • FSS.txt

  • 1

#9
DrkMachine

DrkMachine

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 126 posts
here are the requested logs.

VEW

Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 19/03/2013 12:14:55 AM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 27/02/2013 11:06:56 PM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: iexplore.exe, version: 9.0.8112.16450, time stamp: 0x503723f6 Faulting module name: MSHTML.dll, version: 9.0.8112.16450, time stamp: 0x50372c8a Exception code: 0xc0000005 Fault offset: 0x003a16cd Faulting process id: 0xda4 Faulting application start time: 0x01ce153f21b86a60 Faulting application path: C:\Program Files (x86)\Internet Explorer\iexplore.exe Faulting module path: C:\Windows\system32\MSHTML.dll Report Id: 60f764b0-8132-11e2-a42d-002511649d1c

Log: 'Application' Date/Time: 27/02/2013 11:06:50 PM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: iexplore.exe, version: 9.0.8112.16450, time stamp: 0x503723f6 Faulting module name: MSHTML.dll, version: 9.0.8112.16450, time stamp: 0x50372c8a Exception code: 0xc0000005 Fault offset: 0x003a16cd Faulting process id: 0xc24 Faulting application start time: 0x01ce153f15638650 Faulting application path: C:\Program Files (x86)\Internet Explorer\iexplore.exe Faulting module path: C:\Windows\system32\MSHTML.dll Report Id: 5cb79820-8132-11e2-a42d-002511649d1c

Log: 'Application' Date/Time: 27/02/2013 11:06:27 PM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: iexplore.exe, version: 9.0.8112.16450, time stamp: 0x503723f6 Faulting module name: MSHTML.dll, version: 9.0.8112.16450, time stamp: 0x50372c8a Exception code: 0xc0000005 Fault offset: 0x003a16cd Faulting process id: 0x1d0 Faulting application start time: 0x01ce153f0fb07ab0 Faulting application path: C:\Program Files (x86)\Internet Explorer\iexplore.exe Faulting module path: C:\Windows\system32\MSHTML.dll Report Id: 502a6600-8132-11e2-a42d-002511649d1c

Log: 'Application' Date/Time: 27/02/2013 11:06:10 PM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: iexplore.exe, version: 9.0.8112.16450, time stamp: 0x503723f6 Faulting module name: MSHTML.dll, version: 9.0.8112.16450, time stamp: 0x50372c8a Exception code: 0xc0000005 Fault offset: 0x003a16cd Faulting process id: 0xc18 Faulting application start time: 0x01ce153ef6f414f0 Faulting application path: C:\Program Files (x86)\Internet Explorer\iexplore.exe Faulting module path: C:\Windows\system32\MSHTML.dll Report Id: 46055a40-8132-11e2-a42d-002511649d1c

Log: 'Application' Date/Time: 27/02/2013 10:24:46 PM
Type: Error Category: 0
Event: 512 Source: Microsoft-Windows-CAPI2
The Cryptographic Services service failed to initialize the VSS backup "System Writer" object.

Details:
Could not query the status of the EventSystem service.

System Error:
A system shutdown is in progress. .

Log: 'Application' Date/Time: 25/10/2012 4:21:46 AM
Type: Error Category: 0
Event: 512 Source: Microsoft-Windows-CAPI2
The Cryptographic Services service failed to initialize the VSS backup "System Writer" object.

Details:
System Writer object failed to initialize VSS.

System Error:
Incorrect function. .

Log: 'Application' Date/Time: 24/10/2012 10:35:10 PM
Type: Error Category: 0
Event: 512 Source: Microsoft-Windows-CAPI2
The Cryptographic Services service failed to initialize the VSS backup "System Writer" object.

Details:
System Writer object failed to initialize VSS.

System Error:
Incorrect function. .

Log: 'Application' Date/Time: 24/10/2012 9:01:34 PM
Type: Error Category: 0
Event: 512 Source: Microsoft-Windows-CAPI2
The Cryptographic Services service failed to initialize the VSS backup "System Writer" object.

Details:
System Writer object failed to initialize VSS.

System Error:
Incorrect function. .

Log: 'Application' Date/Time: 14/10/2012 1:14:32 AM
Type: Error Category: 101
Event: 1002 Source: Application Hang
The program psi.exe version 2.0.0.3003 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 4b4 Start Time: 01cda9a89214d8a0 Termination Time: 0 Application Path: C:\Program Files (x86)\Secunia\PSI\psi.exe Report Id: 44cb45b1-159c-11e2-89b5-002511649d1c

Log: 'Application' Date/Time: 06/10/2012 12:25:50 PM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: firefox.exe, version: 15.0.1.4631, time stamp: 0x5047f9c5 Faulting module name: xul.dll, version: 15.0.1.4631, time stamp: 0x5047f93b Exception code: 0xc0000005 Fault offset: 0x0010e567 Faulting process id: 0xec4 Faulting application start time: 0x01cda38ca0816560 Faulting application path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe Faulting module path: C:\Program Files (x86)\Mozilla Firefox\xul.dll Report Id: f6669f3c-0fb0-11e2-8660-002511649d1c

Log: 'Application' Date/Time: 30/09/2012 9:56:08 PM
Type: Error Category: 101
Event: 1002 Source: Application Hang
The program Gw2.exe version 1.0.0.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 22e10 Start Time: 01cd9f564b973140 Termination Time: 63 Application Path: C:\Program Files (x86)\Guild Wars 2\Gw2.exe Report Id: a21bcfd1-0b49-11e2-98d3-002511649d1c

Log: 'Application' Date/Time: 30/09/2012 9:54:56 PM
Type: Error Category: 101
Event: 1002 Source: Application Hang
The program Gw2.exe version 1.0.0.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 2223c Start Time: 01cd9f56255a86d0 Termination Time: 60 Application Path: C:\Program Files (x86)\Guild Wars 2\Gw2.exe Report Id: 737b51a1-0b49-11e2-98d3-002511649d1c

Log: 'Application' Date/Time: 30/09/2012 9:54:06 PM
Type: Error Category: 101
Event: 1002 Source: Application Hang
The program Gw2.exe version 1.0.0.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 228bc Start Time: 01cd9f55f96a82a0 Termination Time: 63 Application Path: C:\Program Files (x86)\Guild Wars 2\Gw2.exe Report Id: 57fe4541-0b49-11e2-98d3-002511649d1c

Log: 'Application' Date/Time: 29/09/2012 9:30:23 AM
Type: Error Category: 101
Event: 1002 Source: Application Hang
The program cfplogvw.exe version 5.10.31649.2253 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 1154c Start Time: 01cd9e24ecca13d0 Termination Time: 15 Application Path: C:\Program Files\COMODO\COMODO Internet Security\cfplogvw.exe Report Id: 488fe191-0a18-11e2-98d3-002511649d1c

Log: 'Application' Date/Time: 19/09/2012 8:19:26 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
The event description cannot be found.

Log: 'Application' Date/Time: 18/08/2012 6:38:00 PM
Type: Error Category: 100
Event: 1000 Source: Application Error
The event description cannot be found.

Log: 'Application' Date/Time: 28/07/2012 9:33:13 PM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: SMSystemAnalyzer.exe, version: 11.0.3.2, time stamp: 0x50117f6a Faulting module name: KERNELBASE.dll, version: 6.1.7601.17651, time stamp: 0x4e211319 Exception code: 0x0eedfade Fault offset: 0x0000b9bc Faulting process id: 0x1e8 Faulting application start time: 0x01cd6d08901a3ce8 Faulting application path: C:\Program Files (x86)\iolo\System Mechanic Professional\SMSystemAnalyzer.exe Faulting module path: C:\Windows\syswow64\KERNELBASE.dll Report Id: d5397528-d8fb-11e1-8d33-002511649d1c

Log: 'Application' Date/Time: 17/07/2012 11:04:58 PM
Type: Error Category: 0
Event: 10006 Source: Microsoft-Windows-RestartManager
Application or service 'Windows Explorer' could not be shut down.

Log: 'Application' Date/Time: 09/05/2012 11:34:25 PM
Type: Error Category: 101
Event: 1002 Source: Application Hang
The program HashCalc.exe version 2.0.2.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 540 Start Time: 01cd2e3c00a56070 Termination Time: 8 Application Path: C:\Program Files (x86)\HashCalc\HashCalc.exe Report Id: 8066a301-9a2f-11e1-b9ae-002511649d1c

Log: 'Application' Date/Time: 25/04/2012 3:22:08 AM
Type: Error Category: 101
Event: 1002 Source: Application Hang
The program HashCalc.exe version 2.0.2.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 14b0 Start Time: 01cd228aadeab1f8 Termination Time: 6 Application Path: C:\Program Files (x86)\HashCalc\HashCalc.exe Report Id: d33da689-8e85-11e1-b9ae-002511649d1c

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 19/03/2013 5:13:19 AM
Type: Warning Category: 0
Event: 6000 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <GPClient> was unavailable to handle a notification event.

Log: 'Application' Date/Time: 19/03/2013 5:04:51 AM
Type: Warning Category: 0
Event: 1 Source: Microsoft-Windows-ApplicationExperienceInfrastructure
The application (Tages Protection, from vendor Tages SA) has the following problem: A driver is installed that causes stability problems with your system. This driver will be disabled. Please contact the driver manufacturer for an update that is compatible with this version of Windows.

Log: 'Application' Date/Time: 19/03/2013 5:03:53 AM
Type: Warning Category: 0
Event: 6000 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <GPClient> was unavailable to handle a notification event.

Log: 'Application' Date/Time: 19/03/2013 5:03:52 AM
Type: Warning Category: 0
Event: 6000 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <GPClient> was unavailable to handle a notification event.

Log: 'Application' Date/Time: 18/03/2013 4:40:50 PM
Type: Warning Category: 0
Event: 6000 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <GPClient> was unavailable to handle a notification event.

Log: 'Application' Date/Time: 18/03/2013 4:28:57 PM
Type: Warning Category: 0
Event: 1 Source: Microsoft-Windows-ApplicationExperienceInfrastructure
The application (Tages Protection, from vendor Tages SA) has the following problem: A driver is installed that causes stability problems with your system. This driver will be disabled. Please contact the driver manufacturer for an update that is compatible with this version of Windows.

Log: 'Application' Date/Time: 18/03/2013 4:28:05 PM
Type: Warning Category: 0
Event: 6000 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <GPClient> was unavailable to handle a notification event.

Log: 'Application' Date/Time: 18/03/2013 4:28:05 PM
Type: Warning Category: 0
Event: 6000 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <GPClient> was unavailable to handle a notification event.

Log: 'Application' Date/Time: 17/03/2013 3:28:55 PM
Type: Warning Category: 0
Event: 6000 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <GPClient> was unavailable to handle a notification event.

Log: 'Application' Date/Time: 17/03/2013 3:27:53 PM
Type: Warning Category: 0
Event: 6000 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <GPClient> was unavailable to handle a notification event.

Log: 'Application' Date/Time: 17/03/2013 3:27:53 PM
Type: Warning Category: 0
Event: 6000 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <GPClient> was unavailable to handle a notification event.

Log: 'Application' Date/Time: 17/03/2013 3:27:26 PM
Type: Warning Category: 0
Event: 6000 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <GPClient> was unavailable to handle a notification event.

Log: 'Application' Date/Time: 17/03/2013 3:14:58 PM
Type: Warning Category: 0
Event: 1 Source: Microsoft-Windows-ApplicationExperienceInfrastructure
The application (Tages Protection, from vendor Tages SA) has the following problem: A driver is installed that causes stability problems with your system. This driver will be disabled. Please contact the driver manufacturer for an update that is compatible with this version of Windows.

Log: 'Application' Date/Time: 17/03/2013 3:13:57 PM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 1 user registry handles leaked from \Registry\User\S-1-5-21-2925201978-3475927693-2139486491-1000:
Process 1100 (\Device\HarddiskVolume3\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-2925201978-3475927693-2139486491-1000


Log: 'Application' Date/Time: 17/03/2013 3:11:54 PM
Type: Warning Category: 0
Event: 1 Source: Microsoft-Windows-ApplicationExperienceInfrastructure
The application (Tages Protection, from vendor Tages SA) has the following problem: A driver is installed that causes stability problems with your system. This driver will be disabled. Please contact the driver manufacturer for an update that is compatible with this version of Windows.

Log: 'Application' Date/Time: 17/03/2013 3:11:00 PM
Type: Warning Category: 0
Event: 6000 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <GPClient> was unavailable to handle a notification event.

Log: 'Application' Date/Time: 17/03/2013 3:11:00 PM
Type: Warning Category: 0
Event: 6000 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <GPClient> was unavailable to handle a notification event.

Log: 'Application' Date/Time: 17/03/2013 3:09:30 PM
Type: Warning Category: 0
Event: 6000 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <GPClient> was unavailable to handle a notification event.

Log: 'Application' Date/Time: 17/03/2013 2:56:22 PM
Type: Warning Category: 0
Event: 1 Source: Microsoft-Windows-ApplicationExperienceInfrastructure
The application (Tages Protection, from vendor Tages SA) has the following problem: A driver is installed that causes stability problems with your system. This driver will be disabled. Please contact the driver manufacturer for an update that is compatible with this version of Windows.

Log: 'Application' Date/Time: 17/03/2013 2:55:05 PM
Type: Warning Category: 0
Event: 6000 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <GPClient> was unavailable to handle a notification event.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 19/03/2013 5:12:36 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 18/03/2013 4:40:23 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 17/03/2013 3:27:03 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 17/03/2013 3:09:08 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 27/02/2013 11:30:54 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 27/02/2013 11:17:06 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 27/02/2013 11:04:25 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 27/02/2013 8:25:57 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 27/02/2013 7:48:54 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 27/02/2013 7:38:26 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 27/02/2013 7:25:52 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 25/10/2012 6:18:55 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 25/10/2012 6:01:01 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 25/10/2012 5:15:07 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 25/10/2012 5:07:35 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 25/10/2012 4:21:28 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 24/10/2012 10:34:50 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 24/10/2012 10:18:14 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 24/10/2012 9:01:23 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 24/10/2012 8:23:53 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 19/03/2013 5:13:34 AM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.

Log: 'System' Date/Time: 19/03/2013 5:13:34 AM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.

Log: 'System' Date/Time: 19/03/2013 5:13:34 AM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.

Log: 'System' Date/Time: 19/03/2013 5:13:34 AM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.

Log: 'System' Date/Time: 19/03/2013 5:13:34 AM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.

Log: 'System' Date/Time: 19/03/2013 5:13:34 AM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.

Log: 'System' Date/Time: 19/03/2013 5:13:30 AM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.

Log: 'System' Date/Time: 19/03/2013 5:13:29 AM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.

Log: 'System' Date/Time: 19/03/2013 5:13:29 AM
Type: Error Category: 0
Event: 10005 Source: Microsoft-Windows-DistributedCOM
DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}

Log: 'System' Date/Time: 19/03/2013 5:13:29 AM
Type: Error Category: 0
Event: 10005 Source: Microsoft-Windows-DistributedCOM
DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}

Log: 'System' Date/Time: 19/03/2013 5:13:27 AM
Type: Error Category: 0
Event: 10005 Source: Microsoft-Windows-DistributedCOM
DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Log: 'System' Date/Time: 19/03/2013 5:13:20 AM
Type: Error Category: 0
Event: 10005 Source: Microsoft-Windows-DistributedCOM
DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

Log: 'System' Date/Time: 19/03/2013 5:13:07 AM
Type: Error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: AFD CSC DfsC discache ElbyCDIO ElRawDisk NetBIOS NetBT nsiproxy Psched rdbss SCDEmu spldr sptd tdx VBoxDrv VBoxUSBMon Wanarpv6 WfpLwf

Log: 'System' Date/Time: 19/03/2013 5:13:07 AM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

Log: 'System' Date/Time: 19/03/2013 5:13:07 AM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Network Connections service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

Log: 'System' Date/Time: 19/03/2013 5:13:07 AM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

Log: 'System' Date/Time: 19/03/2013 5:13:07 AM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

Log: 'System' Date/Time: 19/03/2013 5:13:07 AM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.

Log: 'System' Date/Time: 19/03/2013 5:13:07 AM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

Log: 'System' Date/Time: 19/03/2013 5:13:07 AM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 19/03/2013 5:13:13 AM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.

Log: 'System' Date/Time: 19/03/2013 5:04:48 AM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.

Log: 'System' Date/Time: 18/03/2013 4:40:45 PM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.

Log: 'System' Date/Time: 18/03/2013 4:28:58 PM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.

Log: 'System' Date/Time: 17/03/2013 3:28:55 PM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.

Log: 'System' Date/Time: 17/03/2013 3:27:24 PM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.

Log: 'System' Date/Time: 17/03/2013 3:14:55 PM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.

Log: 'System' Date/Time: 17/03/2013 3:13:58 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 17/03/2013 3:11:57 PM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.

Log: 'System' Date/Time: 17/03/2013 3:09:29 PM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.

Log: 'System' Date/Time: 17/03/2013 2:56:04 PM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.

Log: 'System' Date/Time: 27/02/2013 11:42:51 PM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.

Log: 'System' Date/Time: 27/02/2013 11:17:21 PM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.

Log: 'System' Date/Time: 27/02/2013 11:04:40 PM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.

Log: 'System' Date/Time: 27/02/2013 10:32:44 PM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.

Log: 'System' Date/Time: 27/02/2013 10:24:46 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 27/02/2013 8:27:50 PM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.

Log: 'System' Date/Time: 27/02/2013 8:26:28 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 27/02/2013 8:26:17 PM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.

Log: 'System' Date/Time: 27/02/2013 8:12:12 PM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.

FSS

Farbar Service Scanner Version: 03-03-2013
Ran by User (administrator) on 19-03-2013 at 00:16:41
Running from "C:\Users\User\Desktop"
Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Minimal
****************************************************************

Internet Services:
============
Dnscache Service is not running. Checking service configuration:
The start type of Dnscache service is OK.
The ImagePath of Dnscache service is OK.
The ServiceDll of Dnscache service is OK.

Dhcp Service is not running. Checking service configuration:
The start type of Dhcp service is OK.
The ImagePath of Dhcp service is OK.
The ServiceDll of Dhcp service is OK.

Nsi Service is not running. Checking service configuration:
The start type of Nsi service is OK.
The ImagePath of Nsi service is OK.
The ServiceDll of Nsi service is OK.

nsiproxy Service is not running. Checking service configuration:
The start type of nsiproxy service is OK.
The ImagePath of nsiproxy service is OK.

tdx Service is not running. Checking service configuration:
The start type of tdx service is OK.
The ImagePath of tdx service is OK.

afd Service is not running. Checking service configuration:
The start type of afd service is OK.
The ImagePath of afd service is OK.


Connection Status:
==============
Attempt to access Local Host IP returned error: Localhost is blocked: Other errors
There is no connection to network.
Attempt to access Google IP returned error. Other errors
Attempt to access Google.com returned error: Other errors
Attempt to access Yahoo IP returned error. Other errors
Attempt to access Yahoo.com returned error: Other errors


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is OK.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.

bfe Service is not running. Checking service configuration:
The start type of bfe service is OK.
The ImagePath of bfe service is OK.
The ServiceDll of bfe service is OK.


Firewall Disabled Policy:
==================


System Restore:
============
SDRSVC Service is not running. Checking service configuration:
The start type of SDRSVC service is OK.
The ImagePath of SDRSVC service is OK.
The ServiceDll of SDRSVC service is OK.

VSS Service is not running. Checking service configuration:
The start type of VSS service is OK.
The ImagePath of VSS service is OK.


System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.

BITS Service is not running. Checking service configuration:
The start type of BITS service is OK.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.

EventSystem Service is not running. Checking service configuration:
The start type of EventSystem service is OK.
The ImagePath of EventSystem service is OK.
The ServiceDll of EventSystem service is OK.


Windows Autoupdate Disabled Policy:
============================


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****


  • 0

#10
Crowbar

Crowbar

    Teacher

  • GeekU Moderator
  • 4,130 posts
Hi there,
So the thing that stands out the most to me is this error:

Event: 1 Source: Microsoft-Windows-ApplicationExperienceInfrastructure
The application (Tages Protection, from vendor Tages SA) has the following problem: A driver is installed that causes stability problems with your system. This driver will be disabled. Please contact the driver manufacturer for an update that is compatible with this version of Windows.


This seems to be some kind of copy protection for a game.

You should uninstall the offending driver, and re-install it. It appears to be pretty straightforward, you just run the installer to uninstall and reinstall it. Make sure that you use the 64bit driver from here
At the site, you should click on the drivers button and download the 2nd file listed.
Right click on the file once you download it, and select Run as administrator.
Make sure you uninstall the current driver, I would take a guess that it's probably the 32 bit version, hence it's non cooperation.
If you don't reinstall it, you might have one or more games that use it fail to run.
Try that and let me know if you can boot to normal mode.
  • 1

Advertisements


#11
DrkMachine

DrkMachine

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 126 posts
Completely uninstalled, and it gives me a few minutes of use before things slowly start to lockdown, I can still move my mouse, but that is really about it. even task manager eventually stops responding.
  • 0

#12
Crowbar

Crowbar

    Teacher

  • GeekU Moderator
  • 4,130 posts
ok, if that seemed to help, let's persue this avenue further.
Question: When you ran FSS, was that from plain Safe Mode, and not Safe Mode with Networking?
If you don't remember, please run it again, from Safe Mode with Networking and paste in the log

Now to continue with your event logs:
first off, from safe mode do this:
click on the start orb then right click on Computer. Select Manage, and answer the UAC prompt. This opens Computer Management.
Next, expand Event Viewer, then Windows Logs
Right click on System and select Clear Log, then right click on Application and select Clear Log.
Reboot into Normal mode.
Try to do some stuff until if freezes again, (open your browser etc.. if you get that far)

If it does freeze up, then reboot back to safe mode with networking as you were doing.
Now run VEW again

  • Right-click VEW.exe and select Run as administrator
  • Under 'Select log to query', select :
  • Application
  • System
<li>Under 'Select type to list', select:
  • Error
  • Warning
Then use the 'Date of events' or 'Number of events' as follows:

  • Click the radio button for 'Number of events'
    Type 20 in the 1 to 20 box
    Then click the Run button.
    Notepad will open with the output log.
Please post the Output log in your next reply
  • 1

#13
DrkMachine

DrkMachine

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 126 posts
The requested logs.

FSS

Farbar Service Scanner Version: 03-03-2013
Ran by User (administrator) on 20-03-2013 at 10:46:09
Running from "C:\Users\User\Desktop"
Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Network
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============
SDRSVC Service is not running. Checking service configuration:
The start type of SDRSVC service is OK.
The ImagePath of SDRSVC service is OK.
The ServiceDll of SDRSVC service is OK.

VSS Service is not running. Checking service configuration:
The start type of VSS service is OK.
The ImagePath of VSS service is OK.


System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.

BITS Service is not running. Checking service configuration:
The start type of BITS service is OK.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.

EventSystem Service is not running. Checking service configuration:
The start type of EventSystem service is OK.
The ImagePath of EventSystem service is OK.
The ServiceDll of EventSystem service is OK.


Windows Autoupdate Disabled Policy:
============================


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

VEW

Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 20/03/2013 10:58:23 AM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 20/03/2013 3:57:18 PM
Type: Warning Category: 0
Event: 6000 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <GPClient> was unavailable to handle a notification event.

Log: 'Application' Date/Time: 20/03/2013 3:48:57 PM
Type: Warning Category: 0
Event: 6000 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <GPClient> was unavailable to handle a notification event.

Log: 'Application' Date/Time: 20/03/2013 3:48:56 PM
Type: Warning Category: 0
Event: 6000 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <GPClient> was unavailable to handle a notification event.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 20/03/2013 3:56:41 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 20/03/2013 4:14:39 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 20/03/2013 3:55:48 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 19/03/2013 5:12:36 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 18/03/2013 4:40:23 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 17/03/2013 3:27:03 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 17/03/2013 3:09:08 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 27/02/2013 11:30:54 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 27/02/2013 11:17:06 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 27/02/2013 11:04:25 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 27/02/2013 8:25:57 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 27/02/2013 7:48:54 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 27/02/2013 7:38:26 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 27/02/2013 7:25:52 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 25/10/2012 6:18:55 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 25/10/2012 6:01:01 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 25/10/2012 5:15:07 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 25/10/2012 5:07:35 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 25/10/2012 4:21:28 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 24/10/2012 10:34:50 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 20/03/2013 3:57:33 PM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.

Log: 'System' Date/Time: 20/03/2013 3:57:32 PM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.

Log: 'System' Date/Time: 20/03/2013 3:57:32 PM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.

Log: 'System' Date/Time: 20/03/2013 3:57:32 PM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.

Log: 'System' Date/Time: 20/03/2013 3:57:32 PM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.

Log: 'System' Date/Time: 20/03/2013 3:57:32 PM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.

Log: 'System' Date/Time: 20/03/2013 3:57:32 PM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.

Log: 'System' Date/Time: 20/03/2013 3:57:30 PM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.

Log: 'System' Date/Time: 20/03/2013 3:57:30 PM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.

Log: 'System' Date/Time: 20/03/2013 3:57:30 PM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.

Log: 'System' Date/Time: 20/03/2013 3:57:30 PM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.

Log: 'System' Date/Time: 20/03/2013 3:57:30 PM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.

Log: 'System' Date/Time: 20/03/2013 3:57:30 PM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.

Log: 'System' Date/Time: 20/03/2013 3:57:30 PM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.

Log: 'System' Date/Time: 20/03/2013 3:57:30 PM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.

Log: 'System' Date/Time: 20/03/2013 3:57:30 PM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.

Log: 'System' Date/Time: 20/03/2013 3:57:26 PM
Type: Error Category: 0
Event: 10005 Source: Microsoft-Windows-DistributedCOM
DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Log: 'System' Date/Time: 20/03/2013 3:57:19 PM
Type: Error Category: 0
Event: 10005 Source: Microsoft-Windows-DistributedCOM
DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

Log: 'System' Date/Time: 20/03/2013 3:56:59 PM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.

Log: 'System' Date/Time: 20/03/2013 3:56:59 PM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 20/03/2013 3:56:59 PM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.

Log: 'System' Date/Time: 20/03/2013 3:50:10 PM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.

Log: 'System' Date/Time: 20/03/2013 3:48:58 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 20/03/2013 4:14:56 AM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.

Log: 'System' Date/Time: 20/03/2013 3:56:07 AM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.

Log: 'System' Date/Time: 20/03/2013 3:41:35 AM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.

Log: 'System' Date/Time: 19/03/2013 5:13:13 AM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.

Log: 'System' Date/Time: 19/03/2013 5:04:48 AM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.

Log: 'System' Date/Time: 18/03/2013 4:40:45 PM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.

Log: 'System' Date/Time: 18/03/2013 4:28:58 PM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.

Log: 'System' Date/Time: 17/03/2013 3:28:55 PM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.

Log: 'System' Date/Time: 17/03/2013 3:27:24 PM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.

Log: 'System' Date/Time: 17/03/2013 3:14:55 PM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.

Log: 'System' Date/Time: 17/03/2013 3:13:58 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 17/03/2013 3:11:57 PM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.

Log: 'System' Date/Time: 17/03/2013 3:09:29 PM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.

Log: 'System' Date/Time: 17/03/2013 2:56:04 PM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.

Log: 'System' Date/Time: 27/02/2013 11:42:51 PM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.

Log: 'System' Date/Time: 27/02/2013 11:17:21 PM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.

Log: 'System' Date/Time: 27/02/2013 11:04:40 PM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.




  • 0

#14
Crowbar

Crowbar

    Teacher

  • GeekU Moderator
  • 4,130 posts
Looks like you didn't reset one of those catagories, but that's alright. Seems like services are acting whacky. I would like to address that - and if we still have no joy, I will consult with some of my colleagues and we will gang up on your issues.

Lets try this automated fix first -

Download Windows Repair (all in one) from this site
Install the programme then run
Posted Image

On the start repairs tab click start
Posted Image
Select the following items and tick restart system when finished
Posted Image
Then click on Start

Please let me know if this helps while I plan for if it does not.
  • 1

#15
DrkMachine

DrkMachine

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 126 posts
Yay! no more freezing after boot. :woot:


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP