Download aswMBR.exe ( 511KB ) to your desktop.
Right click aswMBR.exe and Run as Administrator
uncheck trace disk IO calls
Click the "Scan" button to start scan (Accept the Avast Engine)
On completion of the scan if the Fix button is enabled (not the FixMBR button) press it and then run a new scan and click save log, save it to your desktop and post in your next reply
If the Fix button is not enabled then just click save log, save it to your desktop and post in your next reply
aswMBR.exe is not 511 kb but 3.314.799 kb, so I went to VirusTotal.
VirusTotal results:aswMBR
SHA256: 7af5e982f35f0865124cfee620a8279e420ae48db926480377f6f612615ab9cd
Nombre: aswMBR.exe
Detecciones: 7 / 44
Fecha de análisis: 2012-12-11 13:54:05 UTC ( hace 2 minutos )
AhnLab-V3 ASD.Prevention 20121211
McAfee Artemis!BE3AB4803C96 20121211
McAfee-GW-Edition Artemis!BE3AB4803C96 20121211
Norman W32/Rootkit.EODN 20121211
Panda Suspicious file 20121211
Symantec WS.Reputation.1 20121211
TrendMicro-HouseCall TROJ_GEN.RC1H1KI 20121211
https://www.virustot...sis/1355234045/Combofix
SHA256: 3cd9dcdcd537a5c6e4f25bc8a0640f952fb719b14610f2a31b14215313ba7a49
Nombre: ComboFix.exe
Detecciones: 3 / 45
Fecha de análisis: 2012-12-11 12:58:01 UTC ( hace 1 hora, 3 minutos )
Jiangmin Trojan/JmGenGeneric.boe 20121211
Sophos NirCmd 20121211
TrendMicro-HouseCall TROJ_GEN.RC1H1LA 20121211
https://www.virustot...a7a49/analysis/Services Repair
SHA256: 8cabc5dfda708d6c6fb7e3eaee83c050dd913da623012cfe2d50c3709f7038c5
Nombre: ServicesRepair.exe
Detecciones: 2 / 45
Fecha de análisis: 2012-12-11 14:04:42 UTC ( hace 0 minutos )
Antiy-AVL Trojan/Win32.Chifrax.gen 20121211
TrendMicro-HouseCall TROJ_GEN.F47V0723 20121211
https://www.virustot...sis/1355234682/Farbar Service Scanner
SHA256: 2872007e83bccaaf3f1695463d72bcbf1af0f369dddc74930ae0f50e46d252de
Nombre: FSS.exe
Detecciones: 2 / 45
Fecha de análisis: 2012-12-11 14:11:11 UTC ( hace 0 minutos )
Antiy-AVL Trojan/Win32.Chifrax.gen 20121211
VBA32 Trojan.Autoit.Wirus 20121211
https://www.virustot...sis/1355235071/I am surprised with these detections, so could you please explain me about that before I try any of these tools?
TDSSKiller log11:17:01.0440 4200 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
11:17:02.0033 4200 ============================================================
11:17:02.0033 4200 Current date / time: 2012/12/11 11:17:02.0033
11:17:02.0033 4200 SystemInfo:
11:17:02.0033 4200
11:17:02.0033 4200 OS Version: 6.1.7601 ServicePack: 1.0
11:17:02.0033 4200 Product type: Workstation
11:17:02.0033 4200 ComputerName: AS-PC
11:17:02.0033 4200 UserName: Pati
11:17:02.0033 4200 Windows directory: C:\Windows
11:17:02.0033 4200 System windows directory: C:\Windows
11:17:02.0033 4200 Running under WOW64
11:17:02.0033 4200 Processor architecture: Intel x64
11:17:02.0033 4200 Number of processors: 8
11:17:02.0033 4200 Page size: 0x1000
11:17:02.0033 4200 Boot type: Normal boot
11:17:02.0033 4200 ============================================================
11:17:04.0186 4200 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:17:04.0202 4200 ============================================================
11:17:04.0202 4200 \Device\Harddisk0\DR0:
11:17:04.0202 4200 MBR partitions:
11:17:04.0202 4200 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3200800, BlocksNum 0x54345000
11:17:04.0202 4200 ============================================================
11:17:04.0202 4200 C: <-> \Device\Harddisk0\DR0\Partition1
11:17:04.0202 4200 ============================================================
11:17:04.0202 4200 Initialize success
11:17:04.0202 4200 ============================================================
11:17:29.0255 6224 ============================================================
11:17:29.0255 6224 Scan started
11:17:29.0255 6224 Mode: Manual; SigCheck; TDLFS;
11:17:29.0255 6224 ============================================================
11:17:29.0443 6224 ================ Scan system memory ========================
11:17:29.0443 6224 System memory - ok
11:17:29.0443 6224 ================ Scan services =============================
11:17:29.0817 6224 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
11:17:29.0926 6224 1394ohci - ok
11:17:29.0973 6224 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
11:17:30.0004 6224 ACPI - ok
11:17:30.0004 6224 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
11:17:30.0051 6224 AcpiPmi - ok
11:17:30.0706 6224 [ 4A17148EEA504A50181280875203F27E ] AcrSch2Svc C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
11:17:30.0753 6224 AcrSch2Svc - ok
11:17:30.0831 6224 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:17:30.0862 6224 AdobeFlashPlayerUpdateSvc - ok
11:17:30.0893 6224 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
11:17:30.0925 6224 adp94xx - ok
11:17:30.0940 6224 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
11:17:30.0956 6224 adpahci - ok
11:17:30.0971 6224 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
11:17:30.0987 6224 adpu320 - ok
11:17:31.0003 6224 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
11:17:31.0034 6224 AeLookupSvc - ok
11:17:31.0065 6224 [ 6E79A119B0CE418FE44E0C824BF3F039 ] AFBAgent C:\Windows\system32\FBAgent.exe
11:17:31.0096 6224 AFBAgent - ok
11:17:31.0127 6224 [ AE1FCE2CD1E99BEA89183BA8CD320872 ] afcdp C:\Windows\system32\DRIVERS\afcdp.sys
11:17:31.0143 6224 afcdp - ok
11:17:31.0205 6224 [ AF44F7E027037628F1FAC3C13CDE73E6 ] afcdpsrv C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
11:17:31.0252 6224 afcdpsrv - ok
11:17:31.0299 6224 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
11:17:31.0346 6224 AFD - ok
11:17:31.0377 6224 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
11:17:31.0393 6224 agp440 - ok
11:17:31.0408 6224 [ 3F66D9AC081B495F91529C80BFA73E97 ] AiCharger C:\Windows\system32\DRIVERS\AiCharger.sys
11:17:31.0424 6224 AiCharger - ok
11:17:31.0455 6224 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
11:17:31.0471 6224 ALG - ok
11:17:31.0486 6224 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
11:17:31.0502 6224 aliide - ok
11:17:31.0517 6224 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
11:17:31.0517 6224 amdide - ok
11:17:31.0533 6224 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
11:17:31.0549 6224 AmdK8 - ok
11:17:31.0564 6224 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
11:17:31.0580 6224 AmdPPM - ok
11:17:31.0580 6224 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
11:17:31.0595 6224 amdsata - ok
11:17:31.0595 6224 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
11:17:31.0611 6224 amdsbs - ok
11:17:31.0627 6224 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
11:17:31.0642 6224 amdxata - ok
11:17:31.0673 6224 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
11:17:31.0705 6224 AppID - ok
11:17:31.0736 6224 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
11:17:31.0767 6224 AppIDSvc - ok
11:17:31.0783 6224 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
11:17:31.0829 6224 Appinfo - ok
11:17:31.0845 6224 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
11:17:31.0861 6224 arc - ok
11:17:31.0861 6224 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
11:17:31.0876 6224 arcsas - ok
11:17:31.0939 6224 [ 18E5C2F937F9DEB8C282DF66A3761925 ] ASLDRService C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
11:17:31.0970 6224 ASLDRService - ok
11:17:31.0985 6224 [ 4C016FD76ED5C05E84CA8CAB77993961 ] ASMMAP64 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
11:17:32.0001 6224 ASMMAP64 - ok
11:17:32.0095 6224 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:17:32.0126 6224 aspnet_state - ok
11:17:32.0141 6224 [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
11:17:32.0157 6224 aswFsBlk - ok
11:17:32.0188 6224 [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
11:17:32.0204 6224 aswMonFlt - ok
11:17:32.0219 6224 [ 57768C7DB4681F2510F247F82EF31D4F ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
11:17:32.0235 6224 aswRdr - ok
11:17:32.0251 6224 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
11:17:32.0282 6224 aswSnx - ok
11:17:32.0313 6224 [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP C:\Windows\system32\drivers\aswSP.sys
11:17:32.0329 6224 aswSP - ok
11:17:32.0344 6224 [ 6EDC79D73745FD44C41B55B2D13D0B70 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
11:17:32.0360 6224 aswTdi - ok
11:17:32.0391 6224 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
11:17:32.0422 6224 AsyncMac - ok
11:17:32.0453 6224 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
11:17:32.0453 6224 atapi - ok
11:17:32.0485 6224 [ 185F180536188C1A4ED605234721A5B9 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
11:17:32.0516 6224 AthBTPort - ok
11:17:32.0547 6224 [ 650F111D5CDA64C10AE4B9D1BA9D4FFF ] Atheros Bt&Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
11:17:32.0563 6224 Atheros Bt&Wlan Coex Agent - ok
11:17:32.0578 6224 [ 944D401B4DB9C64E78E9EDB6690F7368 ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
11:17:32.0594 6224 AtherosSvc - ok
11:17:32.0672 6224 [ B4174564AD5834A1680610572477878C ] athr C:\Windows\system32\DRIVERS\athrx.sys
11:17:32.0797 6224 athr - ok
11:17:32.0828 6224 [ 7910158929571214A959D5A6D16DD9C0 ] ATKGFNEXSrv C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
11:17:32.0843 6224 ATKGFNEXSrv - ok
11:17:32.0906 6224 [ 41CEAFFCF3550785E59E3EC9BEE8D97A ] ATKWMIACPIIO C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
11:17:32.0937 6224 ATKWMIACPIIO - ok
11:17:32.0984 6224 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:17:33.0062 6224 AudioEndpointBuilder - ok
11:17:33.0093 6224 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
11:17:33.0140 6224 AudioSrv - ok
11:17:33.0202 6224 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
11:17:33.0233 6224 avast! Antivirus - ok
11:17:33.0265 6224 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
11:17:33.0327 6224 AxInstSV - ok
11:17:33.0358 6224 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
11:17:33.0405 6224 b06bdrv - ok
11:17:33.0436 6224 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
11:17:33.0499 6224 b57nd60a - ok
11:17:33.0530 6224 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
11:17:33.0561 6224 BDESVC - ok
11:17:33.0577 6224 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
11:17:33.0655 6224 Beep - ok
11:17:33.0686 6224 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
11:17:33.0795 6224 BFE - ok
11:17:33.0826 6224 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
11:17:33.0889 6224 BITS - ok
11:17:33.0904 6224 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
11:17:33.0935 6224 blbdrive - ok
11:17:33.0951 6224 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
11:17:33.0982 6224 bowser - ok
11:17:34.0013 6224 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
11:17:34.0045 6224 BrFiltLo - ok
11:17:34.0045 6224 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
11:17:34.0060 6224 BrFiltUp - ok
11:17:34.0107 6224 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
11:17:34.0154 6224 Browser - ok
11:17:34.0154 6224 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
11:17:34.0185 6224 Brserid - ok
11:17:34.0185 6224 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
11:17:34.0216 6224 BrSerWdm - ok
11:17:34.0216 6224 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
11:17:34.0232 6224 BrUsbMdm - ok
11:17:34.0247 6224 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
11:17:34.0263 6224 BrUsbSer - ok
11:17:34.0294 6224 [ D74A81CCF0372C955862692B7AF272C9 ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
11:17:34.0294 6224 BTATH_A2DP - ok
11:17:34.0325 6224 [ 3118072D09DAA1961A9F6549A4E8433A ] btath_avdt C:\Windows\system32\drivers\btath_avdt.sys
11:17:34.0325 6224 btath_avdt - ok
11:17:34.0357 6224 [ E6B734A37ADE36FE1A77035F4E484C8C ] BTATH_BUS C:\Windows\system32\DRIVERS\btath_bus.sys
11:17:34.0357 6224 BTATH_BUS - ok
11:17:34.0388 6224 [ FB3833E63FF602B69C2FF085846DCF43 ] BTATH_HCRP C:\Windows\system32\DRIVERS\btath_hcrp.sys
11:17:34.0403 6224 BTATH_HCRP - ok
11:17:34.0419 6224 [ 8008D892A2BDA67EEFBE25E14EB5DC83 ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys
11:17:34.0419 6224 BTATH_LWFLT - ok
11:17:34.0450 6224 [ 58535686697E5E82EC3A87938AC3DA54 ] BTATH_RCP C:\Windows\system32\DRIVERS\btath_rcp.sys
11:17:34.0466 6224 BTATH_RCP - ok
11:17:34.0481 6224 [ 3DF6C4913A683C76F29F376EE814221E ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
11:17:34.0497 6224 BtFilter - ok
11:17:34.0528 6224 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
11:17:34.0544 6224 BthEnum - ok
11:17:34.0591 6224 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
11:17:34.0637 6224 BTHMODEM - ok
11:17:34.0653 6224 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
11:17:34.0684 6224 BthPan - ok
11:17:34.0731 6224 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
11:17:34.0747 6224 BTHPORT - ok
11:17:34.0778 6224 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
11:17:34.0809 6224 bthserv - ok
11:17:34.0825 6224 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
11:17:34.0840 6224 BTHUSB - ok
11:17:34.0871 6224 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
11:17:34.0903 6224 cdfs - ok
11:17:34.0934 6224 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
11:17:34.0996 6224 cdrom - ok
11:17:35.0027 6224 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
11:17:35.0105 6224 CertPropSvc - ok
11:17:35.0152 6224 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
11:17:35.0215 6224 circlass - ok
11:17:35.0230 6224 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
11:17:35.0246 6224 CLFS - ok
11:17:35.0277 6224 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:17:35.0308 6224 clr_optimization_v2.0.50727_32 - ok
11:17:35.0339 6224 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:17:35.0371 6224 clr_optimization_v2.0.50727_64 - ok
11:17:35.0433 6224 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:17:35.0464 6224 clr_optimization_v4.0.30319_32 - ok
11:17:35.0495 6224 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:17:35.0511 6224 clr_optimization_v4.0.30319_64 - ok
11:17:35.0527 6224 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
11:17:35.0558 6224 CmBatt - ok
11:17:35.0667 6224 [ 65FB5097D9EE7E3A99E932CFA0E4B344 ] cmdAgent C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
11:17:35.0714 6224 cmdAgent - ok
11:17:35.0729 6224 [ 919ACCC22ABDC1C3CA68326C0E5DEAF9 ] cmdGuard C:\Windows\system32\DRIVERS\cmdguard.sys
11:17:35.0745 6224 cmdGuard - ok
11:17:35.0761 6224 [ F8FECE0F1D44C4A58778083B00EEADAC ] cmdHlp C:\Windows\system32\DRIVERS\cmdhlp.sys
11:17:35.0776 6224 cmdHlp - ok
11:17:35.0792 6224 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
11:17:35.0792 6224 cmdide - ok
11:17:35.0823 6224 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
11:17:35.0854 6224 CNG - ok
11:17:35.0885 6224 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
11:17:35.0901 6224 Compbatt - ok
11:17:35.0917 6224 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
11:17:35.0963 6224 CompositeBus - ok
11:17:35.0963 6224 COMSysApp - ok
11:17:36.0026 6224 [ 78AF1C499BF02F9814DF959A04A4F9C9 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
11:17:36.0057 6224 cphs - ok
11:17:36.0073 6224 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
11:17:36.0088 6224 crcdisk - ok
11:17:36.0119 6224 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
11:17:36.0151 6224 CryptSvc - ok
11:17:36.0182 6224 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
11:17:36.0260 6224 DcomLaunch - ok
11:17:36.0322 6224 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
11:17:36.0400 6224 defragsvc - ok
11:17:36.0416 6224 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
11:17:36.0463 6224 DfsC - ok
11:17:36.0494 6224 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
11:17:36.0509 6224 Dhcp - ok
11:17:36.0525 6224 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
11:17:36.0572 6224 discache - ok
11:17:36.0603 6224 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
11:17:36.0619 6224 Disk - ok
11:17:36.0634 6224 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
11:17:36.0650 6224 Dnscache - ok
11:17:36.0665 6224 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
11:17:36.0697 6224 dot3svc - ok
11:17:36.0712 6224 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
11:17:36.0759 6224 DPS - ok
11:17:36.0775 6224 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
11:17:36.0806 6224 drmkaud - ok
11:17:36.0837 6224 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
11:17:36.0853 6224 DXGKrnl - ok
11:17:36.0868 6224 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
11:17:36.0899 6224 EapHost - ok
11:17:36.0962 6224 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
11:17:37.0009 6224 ebdrv - ok
11:17:37.0024 6224 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
11:17:37.0055 6224 EFS - ok
11:17:37.0118 6224 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
11:17:37.0149 6224 ehRecvr - ok
11:17:37.0165 6224 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
11:17:37.0180 6224 ehSched - ok
11:17:37.0243 6224 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
11:17:37.0258 6224 elxstor - ok
11:17:37.0258 6224 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
11:17:37.0274 6224 ErrDev - ok
11:17:37.0305 6224 [ 05B0DCDA418E297A1B4CD8D7B8ADE403 ] ETD C:\Windows\system32\DRIVERS\ETD.sys
11:17:37.0321 6224 ETD - ok
11:17:37.0352 6224 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
11:17:37.0399 6224 EventSystem - ok
11:17:37.0430 6224 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
11:17:37.0461 6224 exfat - ok
11:17:37.0508 6224 Fabs - ok
11:17:37.0523 6224 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
11:17:37.0555 6224 fastfat - ok
11:17:37.0601 6224 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
11:17:37.0633 6224 Fax - ok
11:17:37.0648 6224 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
11:17:37.0664 6224 fdc - ok
11:17:37.0679 6224 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
11:17:37.0726 6224 fdPHost - ok
11:17:37.0742 6224 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
11:17:37.0789 6224 FDResPub - ok
11:17:37.0804 6224 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
11:17:37.0820 6224 FileInfo - ok
11:17:37.0835 6224 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
11:17:37.0867 6224 Filetrace - ok
11:17:37.0960 6224 [ FFF1130F7C9FA01D093A1EDFC5CCE8FC ] FirebirdServerMAGIXInstance C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
11:17:38.0023 6224 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
11:17:38.0023 6224 FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
11:17:38.0038 6224 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
11:17:38.0054 6224 flpydisk - ok
11:17:38.0069 6224 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
11:17:38.0085 6224 FltMgr - ok
11:17:38.0132 6224 [ BCE31F2F2837DBB763FA2F8636FD24F1 ] FLxHCIc C:\Windows\system32\DRIVERS\FLxHCIc.sys
11:17:38.0163 6224 FLxHCIc - ok
11:17:38.0163 6224 [ BAA12DC50104B73C96872BD3C363B044 ] FLxHCIh C:\Windows\system32\DRIVERS\FLxHCIh.sys
11:17:38.0179 6224 FLxHCIh - ok
11:17:38.0210 6224 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
11:17:38.0257 6224 FontCache - ok
11:17:38.0288 6224 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:17:38.0319 6224 FontCache3.0.0.0 - ok
11:17:38.0319 6224 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
11:17:38.0335 6224 FsDepends - ok
11:17:38.0366 6224 [ DC0DCE4EC2C5D2CF6472F9FD6AA9A7DC ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
11:17:38.0381 6224 fssfltr - ok
11:17:38.0459 6224 [ 40CDFAD174B3D5E80F95DDA003C0B97F ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
11:17:38.0491 6224 fsssvc - ok
11:17:38.0522 6224 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
11:17:38.0537 6224 Fs_Rec - ok
11:17:38.0584 6224 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
11:17:38.0615 6224 fvevol - ok
11:17:38.0662 6224 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
11:17:38.0678 6224 gagp30kx - ok
11:17:38.0709 6224 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
11:17:38.0756 6224 gpsvc - ok
11:17:38.0771 6224 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
11:17:38.0787 6224 hcw85cir - ok
11:17:38.0818 6224 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:17:38.0849 6224 HdAudAddService - ok
11:17:38.0881 6224 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
11:17:38.0896 6224 HDAudBus - ok
11:17:38.0912 6224 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
11:17:38.0927 6224 HidBatt - ok
11:17:38.0943 6224 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
11:17:38.0959 6224 HidBth - ok
11:17:38.0974 6224 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
11:17:38.0990 6224 HidIr - ok
11:17:39.0005 6224 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
11:17:39.0037 6224 hidserv - ok
11:17:39.0068 6224 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
11:17:39.0083 6224 HidUsb - ok
11:17:39.0099 6224 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
11:17:39.0146 6224 hkmsvc - ok
11:17:39.0161 6224 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:17:39.0193 6224 HomeGroupListener - ok
11:17:39.0208 6224 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:17:39.0239 6224 HomeGroupProvider - ok
11:17:39.0271 6224 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
11:17:39.0271 6224 HpSAMD - ok
11:17:39.0317 6224 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
11:17:39.0364 6224 HTTP - ok
11:17:39.0364 6224 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
11:17:39.0380 6224 hwpolicy - ok
11:17:39.0411 6224 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
11:17:39.0427 6224 i8042prt - ok
11:17:39.0442 6224 [ D7921D5A870B11CC1ADAB198A519D50A ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
11:17:39.0458 6224 iaStor - ok
11:17:39.0489 6224 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
11:17:39.0505 6224 iaStorV - ok
11:17:39.0551 6224 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:17:39.0567 6224 idsvc - ok
11:17:39.0707 6224 [ A1CF07D24EDCDC6870535471654D957C ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
11:17:39.0817 6224 igfx - ok
11:17:39.0832 6224 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
11:17:39.0848 6224 iirsp - ok
11:17:39.0879 6224 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
11:17:39.0926 6224 IKEEXT - ok
11:17:39.0957 6224 [ C4E67D3037DC79E39D7136581A947F50 ] inspect C:\Windows\system32\DRIVERS\inspect.sys
11:17:39.0973 6224 inspect - ok
11:17:40.0082 6224 [ 68E799ADC93086EA170D3314DF23BEDB ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
11:17:40.0144 6224 IntcAzAudAddService - ok
11:17:40.0191 6224 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
11:17:40.0222 6224 IntcDAud - ok
11:17:40.0238 6224 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
11:17:40.0253 6224 intelide - ok
11:17:40.0269 6224 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
11:17:40.0316 6224 intelppm - ok
11:17:40.0347 6224 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
11:17:40.0409 6224 IPBusEnum - ok
11:17:40.0441 6224 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:17:40.0487 6224 IpFilterDriver - ok
11:17:40.0503 6224 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
11:17:40.0534 6224 iphlpsvc - ok
11:17:40.0534 6224 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
11:17:40.0565 6224 IPMIDRV - ok
11:17:40.0565 6224 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
11:17:40.0612 6224 IPNAT - ok
11:17:40.0628 6224 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
11:17:40.0659 6224 IRENUM - ok
11:17:40.0706 6224 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
11:17:40.0737 6224 isapnp - ok
11:17:40.0753 6224 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
11:17:40.0768 6224 iScsiPrt - ok
11:17:40.0784 6224 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
11:17:40.0799 6224 kbdclass - ok
11:17:40.0799 6224 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
11:17:40.0831 6224 kbdhid - ok
11:17:40.0862 6224 [ E63EF8C3271D014F14E2469CE75FECB4 ] kbfiltr C:\Windows\system32\DRIVERS\kbfiltr.sys
11:17:40.0862 6224 kbfiltr - ok
11:17:40.0893 6224 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
11:17:40.0909 6224 KeyIso - ok
11:17:40.0924 6224 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
11:17:40.0940 6224 KSecDD - ok
11:17:40.0971 6224 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
11:17:40.0987 6224 KSecPkg - ok
11:17:41.0111 6224 [ E47FFCA0909871AC1BFF0D446FF63CA9 ] KSS C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
11:17:41.0158 6224 KSS - ok
11:17:41.0174 6224 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
11:17:41.0221 6224 ksthunk - ok
11:17:41.0252 6224 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
11:17:41.0299 6224 KtmRm - ok
11:17:41.0314 6224 [ 033B4AED2C5519072C0D81E00804D003 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
11:17:41.0330 6224 L1C - ok
11:17:41.0361 6224 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
11:17:41.0408 6224 LanmanServer - ok
11:17:41.0423 6224 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:17:41.0470 6224 LanmanWorkstation - ok
11:17:41.0501 6224 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
11:17:41.0533 6224 lltdio - ok
11:17:41.0564 6224 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
11:17:41.0595 6224 lltdsvc - ok
11:17:41.0611 6224 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
11:17:41.0657 6224 lmhosts - ok
11:17:41.0689 6224 [ 7F32D4C47A50E7223491E8FB9359907D ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
11:17:41.0704 6224 LMS - ok
11:17:41.0735 6224 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
11:17:41.0751 6224 LSI_FC - ok
11:17:41.0751 6224 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
11:17:41.0767 6224 LSI_SAS - ok
11:17:41.0782 6224 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
11:17:41.0782 6224 LSI_SAS2 - ok
11:17:41.0798 6224 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
11:17:41.0798 6224 LSI_SCSI - ok
11:17:41.0813 6224 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
11:17:41.0845 6224 luafv - ok
11:17:41.0860 6224 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
11:17:41.0876 6224 Mcx2Svc - ok
11:17:41.0876 6224 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
11:17:41.0891 6224 megasas - ok
11:17:41.0907 6224 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
11:17:41.0923 6224 MegaSR - ok
11:17:41.0938 6224 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
11:17:41.0954 6224 MEIx64 - ok
11:17:41.0969 6224 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
11:17:42.0016 6224 MMCSS - ok
11:17:42.0016 6224 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
11:17:42.0250 6224 Modem - ok
11:17:42.0297 6224 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
11:17:42.0313 6224 monitor - ok
11:17:42.0328 6224 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
11:17:42.0344 6224 mouclass - ok
11:17:42.0375 6224 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
11:17:42.0391 6224 mouhid - ok
11:17:42.0422 6224 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
11:17:42.0437 6224 mountmgr - ok
11:17:42.0469 6224 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:17:42.0484 6224 MozillaMaintenance - ok
11:17:42.0500 6224 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
11:17:42.0500 6224 mpio - ok
11:17:42.0515 6224 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
11:17:42.0562 6224 mpsdrv - ok
11:17:42.0593 6224 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
11:17:42.0640 6224 MpsSvc - ok
11:17:42.0640 6224 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
11:17:42.0671 6224 MRxDAV - ok
11:17:42.0687 6224 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
11:17:42.0718 6224 mrxsmb - ok
11:17:42.0734 6224 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:17:42.0749 6224 mrxsmb10 - ok
11:17:42.0765 6224 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:17:42.0796 6224 mrxsmb20 - ok
11:17:42.0796 6224 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
11:17:42.0812 6224 msahci - ok
11:17:42.0827 6224 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
11:17:42.0843 6224 msdsm - ok
11:17:42.0859 6224 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
11:17:42.0874 6224 MSDTC - ok
11:17:42.0890 6224 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
11:17:42.0937 6224 Msfs - ok
11:17:42.0952 6224 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
11:17:42.0983 6224 mshidkmdf - ok
11:17:42.0983 6224 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
11:17:42.0999 6224 msisadrv - ok
11:17:43.0030 6224 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
11:17:43.0077 6224 MSiSCSI - ok
11:17:43.0077 6224 msiserver - ok
11:17:43.0093 6224 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
11:17:43.0139 6224 MSKSSRV - ok
11:17:43.0155 6224 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
11:17:43.0186 6224 MSPCLOCK - ok
11:17:43.0217 6224 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
11:17:43.0249 6224 MSPQM - ok
11:17:43.0264 6224 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
11:17:43.0280 6224 MsRPC - ok
11:17:43.0295 6224 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
11:17:43.0311 6224 mssmbios - ok
11:17:43.0327 6224 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
11:17:43.0358 6224 MSTEE - ok
11:17:43.0358 6224 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
11:17:43.0389 6224 MTConfig - ok
11:17:43.0405 6224 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
11:17:43.0420 6224 Mup - ok
11:17:43.0436 6224 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
11:17:43.0483 6224 napagent - ok
11:17:43.0514 6224 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
11:17:43.0529 6224 NativeWifiP - ok
11:17:43.0576 6224 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
11:17:43.0592 6224 NDIS - ok
11:17:43.0607 6224 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
11:17:43.0639 6224 NdisCap - ok
11:17:43.0670 6224 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
11:17:43.0701 6224 NdisTapi - ok
11:17:43.0717 6224 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
11:17:43.0763 6224 Ndisuio - ok
11:17:43.0779 6224 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
11:17:43.0826 6224 NdisWan - ok
11:17:43.0841 6224 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
11:17:43.0873 6224 NDProxy - ok
11:17:43.0888 6224 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
11:17:43.0919 6224 NetBIOS - ok
11:17:43.0919 6224 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
11:17:43.0966 6224 NetBT - ok
11:17:43.0966 6224 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
11:17:43.0982 6224 Netlogon - ok
11:17:44.0013 6224 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
11:17:44.0060 6224 Netman - ok
11:17:44.0122 6224 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:17:44.0138 6224 NetMsmqActivator - ok
11:17:44.0153 6224 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:17:44.0169 6224 NetPipeActivator - ok
11:17:44.0185 6224 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
11:17:44.0231 6224 netprofm - ok
11:17:44.0247 6224 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:17:44.0263 6224 NetTcpActivator - ok
11:17:44.0263 6224 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:17:44.0278 6224 NetTcpPortSharing - ok
11:17:44.0309 6224 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
11:17:44.0325 6224 nfrd960 - ok
11:17:44.0356 6224 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
11:17:44.0372 6224 NlaSvc - ok
11:17:44.0387 6224 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
11:17:44.0419 6224 Npfs - ok
11:17:44.0434 6224 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
11:17:44.0481 6224 nsi - ok
11:17:44.0497 6224 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
11:17:44.0543 6224 nsiproxy - ok
11:17:44.0606 6224 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
11:17:44.0637 6224 Ntfs - ok
11:17:44.0637 6224 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
11:17:44.0684 6224 Null - ok
11:17:44.0933 6224 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:17:45.0105 6224 nvlddmkm - ok
11:17:45.0136 6224 [ 918841B2454F4F2BD94479692079490B ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
11:17:45.0136 6224 nvpciflt - ok
11:17:45.0167 6224 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
11:17:45.0183 6224 nvraid - ok
11:17:45.0199 6224 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
11:17:45.0214 6224 nvstor - ok
11:17:45.0245 6224 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] nvsvc C:\Windows\system32\nvvsvc.exe
11:17:45.0261 6224 nvsvc - ok
11:17:45.0323 6224 [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
11:17:45.0355 6224 nvUpdatusService - ok
11:17:45.0370 6224 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
11:17:45.0386 6224 nv_agp - ok
11:17:45.0386 6224 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
11:17:45.0401 6224 ohci1394 - ok
11:17:45.0417 6224 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
11:17:45.0448 6224 p2pimsvc - ok
11:17:45.0464 6224 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
11:17:45.0495 6224 p2psvc - ok
11:17:45.0495 6224 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
11:17:45.0526 6224 Parport - ok
11:17:45.0542 6224 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
11:17:45.0557 6224 partmgr - ok
11:17:45.0573 6224 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
11:17:45.0604 6224 PcaSvc - ok
11:17:45.0620 6224 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
11:17:45.0635 6224 pci - ok
11:17:45.0667 6224 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
11:17:45.0667 6224 pciide - ok
11:17:45.0682 6224 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
11:17:45.0698 6224 pcmcia - ok
11:17:45.0713 6224 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
11:17:45.0729 6224 pcw - ok
11:17:45.0745 6224 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
11:17:45.0776 6224 PEAUTH - ok
11:17:45.0823 6224 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
11:17:45.0854 6224 PerfHost - ok
11:17:45.0885 6224 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
11:17:45.0932 6224 pla - ok
11:17:45.0979 6224 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
11:17:45.0994 6224 PlugPlay - ok
11:17:46.0010 6224 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
11:17:46.0041 6224 PNRPAutoReg - ok
11:17:46.0057 6224 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
11:17:46.0072 6224 PNRPsvc - ok
11:17:46.0088 6224 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
11:17:46.0135 6224 PolicyAgent - ok
11:17:46.0150 6224 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
11:17:46.0197 6224 Power - ok
11:17:46.0213 6224 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
11:17:46.0244 6224 PptpMiniport - ok
11:17:46.0259 6224 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
11:17:46.0275 6224 Processor - ok
11:17:46.0306 6224 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
11:17:46.0322 6224 ProfSvc - ok
11:17:46.0337 6224 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:17:46.0353 6224 ProtectedStorage - ok
11:17:46.0369 6224 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
11:17:46.0415 6224 Psched - ok
11:17:46.0462 6224 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
11:17:46.0493 6224 ql2300 - ok
11:17:46.0509 6224 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
11:17:46.0525 6224 ql40xx - ok
11:17:46.0540 6224 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
11:17:46.0571 6224 QWAVE - ok
11:17:46.0587 6224 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
11:17:46.0603 6224 QWAVEdrv - ok
11:17:46.0618 6224 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
11:17:46.0649 6224 RasAcd - ok
11:17:46.0665 6224 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
11:17:46.0712 6224 RasAgileVpn - ok
11:17:46.0727 6224 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
11:17:46.0759 6224 RasAuto - ok
11:17:46.0774 6224 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
11:17:46.0821 6224 Rasl2tp - ok
11:17:46.0837 6224 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
11:17:46.0883 6224 RasMan - ok
11:17:46.0883 6224 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
11:17:46.0915 6224 RasPppoe - ok
11:17:46.0930 6224 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
11:17:46.0961 6224 RasSstp - ok
11:17:46.0977 6224 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
11:17:47.0008 6224 rdbss - ok
11:17:47.0024 6224 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
11:17:47.0039 6224 rdpbus - ok
11:17:47.0071 6224 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
11:17:47.0102 6224 RDPCDD - ok
11:17:47.0117 6224 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
11:17:47.0164 6224 RDPENCDD - ok
11:17:47.0180 6224 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
11:17:47.0211 6224 RDPREFMP - ok
11:17:47.0242 6224 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
11:17:47.0273 6224 RDPWD - ok
11:17:47.0289 6224 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
11:17:47.0305 6224 rdyboost - ok
11:17:47.0320 6224 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
11:17:47.0367 6224 RemoteAccess - ok
11:17:47.0383 6224 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
11:17:47.0429 6224 RemoteRegistry - ok
11:17:47.0461 6224 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
11:17:47.0492 6224 RFCOMM - ok
11:17:47.0539 6224 [ A2FF4C5EC45A9F6051B9D591F364C3A8 ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
11:17:47.0554 6224 RichVideo ( UnsignedFile.Multi.Generic ) - warning
11:17:47.0554 6224 RichVideo - detected UnsignedFile.Multi.Generic (1)
11:17:47.0570 6224 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
11:17:47.0648 6224 RpcEptMapper - ok
11:17:47.0679 6224 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
11:17:47.0695 6224 RpcLocator - ok
11:17:47.0710 6224 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
11:17:47.0741 6224 RpcSs - ok
11:17:47.0773 6224 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
11:17:47.0804 6224 rspndr - ok
11:17:47.0835 6224 [ ED5873F7DFB2F96D37F13322211B6BDC ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
11:17:47.0851 6224 RTL8167 - ok
11:17:47.0866 6224 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
11:17:47.0882 6224 SamSs - ok
11:17:47.0897 6224 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
11:17:47.0897 6224 sbp2port - ok
11:17:47.0929 6224 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
11:17:47.0960 6224 SCardSvr - ok
11:17:47.0975 6224 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
11:17:48.0007 6224 scfilter - ok
11:17:48.0038 6224 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
11:17:48.0069 6224 Schedule - ok
11:17:48.0100 6224 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
11:17:48.0131 6224 SCPolicySvc - ok
11:17:48.0147 6224 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
11:17:48.0178 6224 SDRSVC - ok
11:17:48.0256 6224 [ 206387AB881E93A1A6EB89966C8651F1 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
11:17:48.0287 6224 SDScannerService - ok
11:17:48.0319 6224 [ A529CFE32565C0B145578FFB2B32C9A5 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
11:17:48.0350 6224 SDUpdateService - ok
11:17:48.0365 6224 [ CB63BDB77BB86549FC3303C2F11EDC18 ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
11:17:48.0365 6224 SDWSCService - ok
11:17:48.0397 6224 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
11:17:48.0443 6224 secdrv - ok
11:17:48.0459 6224 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
11:17:48.0490 6224 seclogon - ok
11:17:48.0506 6224 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
11:17:48.0537 6224 SENS - ok
11:17:48.0553 6224 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
11:17:48.0584 6224 SensrSvc - ok
11:17:48.0599 6224 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
11:17:48.0631 6224 Serenum - ok
11:17:48.0631 6224 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
11:17:48.0662 6224 Serial - ok
11:17:48.0677 6224 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
11:17:48.0693 6224 sermouse - ok
11:17:48.0724 6224 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
11:17:48.0771 6224 SessionEnv - ok
11:17:48.0771 6224 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
11:17:48.0787 6224 sffdisk - ok
11:17:48.0802 6224 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
11:17:48.0818 6224 sffp_mmc - ok
11:17:48.0818 6224 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
11:17:48.0849 6224 sffp_sd - ok
11:17:48.0849 6224 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
11:17:48.0865 6224 sfloppy - ok
11:17:48.0896 6224 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
11:17:48.0943 6224 SharedAccess - ok
11:17:48.0974 6224 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:17:49.0005 6224 ShellHWDetection - ok
11:17:49.0005 6224 [ 1BC348CF6BAA90EC8E533EF6E6A69933 ] SiSGbeLH C:\Windows\system32\DRIVERS\SiSG664.sys
11:17:49.0021 6224 SiSGbeLH - ok
11:17:49.0036 6224 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
11:17:49.0052 6224 SiSRaid2 - ok
11:17:49.0052 6224 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
11:17:49.0067 6224 SiSRaid4 - ok
11:17:49.0083 6224 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
11:17:49.0114 6224 Smb - ok
11:17:49.0145 6224 [ 10450F432811D7FDA60A97FCC674D7B2 ] snapman C:\Windows\system32\DRIVERS\snapman.sys
11:17:49.0161 6224 snapman - ok
11:17:49.0192 6224 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
11:17:49.0208 6224 SNMPTRAP - ok
11:17:49.0223 6224 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
11:17:49.0239 6224 spldr - ok
11:17:49.0255 6224 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
11:17:49.0301 6224 Spooler - ok
11:17:49.0379 6224 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
11:17:49.0457 6224 sppsvc - ok
11:17:49.0473 6224 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
11:17:49.0520 6224 sppuinotify - ok
11:17:49.0535 6224 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
11:17:49.0567 6224 srv - ok
11:17:49.0582 6224 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
11:17:49.0598 6224 srv2 - ok
11:17:49.0598 6224 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
11:17:49.0629 6224 srvnet - ok
11:17:49.0660 6224 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
11:17:49.0707 6224 SSDPSRV - ok
11:17:49.0723 6224 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
11:17:49.0754 6224 SstpSvc - ok
11:17:49.0769 6224 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
11:17:49.0785 6224 stexstor - ok
11:17:49.0801 6224 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
11:17:49.0832 6224 stisvc - ok
11:17:49.0847 6224 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
11:17:49.0863 6224 swenum - ok
11:17:49.0879 6224 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
11:17:49.0925 6224 swprv - ok
11:17:49.0957 6224 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
11:17:49.0988 6224 SysMain - ok
11:17:50.0003 6224 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:17:50.0019 6224 TabletInputService - ok
11:17:50.0035 6224 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
11:17:50.0081 6224 TapiSrv - ok
11:17:50.0097 6224 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
11:17:50.0128 6224 TBS - ok
11:17:50.0175 6224 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
11:17:50.0222 6224 Tcpip - ok
11:17:50.0269 6224 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
11:17:50.0300 6224 TCPIP6 - ok
11:17:50.0331 6224 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
11:17:50.0347 6224 tcpipreg - ok
11:17:50.0378 6224 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
11:17:50.0393 6224 TDPIPE - ok
11:17:50.0425 6224 [ 99527D49EE0A96FC25537C61B270A372 ] tdrpman273 C:\Windows\system32\DRIVERS\tdrpm273.sys
11:17:50.0456 6224 tdrpman273 - ok
11:17:50.0471 6224 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
11:17:50.0503 6224 TDTCP - ok
11:17:50.0518 6224 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
11:17:50.0534 6224 tdx - ok
11:17:50.0565 6224 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
11:17:50.0581 6224 TermDD - ok
11:17:50.0612 6224 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
11:17:50.0659 6224 TermService - ok
11:17:50.0674 6224 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
11:17:50.0705 6224 Themes - ok
11:17:50.0705 6224 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
11:17:50.0737 6224 THREADORDER - ok
11:17:50.0783 6224 [ EBBAEA02F0095A798000C7E06B16D41B ] timounter C:\Windows\system32\DRIVERS\timntr.sys
11:17:50.0799 6224 timounter - ok
11:17:50.0799 6224 [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM C:\Windows\system32\drivers\tpm.sys
11:17:50.0830 6224 TPM - ok
11:17:50.0846 6224 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
11:17:50.0877 6224 TrkWks - ok
11:17:50.0924 6224 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:17:50.0971 6224 TrustedInstaller - ok
11:17:50.0986 6224 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
11:17:51.0017 6224 tssecsrv - ok
11:17:51.0033 6224 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
11:17:51.0064 6224 TsUsbFlt - ok
11:17:51.0064 6224 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
11:17:51.0080 6224 TsUsbGD - ok
11:17:51.0111 6224 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
11:17:51.0158 6224 tunnel - ok
11:17:51.0173 6224 [ FD24F98D2898BE093FE926604BE7DB99 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
11:17:51.0189 6224 TurboB - ok
11:17:51.0236 6224 [ 600B406A04D90F577FEA8A88D7379F08 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
11:17:51.0267 6224 TurboBoost - ok
11:17:51.0267 6224 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
11:17:51.0298 6224 uagp35 - ok
11:17:51.0314 6224 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
11:17:51.0345 6224 udfs - ok
11:17:51.0376 6224 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
11:17:51.0407 6224 UI0Detect - ok
11:17:51.0407 6224 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
11:17:51.0423 6224 uliagpkx - ok
11:17:51.0439 6224 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
11:17:51.0470 6224 umbus - ok
11:17:51.0485 6224 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
11:17:51.0501 6224 UmPass - ok
11:17:51.0563 6224 [ 2C16648A12999AE69A9EBF41974B0BA2 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
11:17:51.0610 6224 UNS - ok
11:17:51.0657 6224 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
11:17:51.0735 6224 upnphost - ok
11:17:51.0751 6224 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
11:17:51.0782 6224 usbccgp - ok
11:17:51.0782 6224 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
11:17:51.0797 6224 usbcir - ok
11:17:51.0813 6224 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
11:17:51.0844 6224 usbehci - ok
11:17:51.0844 6224 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
11:17:51.0875 6224 usbhub - ok
11:17:51.0891 6224 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
11:17:51.0907 6224 usbohci - ok
11:17:51.0907 6224 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
11:17:51.0922 6224 usbprint - ok
11:17:51.0938 6224 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:17:51.0953 6224 USBSTOR - ok
11:17:51.0969 6224 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
11:17:52.0000 6224 usbuhci - ok
11:17:52.0016 6224 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
11:17:52.0047 6224 usbvideo - ok
11:17:52.0078 6224 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
11:17:52.0109 6224 UxSms - ok
11:17:52.0125 6224 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
11:17:52.0141 6224 VaultSvc - ok
11:17:52.0156 6224 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
11:17:52.0172 6224 vdrvroot - ok
11:17:52.0172 6224 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
11:17:52.0219 6224 vds - ok
11:17:52.0219 6224 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
11:17:52.0250 6224 vga - ok
11:17:52.0250 6224 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
11:17:52.0281 6224 VgaSave - ok
11:17:52.0281 6224 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
11:17:52.0297 6224 vhdmp - ok
11:17:52.0312 6224 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
11:17:52.0312 6224 viaide - ok
11:17:52.0375 6224 [ 9DCB8D7BC3F13189E75A9AC4F9F700DE ] VideAceWindowsService C:\ExpressGateUtil\VAWinService.exe
11:17:52.0406 6224 VideAceWindowsService - ok
11:17:52.0421 6224 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
11:17:52.0437 6224 volmgr - ok
11:17:52.0437 6224 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
11:17:52.0453 6224 volmgrx - ok
11:17:52.0453 6224 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\Windows\system32\drivers\volsnap.sys
11:17:52.0468 6224 volsnap - ok
11:17:52.0499 6224 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
11:17:52.0515 6224 vsmraid - ok
11:17:52.0546 6224 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
11:17:52.0593 6224 VSS - ok
11:17:52.0609 6224 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
11:17:52.0640 6224 vwifibus - ok
11:17:52.0655 6224 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
11:17:52.0671 6224 vwififlt - ok
11:17:52.0687 6224 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
11:17:52.0733 6224 W32Time - ok
11:17:52.0749 6224 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
11:17:52.0765 6224 WacomPen - ok
11:17:52.0796 6224 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
11:17:52.0827 6224 WANARP - ok
11:17:52.0843 6224 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
11:17:52.0858 6224 Wanarpv6 - ok
11:17:52.0952 6224 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
11:17:53.0014 6224 WatAdminSvc - ok
11:17:53.0061 6224 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
11:17:53.0092 6224 wbengine - ok
11:17:53.0108 6224 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
11:17:53.0139 6224 WbioSrvc - ok
11:17:53.0170 6224 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
11:17:53.0201 6224 wcncsvc - ok
11:17:53.0217 6224 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:17:53.0248 6224 WcsPlugInService - ok
11:17:53.0248 6224 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
11:17:53.0264 6224 Wd - ok
11:17:53.0295 6224 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
11:17:53.0311 6224 Wdf01000 - ok
11:17:53.0326 6224 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
11:17:53.0357 6224 WdiServiceHost - ok
11:17:53.0357 6224 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
11:17:53.0373 6224 WdiSystemHost - ok
11:17:53.0389 6224 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
11:17:53.0420 6224 WebClient - ok
11:17:53.0435 6224 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
11:17:53.0482 6224 Wecsvc - ok
11:17:53.0482 6224 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
11:17:53.0529 6224 wercplsupport - ok
11:17:53.0545 6224 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
11:17:53.0591 6224 WerSvc - ok
11:17:53.0623 6224 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
11:17:53.0654 6224 WfpLwf - ok
11:17:53.0685 6224 [ 52DED146E4797E6CCF94799E8E22BB2A ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
11:17:53.0701 6224 WimFltr - ok
11:17:53.0716 6224 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
11:17:53.0732 6224 WIMMount - ok
11:17:53.0747 6224 WinDefend - ok
11:17:53.0763 6224 WinHttpAutoProxySvc - ok
11:17:53.0810 6224 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
11:17:53.0841 6224 Winmgmt - ok
11:17:53.0903 6224 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
11:17:53.0966 6224 WinRM - ok
11:17:53.0997 6224 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
11:17:54.0044 6224 Wlansvc - ok
11:17:54.0075 6224 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
11:17:54.0091 6224 wlcrasvc - ok
11:17:54.0200 6224 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:17:54.0247 6224 wlidsvc - ok
11:17:54.0278 6224 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
11:17:54.0293 6224 WmiAcpi - ok
11:17:54.0325 6224 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
11:17:54.0387 6224 wmiApSrv - ok
11:17:54.0418 6224 WMPNetworkSvc - ok
11:17:54.0449 6224 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
11:17:54.0481 6224 WPCSvc - ok
11:17:54.0496 6224 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
11:17:54.0527 6224 WPDBusEnum - ok
11:17:54.0543 6224 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
11:17:54.0574 6224 ws2ifsl - ok
11:17:54.0574 6224 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
11:17:54.0605 6224 wscsvc - ok
11:17:54.0605 6224 WSearch - ok
11:17:54.0652 6224 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
11:17:54.0699 6224 wuauserv - ok
11:17:54.0715 6224 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
11:17:54.0746 6224 WudfPf - ok
11:17:54.0777 6224 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
11:17:54.0793 6224 WUDFRd - ok
11:17:54.0808 6224 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
11:17:54.0824 6224 wudfsvc - ok
11:17:54.0839 6224 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
11:17:54.0886 6224 WwanSvc - ok
11:17:54.0902 6224 ================ Scan global ===============================
11:17:54.0917 6224 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
11:17:54.0933 6224 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
11:17:54.0949 6224 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
11:17:54.0964 6224 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
11:17:54.0980 6224 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
11:17:54.0980 6224 [Global] - ok
11:17:54.0980 6224 ================ Scan MBR ==================================
11:17:54.0995 6224 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:17:55.0370 6224 \Device\Harddisk0\DR0 - ok
11:17:55.0370 6224 ================ Scan VBR ==================================
11:17:55.0370 6224 [ 76A092150AFD2A33B0FD0DB38784023C ] \Device\Harddisk0\DR0\Partition1
11:17:55.0370 6224 \Device\Harddisk0\DR0\Partition1 - ok
11:17:55.0370 6224 ============================================================
11:17:55.0370 6224 Scan finished
11:17:55.0370 6224 ============================================================
11:17:55.0385 4304 Detected object count: 2
11:17:55.0385 4304 Actual detected object count: 2
11:19:29.0455 4304 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user
11:19:29.0455 4304 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:19:29.0455 4304 RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user
11:19:29.0455 4304 RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:19:37.0582 7004 Deinitialize success
------------------------
Mbam logMalwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org
Versión de la Base de Datos: v2012.12.11.07
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Pati :: AS-PC [administrador]
11/12/2012 11:21:27 a.m.
mbam-log-2012-12-11 (11-21-27).txt
Tipos de Análisis: Análisis Rápido
Opciones de análisis activado: Memoria | Inicio | Registro | Sistema de archivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
Opciones de análisis desactivados: P2P
Objetos examinados: 224658
Tiempo transcurrido: 1 minuto(s), 43 segundo(s)
Procesos en Memoria Detectados: 0
(No se han detectado elementos maliciosos)
Módulos de Memoria Detectados: 0
(No se han detectado elementos maliciosos)
Claves del Registro Detectados: 0
(No se han detectado elementos maliciosos)
Valores del Registro Detectados: 0
(No se han detectado elementos maliciosos)
Elementos de Datos del Registro Detectados: 0
(No se han detectado elementos maliciosos)
Carpetas Detectadas: 0
(No se han detectado elementos maliciosos)
Archivos Detectados: 0
(No se han detectado elementos maliciosos)
fin)
-----------------------------------------
sfc /scannow messageWindows resources protection found damaged files and cannot repair some of them. To get more details check CBS.log
windir\Logs\CBS\CBS.log
-----------------------------------------
Event ViewerAs I told you before, the program doesn't run in another language.
OTL logOTL logfile created on: 11/12/2012 11:43:54 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Pati\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000c0a | Country: Argentina | Language: ESS | Date Format: dd/MM/yyyy
13,91 Gb Total Physical Memory | 10,94 Gb Available Physical Memory | 78,64% Memory free
27,81 Gb Paging File | 24,85 Gb Available in Paging File | 89,33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 673,63 Gb Total Space | 556,44 Gb Free Space | 82,60% Space Free | Partition Type: NTFS
Computer Name: AS-PC | User Name: Pati | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - C:\Users\Pati\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (Acronis)
PRC - C:\Windows\AsScrPro.exe (ASUS)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe (Kaspersky Lab ZAO)
PRC - C:\ExpressGateUtil\VAWinService.exe ()
PRC - C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (ASUS)
PRC - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUS)
PRC - C:\Windows\SysWOW64\ACEngSvr.exe (ASUSTeK)
PRC - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
PRC - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe (Virage Logic Corporation / Sonic Focus)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe ()
========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtScript4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtGui4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtNetwork4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtSql4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtDeclarative4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtCore4.dll ()
MOD - C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll ()
MOD - C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll ()
MOD - C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll ()
MOD - C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe ()
========== Services (SafeList) ========== SRV:
64bit: - (cmdAgent) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO)
SRV:
64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:
64bit: - (AFBAgent) -- C:\Windows\SysNative\FBAgent.exe (ASUSTeK Computer Inc.)
SRV:
64bit: - (TurboBoost) -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe (Intel® Corporation)
SRV:
64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:
64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (afcdpsrv) -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (Acronis)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (KSS) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe (Kaspersky Lab ZAO)
SRV - (VideAceWindowsService) -- C:\ExpressGateUtil\VAWinService.exe ()
SRV - (Atheros Bt&Wlan Coex Agent) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros)
SRV - (AtherosSvc) -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe (Atheros Commnucations)
SRV - (Fabs) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (AcrSch2Svc) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (Acronis)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ATKGFNEXSrv) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUS)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®)
========== Driver Services (SafeList) ========== DRV:
64bit: - (afcdp) -- C:\Windows\SysNative\drivers\afcdp.sys (Acronis)
DRV:
64bit: - (tdrpman273) -- C:\Windows\SysNative\drivers\tdrpm273.sys (Acronis)
DRV:
64bit: - (timounter) -- C:\Windows\SysNative\drivers\timntr.sys (Acronis)
DRV:
64bit: - (snapman) -- C:\Windows\SysNative\drivers\snapman.sys (Acronis)
DRV:
64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:
64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:
64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:
64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:
64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:
64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:
64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:
64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation)
DRV:
64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:
64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:
64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:
64bit: - (FLxHCIc) -- C:\Windows\SysNative\drivers\FLxHCIc.sys (Fresco Logic)
DRV:
64bit: - (FLxHCIh) -- C:\Windows\SysNative\drivers\FLxHCIh.sys (Fresco Logic)
DRV:
64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:
64bit: - (AiCharger) -- C:\Windows\SysNative\drivers\AiCharger.sys (ASUSTek Computer Inc.)
DRV:
64bit: - (BtFilter) -- C:\Windows\SysNative\drivers\btfilter.sys (Atheros)
DRV:
64bit: - (BTATH_RCP) -- C:\Windows\SysNative\drivers\btath_rcp.sys (Atheros)
DRV:
64bit: - (BTATH_LWFLT) -- C:\Windows\SysNative\drivers\btath_lwflt.sys (Atheros)
DRV:
64bit: - (BTATH_HCRP) -- C:\Windows\SysNative\drivers\btath_hcrp.sys (Atheros)
DRV:
64bit: - (AthBTPort) -- C:\Windows\SysNative\drivers\btath_flt.sys (Atheros)
DRV:
64bit: - (BTATH_BUS) -- C:\Windows\SysNative\drivers\btath_bus.sys (Atheros)
DRV:
64bit: - (btath_avdt) -- C:\Windows\SysNative\drivers\btath_avdt.sys (Atheros)
DRV:
64bit: - (BTATH_A2DP) -- C:\Windows\SysNative\drivers\btath_a2dp.sys (Atheros)
DRV:
64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:
64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:
64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys (Intel® Corporation)
DRV:
64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:
64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:
64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:
64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:
64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:
64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel® Corporation)
DRV:
64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronic Corp.)
DRV:
64bit: - (kbfiltr) -- C:\Windows\SysNative\drivers\kbfiltr.sys ( )
DRV:
64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:
64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:
64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:
64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:
64bit: - (SiSGbeLH) -- C:\Windows\SysNative\drivers\SiSG664.sys (Silicon Integrated Systems Corp.)
DRV:
64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:
64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:
64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:
64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:
64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:
64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (AiCharger) -- C:\Windows\SysWOW64\drivers\AiCharger.sys (ASUSTek Computer Inc.)
DRV - (ATKWMIACPIIO) -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys (ASUS)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (ASMMAP64) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys (ASUS)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:
64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://asus.msn.comIE:
64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:
64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/...rc=IE-SearchBoxIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://asus.msn.comIE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/...rc=IE-SearchBox IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://asus.msn.comIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.google.comIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.comIE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{8EEAC88A-079B-4b2c-80C1-7836F79EB40A}: "URL" =
http://ar.search.yah...}&fr=chr-comodoIE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "chrf-comodo"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-comodo"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20120926
FF - prefs.js..extensions.enabledAddons: copylinkurl%40bluelightdev.com:1.5
FF - prefs.js..extensions.enabledAddons: properties%40darktrojan.net:7
FF - prefs.js..extensions.enabledAddons: %7BB17C1C5A-04B1-11DB-9804-B622A1EF5492%7D:1.2.1
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.12
FF - prefs.js..extensions.enabledAddons: %7Bd09e32df-8610-4b33-b929-1e631b764130%7D:0.5.0
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.5
FF - prefs.js..extensions.enabledAddons: status4evar%40caligonstudios.com:2012.07.08.17
FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.3
FF - prefs.js..extensions.enabledAddons: %7B4BBDD651-70CF-4821-84F8-2B918CF89CA3%7D:7.0.3.5
FF - prefs.js..extensions.enabledAddons: %7Be001c731-5e37-4538-a5cb-8168736a2360%7D:0.9.9.119
FF - prefs.js..extensions.enabledAddons: %7B5FF97DB7-2EF7-4a7f-8E36-5214B5C5C65A%7D:6
FF - prefs.js..extensions.enabledItems:
[email protected]:4.3
FF - prefs.js..extensions.enabledItems:
[email protected]:1.5
FF - prefs.js..extensions.enabledItems: {4BBDD651-70CF-4821-84F8-2B918CF89CA3}:6.3.3.2
FF - prefs.js..extensions.enabledItems:
[email protected]:1.01
FF - prefs.js..extensions.enabledItems:
[email protected]:1.0
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.2.2rc3
FF - prefs.js..extensions.enabledItems: {B17C1C5A-04B1-11DB-9804-B622A1EF5492}:1.2.1
FF - prefs.js..extensions.enabledItems:
[email protected]:6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems:
[email protected]:1.1
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20111107
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.7
FF - prefs.js..extensions.enabledItems:
[email protected]:1.0.1
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.8
FF - prefs.js..extensions.enabledItems: {E4091D66-127C-11DB-903A-DE80D2EFDFE8}:1.6.5.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {0545b830-f0aa-4d7e-8820-50a4629a56fe}:4.8.0.5
FF - prefs.js..extensions.enabledItems: {038dc421-b19e-4711-a218-1fd10de9163b}:1.0.0.2
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.13
FF - prefs.js..extensions.enabledItems: {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}:1.67
FF - prefs.js..extensions.enabledItems: {a3a5c777-f583-4fef-9380-ab4add1bc2a8}:2.0.3
FF - prefs.js..extensions.enabledItems:
[email protected]:1.6
FF - prefs.js..extensions.enabledItems: {C8E400E3-44BC-4e78-8C17-8C48E74C67F4}:3.6
FF - prefs.js..keyword.URL: "
http://ar.search.yah...ytff-comodo&p="FF - user.js - File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_110.dll File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\
[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/12/02 12:21:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2012/12/02 12:21:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pati\AppData\Roaming\mozilla\Extensions
[2012/12/08 15:31:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pati\AppData\Roaming\mozilla\Firefox\Profiles\myodazhg.default\extensions
[2012/12/02 12:27:18 | 000,000,000 | ---D | M] (FEBE) -- C:\Users\Pati\AppData\Roaming\mozilla\Firefox\Profiles\myodazhg.default\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3}
[2012/12/02 13:02:14 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Pati\AppData\Roaming\mozilla\Firefox\Profiles\myodazhg.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2012/12/01 18:38:24 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Pati\AppData\Roaming\mozilla\Firefox\Profiles\myodazhg.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012/12/05 19:55:05 | 000,000,000 | ---D | M] (Bitdefender QuickScan) -- C:\Users\Pati\AppData\Roaming\mozilla\Firefox\Profiles\myodazhg.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2012/12/06 16:05:14 | 000,000,000 | ---D | M] (DoNotTrackMe) -- C:\Users\Pati\AppData\Roaming\mozilla\Firefox\Profiles\myodazhg.default\extensions\
[email protected][2012/04/13 23:34:47 | 000,012,755 | ---- | M] () (No name found) -- C:\Users\Pati\AppData\Roaming\mozilla\firefox\profiles\myodazhg.default\extensions\
[email protected][2012/06/22 12:41:25 | 000,008,010 | ---- | M] () (No name found) -- C:\Users\Pati\AppData\Roaming\mozilla\firefox\profiles\myodazhg.default\extensions\
[email protected][2012/07/31 22:18:37 | 000,146,901 | ---- | M] () (No name found) -- C:\Users\Pati\AppData\Roaming\mozilla\firefox\profiles\myodazhg.default\extensions\
[email protected][2012/06/22 11:55:20 | 000,097,400 | ---- | M] () (No name found) -- C:\Users\Pati\AppData\Roaming\mozilla\firefox\profiles\myodazhg.default\extensions\
[email protected][2012/12/02 16:13:25 | 000,163,080 | ---- | M] () (No name found) -- C:\Users\Pati\AppData\Roaming\mozilla\firefox\profiles\myodazhg.default\extensions\
[email protected][2012/07/31 22:10:46 | 001,675,213 | ---- | M] () (No name found) -- C:\Users\Pati\AppData\Roaming\mozilla\firefox\profiles\myodazhg.default\extensions\{1DEAE5AA-E19E-458b-9C8C-73CB651B9A58}.xpi
[2012/08/02 22:08:20 | 002,227,573 | ---- | M] () (No name found) -- C:\Users\Pati\AppData\Roaming\mozilla\firefox\profiles\myodazhg.default\extensions\{5FF97DB7-2EF7-4a7f-8E36-5214B5C5C65A}.xpi
[2012/12/04 22:23:46 | 000,531,070 | ---- | M] () (No name found) -- C:\Users\Pati\AppData\Roaming\mozilla\firefox\profiles\myodazhg.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2012/04/13 23:45:28 | 000,088,719 | ---- | M] () (No name found) -- C:\Users\Pati\AppData\Roaming\mozilla\firefox\profiles\myodazhg.default\extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}.xpi
[2012/08/01 11:38:45 | 002,831,746 | ---- | M] () (No name found) -- C:\Users\Pati\AppData\Roaming\mozilla\firefox\profiles\myodazhg.default\extensions\{C8E400E3-44BC-4e78-8C17-8C48E74C67F4}.xpi
[2012/06/22 12:52:23 | 000,029,829 | ---- | M] () (No name found) -- C:\Users\Pati\AppData\Roaming\mozilla\firefox\profiles\myodazhg.default\extensions\{d09e32df-8610-4b33-b929-1e631b764130}.xpi
[2012/07/31 22:11:48 | 001,669,514 | ---- | M] () (No name found) -- C:\Users\Pati\AppData\Roaming\mozilla\firefox\profiles\myodazhg.default\extensions\{ded0fc70-7215-4802-afeb-b2982d3e7225}.xpi
[2012/11/20 21:42:49 | 000,243,496 | ---- | M] () (No name found) -- C:\Users\Pati\AppData\Roaming\mozilla\firefox\profiles\myodazhg.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2012/12/05 12:11:56 | 000,007,919 | ---- | M] () (No name found) -- C:\Users\Pati\AppData\Roaming\mozilla\firefox\profiles\myodazhg.default\extensions\
[email protected]\chrome\content\ff\view_expiry.js
[2012/12/02 12:21:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012/11/29 05:26:57 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/11/29 07:20:17 | 000,004,293 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\drae.xml
[2012/11/29 07:20:17 | 000,002,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\mercadolibre-ar.xml
[2012/11/29 07:20:17 | 000,001,391 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-es.xml
[2012/11/29 07:20:17 | 000,001,037 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-ar.xml
O1 HOSTS File: ([2009/06/10 18:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:
64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:
64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.)
O4:
64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:
64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4:
64bit: - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4:
64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:
64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:
64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:
64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:
64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:
64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [ASUSPRP] C:\Program Files (x86)\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [FLxHCIm64] C:\Program Files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe (Windows ® Win 7 DDK provider)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe (Virage Logic Corporation / Sonic Focus)
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (ASUS)
O4 - HKCU..\Run: [KSS] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe (Kaspersky Lab ZAO)
O4 - HKCU..\Run: [Spybot-S&D Cleaning] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Users\Pati\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel® Turbo Boost Technology Monitor 2.0.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O13
64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 200.49.130.23 200.49.130.22
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B5E61161-68EB-4A85-BE4A-7E80004C6B47}: DhcpNameServer = 200.49.130.23 200.49.130.22
O18:
64bit: - Protocol\Handler\livecall - No CLSID value found
O18:
64bit: - Protocol\Handler\msnim - No CLSID value found
O18:
64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:
64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:
64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20:
64bit: - AppInit_DLLs: (C:\Windows\system32\guard64.dll) - C:\Windows\SysNative\guard64.dll (COMODO)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\guard32.dll) - C:\Windows\SysWOW64\guard32.dll (COMODO)
O20:
64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:
64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21:
64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 0
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (sdnclean64.exe)
O35:
64bit: - HKLM\..comfile [open] -- "%1" %*
O35:
64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:
64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:
64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AsusVibeLauncher.lnk - - File not found
MsConfig:64bit - StartUpReg:
ASUS Screen Saver Protector - hkey= - key= - C:\Windows\AsScrPro.exe (ASUS)
MsConfig:64bit - StartUpReg:
ASUSWebStorage - hkey= - key= - C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe (ecareme)
MsConfig:64bit - StartUpReg:
CLMLServer - hkey= - key= - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
MsConfig:64bit - StartUpReg:
COMODO - hkey= - key= - File not found
MsConfig:64bit - StartUpReg:
CPA - hkey= - key= - File not found
MsConfig:64bit - StartUpReg:
RemoteControl10 - hkey= - key= - C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
MsConfig:64bit - StartUpReg:
RtHDVCpl - hkey= - key= - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
MsConfig:64bit - StartUpReg:
SDTray - hkey= - key= - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
MsConfig:64bit - StartUpReg:
Servicio de Acronis Scheduler2 - hkey= - key= - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
MsConfig:64bit - StartUpReg:
SessionLogon - hkey= - key= - File not found
MsConfig:64bit - StartUpReg:
SunJavaUpdateSched - hkey= - key= - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig:64bit - StartUpReg:
TrueImageMonitor.exe - hkey= - key= - C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
MsConfig:64bit - StartUpReg:
UpdatePSTShortCut - hkey= - key= - C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
MsConfig:64bit - StartUpReg:
VAWinAgent - hkey= - key= - C:\ExpressGateUtil\VAWinAgent.exe ()
MsConfig:64bit - State: "startup" - Reg Error: Key error.
SafeBootMin:
64bit: AppMgmt - Service
SafeBootMin:
64bit: Base - Driver Group
SafeBootMin:
64bit: Boot Bus Extender - Driver Group
SafeBootMin:
64bit: Boot file system - Driver Group
SafeBootMin:
64bit: File system - Driver Group
SafeBootMin:
64bit: Filter - Driver Group
SafeBootMin:
64bit: HelpSvc - Service
SafeBootMin:
64bit: PCI Configuration - Driver Group
SafeBootMin:
64bit: PNP Filter - Driver Group
SafeBootMin:
64bit: Primary disk - Driver Group
SafeBootMin:
64bit: sacsvr - Service
SafeBootMin:
64bit: SCSI Class - Driver Group
SafeBootMin:
64bit: System Bus Extender - Driver Group
SafeBootMin:
64bit: vmms - Service
SafeBootMin:
64bit: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootMin:
64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:
64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:
64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:
64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:
64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:
64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:
64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:
64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:
64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:
64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:
64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:
64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:
64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:
64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:
64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:
64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:
64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet:
64bit: AppMgmt - Service
SafeBootNet:
64bit: Base - Driver Group
SafeBootNet:
64bit: Boot Bus Extender - Driver Group
SafeBootNet:
64bit: Boot file system - Driver Group
SafeBootNet:
64bit: File system - Driver Group
SafeBootNet:
64bit: Filter - Driver Group
SafeBootNet:
64bit: HelpSvc - Service
SafeBootNet:
64bit: Messenger - Service
SafeBootNet:
64bit: NDIS Wrapper - Driver Group
SafeBootNet:
64bit: NetBIOSGroup - Driver Group
SafeBootNet:
64bit: NetDDEGroup - Driver Group
SafeBootNet:
64bit: Network - Driver Group
SafeBootNet:
64bit: NetworkProvider - Driver Group
SafeBootNet:
64bit: PCI Configuration - Driver Group
SafeBootNet:
64bit: PNP Filter - Driver Group
SafeBootNet:
64bit: PNP_TDI - Driver Group
SafeBootNet:
64bit: Primary disk - Driver Group
SafeBootNet:
64bit: rdsessmgr - Service
SafeBootNet:
64bit: sacsvr - Service
SafeBootNet:
64bit: SCSI Class - Driver Group
SafeBootNet:
64bit: Streams Drivers - Driver Group
SafeBootNet:
64bit: System Bus Extender - Driver Group
SafeBootNet:
64bit: TDI - Driver Group
SafeBootNet:
64bit: vmms - Service
SafeBootNet:
64bit: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootNet:
64bit: WudfUsbccidDriver - Driver
SafeBootNet:
64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:
64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:
64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:
64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:
64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:
64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:
64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:
64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:
64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:
64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:
64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:
64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:
64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:
64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:
64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:
64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:
64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:
64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:
64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:
64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:
64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:
64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
ActiveX:
64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:
64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:
64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:
64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:
64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:
64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:
64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:
64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:
64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:
64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:
64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:
64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:
64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:
64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:
64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:
64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:
64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:
64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:
64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:
64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:
64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:
64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:
64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:
64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CE4BC71D-A88B-4943-BB3D-AF9C0E7D4387} - .NET Framework
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
Drivers32:
64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ========== [2012/12/11 09:52:23 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Pati\Desktop\tdsskiller.exe
[2012/12/11 09:45:16 | 005,011,065 | ---- | C] (Swearware) -- C:\Users\Pati\Desktop\ComboFix.exe
[2012/12/10 19:11:48 | 002,712,200 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Users\Pati\Desktop\procexp.exe
[2012/12/10 14:55:24 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Scan
[2012/12/10 14:54:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2012/12/10 14:54:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kaspersky Lab
[2012/12/10 14:02:55 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Pati\Desktop\OTL.exe
[2012/12/10 13:37:26 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO
[2012/12/10 13:35:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo
[2012/12/10 13:31:32 | 000,000,000 | ---D | C] -- C:\ProgramData\CPA_VA
[2012/12/09 14:50:27 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Local\TechSmith
[2012/12/09 14:43:23 | 000,000,000 | ---D | C] -- C:\Users\Pati\Documents\SnagIt Catalog
[2012/12/08 18:13:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PeerBlock
[2012/12/08 18:13:49 | 000,000,000 | ---D | C] -- C:\Program Files\PeerBlock
[2012/12/08 16:19:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Foxit Software
[2012/12/08 15:21:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2012/12/08 11:23:02 | 000,000,000 | ---D | C] -- C:\Windows\CheckSur
[2012/12/08 10:16:15 | 000,000,000 | ---D | C] -- C:\Symbols
[2012/12/07 22:08:31 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\SSW
[2012/12/07 22:08:28 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SSW Diagnostics 5.52
[2012/12/07 22:07:26 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Local\Deployment
[2012/12/06 01:16:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster
[2012/12/06 01:16:23 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSSTDFMT.DLL
[2012/12/06 01:16:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpywareBlaster
[2012/12/05 23:21:00 | 000,000,000 | ---D | C] -- C:\Users\Pati\Desktop\RK_Quarantine
[2012/12/05 19:56:17 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\QuickScan
[2012/12/05 19:12:58 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
[2012/12/05 17:26:27 | 000,000,000 | ---D | C] -- C:\Make_PE3
[2012/12/05 15:12:47 | 000,000,000 | ---D | C] -- C:\Users\Pati\Documents\ProcAlyzer Dumps
[2012/12/05 14:42:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012/12/05 14:42:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2012/12/05 14:42:44 | 000,017,272 | ---- | C] (Safer Networking Limited) -- C:\Windows\SysNative\sdnclean64.exe
[2012/12/05 14:42:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2012/12/05 14:40:12 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Local\Programs
[2012/12/05 14:20:39 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\Malwarebytes
[2012/12/05 14:20:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/12/05 14:20:18 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/12/05 14:20:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/12/04 20:55:45 | 018,252,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2012/12/04 20:55:45 | 002,428,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2012/12/04 20:55:45 | 000,831,848 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2012/12/04 20:36:17 | 000,000,000 | ---D | C] -- C:\prueba
[2012/12/04 18:58:54 | 000,000,000 | ---D | C] -- C:\Users\Pati\SystemRequirementsLab
[2012/12/04 18:24:45 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\WinRAR
[2012/12/04 15:55:23 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Local\CrashDumps
[2012/12/04 15:46:43 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\mkvtoolnix
[2012/12/04 15:37:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MKVToolNix
[2012/12/04 15:37:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MKVToolNix
[2012/12/04 15:13:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2012/12/04 15:13:38 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2012/12/04 13:58:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rixane Interactive
[2012/12/04 01:19:21 | 000,000,000 | ---D | C] -- C:\JDownloader
[2012/12/04 01:15:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012/12/04 01:15:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/12/04 01:15:22 | 000,821,736 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2012/12/04 01:15:22 | 000,746,984 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2012/12/04 01:15:22 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012/12/04 01:15:16 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012/12/04 01:15:16 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012/12/04 01:15:16 | 000,095,208 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2012/12/04 01:15:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2012/12/03 23:40:49 | 000,000,000 | ---D | C] -- C:\descargas
[2012/12/03 23:37:39 | 000,000,000 | ---D | C] -- C:\uTorrent 2.2.1
[2012/12/03 23:33:34 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\uTorrent
[2012/12/03 19:50:00 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Local\Macromedia
[2012/12/03 19:49:19 | 000,696,760 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/12/03 19:49:19 | 000,073,656 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/12/03 19:49:18 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012/12/03 19:47:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012/12/03 19:12:00 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Local\Apps
[2012/12/03 15:39:13 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\COMODO
[2012/12/02 23:00:21 | 000,000,000 | ---D | C] -- C:\iconos sistema
[2012/12/02 22:58:48 | 000,000,000 | ---D | C] -- C:\Windows\Amazing Bubbles 3D
[2012/12/02 19:32:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
[2012/12/02 19:32:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Comodo
[2012/12/02 19:32:13 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gdiplus.dll
[2012/12/02 19:32:13 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc71.dll
[2012/12/02 19:08:19 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012/12/02 18:55:10 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\Ashampoo
[2012/12/02 18:54:35 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Local\ashampoo
[2012/12/02 18:54:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
[2012/12/02 18:54:35 | 000,000,000 | ---D | C] -- C:\ProgramData\ashampoo
[2012/12/02 18:54:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ashampoo
[2012/12/02 18:27:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\[bleep] NFO Viewer
[2012/12/02 18:12:46 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Local\Diagnostics
[2012/12/02 17:28:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CD Catalog Expert
[2012/12/02 17:28:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CD Catalog Expert
[2012/12/02 16:49:42 | 000,000,000 | ---D | C] -- C:\Archivos de programa
[2012/12/02 16:47:11 | 000,000,000 | R--D | C] -- C:\juegos
[2012/12/02 16:46:32 | 000,393,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ssflwbox.scr
[2012/12/02 16:46:32 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ssbezier.scr
[2012/12/02 16:46:32 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ssstars.scr
[2012/12/02 15:34:25 | 000,000,000 | ---D | C] -- C:\recuperacion
[2012/12/02 15:07:03 | 000,000,000 | ---D | C] -- C:\eSupport
[2012/12/02 15:05:22 | 000,000,000 | ---D | C] -- C:\WIMAPPLY
[2012/12/02 14:45:45 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012/12/02 14:42:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinRAR
[2012/12/02 14:40:51 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\SolSuite
[2012/12/02 14:40:35 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SolSuite - Solitaire Card Games
[2012/12/02 14:40:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SolSuite - Solitaire Card Games
[2012/12/02 14:40:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SolSuite
[2012/12/02 14:34:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite
[2012/12/02 14:32:59 | 000,285,280 | ---- | C] (Acronis) -- C:\Windows\SysNative\drivers\afcdp.sys
[2012/12/02 14:32:57 | 001,263,200 | ---- | C] (Acronis) -- C:\Windows\SysNative\drivers\tdrpm273.sys
[2012/12/02 14:32:55 | 000,970,336 | ---- | C] (Acronis) -- C:\Windows\SysNative\drivers\timntr.sys
[2012/12/02 14:32:52 | 000,277,088 | ---- | C] (Acronis) -- C:\Windows\SysNative\drivers\snapman.sys
[2012/12/02 14:32:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
[2012/12/02 14:32:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Acronis
[2012/12/02 14:32:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Acronis
[2012/12/02 14:32:15 | 000,000,000 | ---D | C] -- C:\ProgramData\USBChargerPlus
[2012/12/02 14:31:08 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\Acronis
[2012/12/02 14:31:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Acronis
[2012/12/02 14:29:39 | 000,029,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3a.dll
[2012/12/02 14:26:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS Video Magic
[2012/12/02 14:26:10 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\CyberLink
[2012/12/02 14:26:01 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Local\Cyberlink
[2012/12/02 14:25:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CyberLink
[2012/12/02 14:25:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp
[2012/12/02 14:25:46 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2012/12/02 14:24:55 | 000,000,000 | -H-D | C] -- C:\ExpressGateUtil
[2012/12/02 14:23:46 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2012/12/02 14:23:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS Music Maker
[2012/12/02 14:23:15 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\ASUS Music Maker
[2012/12/02 14:23:15 | 000,000,000 | ---D | C] -- C:\ProgramData\ASUS Music Maker
[2012/12/02 14:23:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASUS Music Maker
[2012/12/02 14:23:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\MAGIX Services
[2012/12/02 14:23:08 | 000,000,000 | ---D | C] -- C:\ProgramData\MAGIX
[2012/12/02 14:22:58 | 000,016,768 | ---- | C] (ASUSTek Computer Inc.) -- C:\Windows\SysNative\drivers\AiCharger.sys
[2012/12/02 14:22:55 | 000,379,520 | ---- | C] (ASUSTeK Computer Inc.) -- C:\Windows\SysNative\FBAgent.exe
[2012/12/02 14:22:55 | 000,000,000 | ---D | C] -- C:\Program Files\ASUS
[2012/12/02 14:22:45 | 000,520,192 | ---- | C] (ScreenTime Media) -- C:\Windows\SysWow64\ASUS_Screensaver.scr
[2012/12/02 14:22:45 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ASUS_Screensaver dir
[2012/12/02 14:22:42 | 003,058,304 | ---- | C] (ASUS) -- C:\Windows\AsScrPro.exe
[2012/12/02 14:22:41 | 000,155,648 | ---- | C] (ASUSTeK) -- C:\Windows\SysWow64\ACEngSvr.exe
[2012/12/02 14:22:32 | 000,000,000 | ---D | C] -- C:\ProgramData\P4G
[2012/12/02 14:22:32 | 000,000,000 | ---D | C] -- C:\Program Files\P4G
[2012/12/02 14:21:59 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer
[2012/12/02 14:21:56 | 002,769,920 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\athrx.sys
[2012/12/02 14:21:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Qualcomm Atheros WiFi Driver Installation
[2012/12/02 14:21:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\The KMPlayer
[2012/12/02 14:21:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Qualcomm Atheros
[2012/12/02 14:21:02 | 000,428,136 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2012/12/02 14:21:02 | 000,107,552 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RTNUninst64.dll
[2012/12/02 14:20:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virage Logic, Corp
[2012/12/02 14:20:45 | 000,000,000 | ---D | C] -- C:\ProgramData\SonicFocus
[2012/12/02 14:20:43 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2012/12/02 14:20:43 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2012/12/02 14:20:34 | 003,209,320 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll
[2012/12/02 14:20:34 | 002,604,376 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll
[2012/12/02 14:20:34 | 002,519,656 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[2012/12/02 14:20:34 | 001,881,704 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
[2012/12/02 14:20:34 | 001,560,168 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl
[2012/12/02 14:20:34 | 001,510,912 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoRes64.dat
[2012/12/02 14:20:34 | 001,247,848 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
[2012/12/02 14:20:34 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2012/12/02 14:20:34 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2012/12/02 14:20:34 | 000,332,392 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll
[2012/12/02 14:20:34 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2012/12/02 14:20:34 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2012/12/02 14:20:34 | 000,221,024 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFNHK64.dll
[2012/12/02 14:20:34 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2012/12/02 14:20:34 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2012/12/02 14:20:34 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2012/12/02 14:20:34 | 000,180,048 | ---- | C] (Sonic Focus, Inc.) -- C:\Windows\SysNative\SFProc64.dll
[2012/12/02 14:20:34 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2012/12/02 14:20:34 | 000,149,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll
[2012/12/02 14:20:34 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2012/12/02 14:20:34 | 000,098,408 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInst64.dll
[2012/12/02 14:20:34 | 000,086,352 | ---- | C] (Sonic Focus, Inc.) -- C:\Windows\SysNative\SFComm64.dll
[2012/12/02 14:20:34 | 000,083,792 | ---- | C] (Sonic Focus, Inc.) -- C:\Windows\SysNative\SFSAPO64.dll
[2012/12/02 14:20:34 | 000,082,768 | ---- | C] (Sonic Focus, Inc.) -- C:\Windows\SysNative\SFHAPO64.dll
[2012/12/02 14:20:34 | 000,082,768 | ---- | C] (Sonic Focus, Inc.) -- C:\Windows\SysNative\SFDAPO64.dll
[2012/12/02 14:20:34 | 000,081,248 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFCOM64.dll
[2012/12/02 14:20:34 | 000,078,688 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFAPO64.dll
[2012/12/02 14:20:34 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2012/12/02 14:20:34 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll
[2012/12/02 14:20:33 | 002,132,824 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll
[2012/12/02 14:20:33 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2012/12/02 14:20:32 | 002,085,440 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2012/12/02 14:20:32 | 001,756,264 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll
[2012/12/02 14:20:32 | 001,698,408 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2012/12/02 14:20:32 | 001,568,360 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll
[2012/12/02 14:20:32 | 001,486,952 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll
[2012/12/02 14:20:32 | 000,728,680 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll
[2012/12/02 14:20:32 | 000,693,352 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll
[2012/12/02 14:20:32 | 000,491,112 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll
[2012/12/02 14:20:32 | 000,432,744 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll
[2012/12/02 14:20:32 | 000,428,648 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll
[2012/12/02 14:20:32 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll
[2012/12/02 14:20:32 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll
[2012/12/02 14:20:32 | 000,200,800 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll
[2012/12/02 14:20:32 | 000,108,960 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll
[2012/12/02 14:20:32 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2012/12/02 14:20:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2012/12/02 14:20:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2012/12/02 14:20:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Atheros
[2012/12/02 14:20:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel
[2012/12/02 14:19:54 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\NV
[2012/12/02 14:19:54 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\NV
[2012/12/02 14:18:35 | 000,000,000 | ---D | C] -- C:\ProgramData\AmUStor
[2012/12/02 14:18:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AmIcoSingLun
[2012/12/02 14:18:26 | 000,000,000 | ---D | C] -- C:\Program Files\Elantech
[2012/12/02 14:18:18 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\AI_RecycleBin
[2012/12/02 14:18:10 | 000,000,000 | ---D | C] -- C:\Program Files\Fresco Logic
[2012/12/02 14:17:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\postureAgent
[2012/12/02 14:17:55 | 000,056,344 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\HECIx64.sys
[2012/12/02 14:17:54 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2012/12/02 14:17:45 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2012/12/02 14:17:34 | 006,200,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2012/12/02 14:17:34 | 003,293,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2012/12/02 14:17:34 | 002,557,800 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2012/12/02 14:17:34 | 000,866,664 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nv3dappshext.dll
[2012/12/02 14:17:34 | 000,118,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2012/12/02 14:17:34 | 000,063,336 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2012/12/02 14:17:34 | 000,055,144 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nv3dappshextr.dll
[2012/12/02 14:17:23 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2012/12/02 14:17:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2012/12/02 14:17:08 | 001,760,104 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco64.dll
[2012/12/02 14:17:08 | 001,454,400 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco64.dll
[2012/12/02 14:17:08 | 000,973,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2012/12/02 14:17:08 | 000,371,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoptimusmft.dll
[2012/12/02 14:17:08 | 000,364,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdecodemft.dll
[2012/12/02 14:17:08 | 000,330,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoptimusmft.dll
[2012/12/02 14:17:08 | 000,301,888 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvdecodemft.dll
[2012/12/02 14:17:08 | 000,247,144 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2012/12/02 14:17:08 | 000,202,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2012/12/02 14:17:07 | 002,731,880 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2012/12/02 14:17:07 | 000,068,928 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2012/12/02 14:17:07 | 000,061,248 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2012/12/02 14:17:03 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2012/12/02 14:16:59 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
[2012/12/02 14:16:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel
[2012/12/02 14:16:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel
[2012/12/02 14:16:13 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2012/12/02 14:16:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2012/12/02 14:16:09 | 000,000,000 | ---D | C] -- C:\Intel
[2012/12/02 14:13:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Atheros
[2012/12/02 14:13:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bluetooth Suite
[2012/12/02 14:11:25 | 000,000,000 | ---D | C] -- C:\Windows\softwaredistribution.bak
[2012/12/02 14:11:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS Utility
[2012/12/02 14:07:54 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012/12/02 13:11:38 | 000,370,288 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2012/12/02 13:11:38 | 000,025,232 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012/12/02 13:11:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012/12/02 13:11:37 | 000,984,144 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2012/12/02 13:11:37 | 000,059,728 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2012/12/02 13:11:37 | 000,054,072 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2012/12/02 13:11:32 | 000,285,328 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2012/12/02 13:11:32 | 000,071,600 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012/12/02 13:11:12 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012/12/02 13:11:12 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012/12/02 13:11:03 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012/12/02 13:11:03 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012/12/02 12:53:15 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2012/12/02 12:53:15 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2012/12/02 12:52:57 | 001,448,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012/12/02 12:52:57 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012/12/02 12:52:56 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012/12/02 12:52:56 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012/12/02 12:43:45 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Local\ElevatedDiagnostics
[2012/12/02 12:43:36 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012/12/02 12:22:46 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys
[2012/12/02 12:22:46 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll
[2012/12/02 12:21:19 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\Mozilla
[2012/12/02 12:21:19 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Local\Mozilla
[2012/12/02 12:21:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012/12/02 12:21:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012/12/02 12:21:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012/12/02 12:17:47 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\Macromedia
[2012/12/02 12:17:46 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\Adobe
[2012/12/02 12:13:07 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/12/02 12:13:07 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/12/02 12:13:06 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/12/02 12:13:06 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/12/02 12:13:06 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/12/02 12:13:06 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/12/02 12:13:06 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/12/02 12:13:06 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/12/02 12:13:06 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/12/02 12:13:06 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/12/02 12:13:05 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/12/02 12:13:05 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/12/02 12:13:05 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/12/02 12:13:05 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/12/02 12:13:05 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012/12/02 12:08:22 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll
[2012/12/02 12:08:22 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
[2012/12/02 12:08:22 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
[2012/12/02 12:08:22 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll
[2012/12/02 12:03:30 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012/12/02 12:03:30 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2012/12/02 11:48:40 | 000,000,000 | ---D | C] -- C:\Portable Snagit 8.0.2
[2012/12/02 11:48:40 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Local\GHISLER
[2012/12/02 11:43:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy CD-DA Extractor 9.1
[2012/12/02 11:43:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Easy CD-DA Extractor 9
[2012/12/02 11:43:33 | 000,000,000 | ---D | C] -- C:\Windows\Easy CD-DA Extractor
[2012/12/02 11:36:18 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\Zeon
[2012/12/02 11:28:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Foxit Reader
[2012/12/02 11:24:48 | 001,465,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2012/12/02 11:24:48 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2012/12/02 11:21:32 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2012/12/02 11:21:32 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2012/12/02 11:21:32 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2012/12/02 11:21:32 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2012/12/02 11:21:32 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2012/12/02 11:21:32 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2012/12/02 11:21:31 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2012/12/02 11:21:31 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2012/12/02 11:21:31 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2012/12/02 11:21:31 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2012/12/02 11:21:31 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2012/12/02 11:21:31 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2012/12/02 11:21:31 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2012/12/02 11:21:31 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2012/12/02 11:21:31 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2012/12/02 11:21:31 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2012/12/02 11:21:31 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2012/12/02 11:21:31 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2012/12/02 11:21:31 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2012/12/02 11:21:31 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2012/12/02 11:21:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/12/02 11:21:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/12/02 11:21:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2012/12/02 11:21:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2012/12/02 11:21:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2012/12/02 11:21:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2012/12/02 11:21:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2012/12/02 11:21:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2012/12/02 11:21:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2012/12/02 11:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2012/12/02 11:21:31 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2012/12/02 11:20:54 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll
[2012/12/02 11:20:54 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll
[2012/12/02 11:20:54 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
[2012/12/02 11:19:23 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2012/12/02 11:19:23 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2012/12/02 11:19:23 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2012/12/02 11:19:23 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2012/12/02 11:18:36 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012/12/02 11:18:36 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012/12/02 11:18:36 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012/12/02 11:17:05 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ACD Systems
[2012/12/02 11:17:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ACD Systems
[2012/12/02 11:16:55 | 000,212,480 | ---- | C] (Eastman Kodak) -- C:\Windows\SysWow64\Pcdlib32.dll
[2012/12/02 11:16:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ACDSee32
[2012/12/02 11:16:17 | 001,544,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012/12/02 11:15:50 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2012/12/02 11:15:49 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/12/02 11:15:49 | 003,968,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/12/02 11:15:49 | 003,914,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/12/02 11:15:06 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2012/12/02 11:15:06 | 000,288,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2012/12/02 11:15:06 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll
[2012/12/02 11:15:06 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll
[2012/12/02 11:15:06 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll
[2012/12/02 11:15:06 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll
[2012/12/02 11:15:06 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll
[2012/12/02 11:15:06 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll
[2012/12/02 11:15:01 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2012/12/02 11:14:59 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe
[2012/12/02 11:14:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2012/12/02 11:14:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2012/12/02 11:14:57 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2012/12/02 11:14:57 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2012/12/02 11:14:54 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2012/12/02 11:14:54 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2012/12/02 11:14:54 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2012/12/02 11:14:53 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2012/12/02 11:14:53 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2012/12/02 11:14:52 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2012/12/02 11:14:52 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2012/12/02 11:14:52 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2012/12/02 11:14:51 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2012/12/02 11:14:51 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2012/12/02 11:14:51 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2012/12/02 11:14:51 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2012/12/02 11:14:50 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2012/12/02 11:14:50 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2012/12/02 11:14:50 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys
[2012/12/02 11:14:49 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012/12/02 11:14:48 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2012/12/02 11:14:48 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2012/12/02 11:14:48 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2012/12/02 11:14:48 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2012/12/02 11:14:47 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2012/12/02 11:14:47 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2012/12/02 11:14:46 | 000,574,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2012/12/02 11:14:46 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll
[2012/12/02 11:14:46 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll
[2012/12/02 11:14:46 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2012/12/02 11:14:40 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
[2012/12/02 11:13:14 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2012/12/02 11:13:14 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2012/12/02 11:13:14 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2012/12/02 11:13:13 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012/12/02 11:13:12 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012/12/02 11:11:10 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\ASUS WebStorage
[2012/12/02 11:09:01 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2012/12/02 11:09:01 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2012/12/02 11:07:53 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012/12/02 11:07:53 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012/12/02 11:02:32 | 002,770,944 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\athrx.sys
[2012/12/02 11:00:53 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012/12/02 11:00:53 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012/12/02 11:00:52 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012/12/02 11:00:44 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012/12/02 11:00:44 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012/12/02 11:00:43 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012/12/02 11:00:37 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012/12/02 11:00:37 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012/12/02 10:50:58 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Local\Power2Go
[2012/12/02 10:49:40 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Local\BMExplorer
[2012/12/02 10:49:40 | 000,000,000 | ---D | C] -- C:\Users\Pati\Documents\Bluetooth Folder
[2012/12/02 10:49:29 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\Atheros
[2012/12/02 10:48:28 | 000,000,000 | R--D | C] -- C:\Users\Pati\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012/12/02 10:48:28 | 000,000,000 | R--D | C] -- C:\Users\Pati\Searches
[2012/12/02 10:48:28 | 000,000,000 | R--D | C] -- C:\Users\Pati\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/12/02 10:48:21 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\Identities
[2012/12/02 10:48:19 | 000,000,000 | R--D | C] -- C:\Users\Pati\Contacts
[2012/12/02 10:48:04 | 000,000,000 | R-SD | C] -- C:\Users\Public\Desktop\ASUS
[2012/12/02 10:48:04 | 000,000,000 | ---D | C] -- C:\ProgramData\FolderView
[2012/12/02 10:47:47 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Local\VirtualStore
[2012/12/02 10:47:38 | 000,000,000 | --SD | C] -- C:\Users\Pati\AppData\Roaming\Microsoft
[2012/12/02 10:47:38 | 000,000,000 | R--D | C] -- C:\Users\Pati\Videos
[2012/12/02 10:47:38 | 000,000,000 | R--D | C] -- C:\Users\Pati\Saved Games
[2012/12/02 10:47:38 | 000,000,000 | R--D | C] -- C:\Users\Pati\Pictures
[2012/12/02 10:47:38 | 000,000,000 | R--D | C] -- C:\Users\Pati\Music
[2012/12/02 10:47:38 | 000,000,000 | R--D | C] -- C:\Users\Pati\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/12/02 10:47:38 | 000,000,000 | R--D | C] -- C:\Users\Pati\Links
[2012/12/02 10:47:38 | 000,000,000 | R--D | C] -- C:\Users\Pati\Favorites
[2012/12/02 10:47:38 | 000,000,000 | R--D | C] -- C:\Users\Pati\Downloads
[2012/12/02 10:47:38 | 000,000,000 | R--D | C] -- C:\Users\Pati\Documents
[2012/12/02 10:47:38 | 000,000,000 | R--D | C] -- C:\Users\Pati\Desktop
[2012/12/02 10:47:38 | 000,000,000 | R--D | C] -- C:\Users\Pati\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012/12/02 10:47:38 | 000,000,000 | -HSD | C] -- C:\Users\Pati\SendTo
[2012/12/02 10:47:38 | 000,000,000 | -HSD | C] -- C:\Users\Pati\Reciente
[2012/12/02 10:47:38 | 000,000,000 | -HSD | C] -- C:\Users\Pati\Plantillas
[2012/12/02 10:47:38 | 000,000,000 | -HSD | C] -- C:\Users\Pati\Documents\Mis vídeos
[2012/12/02 10:47:38 | 000,000,000 | -HSD | C] -- C:\Users\Pati\Documents\Mis imágenes
[2012/12/02 10:47:38 | 000,000,000 | -HSD | C] -- C:\Users\Pati\Mis documentos
[2012/12/02 10:47:38 | 000,000,000 | -HSD | C] -- C:\Users\Pati\Documents\Mi música
[2012/12/02 10:47:38 | 000,000,000 | -HSD | C] -- C:\Users\Pati\Menú Inicio
[2012/12/02 10:47:38 | 000,000,000 | -HSD | C] -- C:\Users\Pati\Impresoras
[2012/12/02 10:47:38 | 000,000,000 | -HSD | C] -- C:\Users\Pati\AppData\Local\Historial
[2012/12/02 10:47:38 | 000,000,000 | -HSD | C] -- C:\Users\Pati\Entorno de red
[2012/12/02 10:47:38 | 000,000,000 | -HSD | C] -- C:\Users\Pati\Datos de programa
[2012/12/02 10:47:38 | 000,000,000 | -HSD | C] -- C:\Users\Pati\AppData\Local\Datos de programa
[2012/12/02 10:47:38 | 000,000,000 | -HSD | C] -- C:\Users\Pati\Cookies
[2012/12/02 10:47:38 | 000,000,000 | -HSD | C] -- C:\Users\Pati\Configuración local
[2012/12/02 10:47:38 | 000,000,000 | -HSD | C] -- C:\Users\Pati\AppData\Local\Archivos temporales de Internet
[2012/12/02 10:47:38 | 000,000,000 | -H-D | C] -- C:\Users\Pati\AppData
[2012/12/02 10:47:38 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Local\Temp
[2012/12/02 10:47:38 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Local\Microsoft
[2012/12/02 10:47:38 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\Media Center Programs
[2012/12/02 10:47:38 | 000,000,000 | ---D | C] -- C:\Users\Pati\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASUS Video Magic
========== Files - Modified Within 30 Days ========== [2012/12/11 11:41:59 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/12/11 11:41:59 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/12/11 11:17:00 | 000,000,838 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/12/11 09:52:33 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Pati\Desktop\tdsskiller.exe
[2012/12/11 09:46:00 | 005,011,065 | ---- | M] (Swearware) -- C:\Users\Pati\Desktop\ComboFix.exe
[2012/12/11 09:18:43 | 000,003,656 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2012/12/11 09:18:16 | 000,045,056 | ---- | M] () -- C:\Windows\SysWow64\acovcnt.exe
[2012/12/11 09:17:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/12/11 09:17:39 | 2609,688,574 | -HS- | M] () -- C:\hiberfil.sys
[2012/12/10 19:14:44 | 000,061,440 | ---- | M] ( ) -- C:\Users\Pati\Desktop\VEW.exe
[2012/12/10 19:12:33 | 002,712,200 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Users\Pati\Desktop\procexp.exe
[2012/12/10 14:55:19 | 000,001,079 | ---- | M] () -- C:\Users\Pati\Desktop\Kaspersky Security Scan.lnk
[2012/12/10 13:37:59 | 000,001,846 | ---- | M] () -- C:\Users\Public\Desktop\COMODO Firewall.lnk
[2012/12/10 09:06:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Pati\Desktop\OTL.exe
[2012/12/08 18:13:49 | 000,001,738 | ---- | M] () -- C:\Users\Pati\Desktop\PeerBlock.lnk
[2012/12/08 16:19:11 | 000,001,128 | ---- | M] () -- C:\Users\Public\Desktop\Foxit Reader.lnk
[2012/12/08 14:01:22 | 001,701,346 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/12/08 14:01:22 | 000,756,898 | ---- | M] () -- C:\Windows\SysNative\perfh00A.dat
[2012/12/08 14:01:22 | 000,663,560 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/12/08 14:01:22 | 000,161,706 | ---- | M] () -- C:\Windows\SysNative\perfc00A.dat
[2012/12/08 14:01:22 | 000,124,832 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/12/06 09:29:55 | 000,001,368 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2012/12/06 01:16:24 | 000,001,081 | ---- | M] () -- C:\Users\Pati\Desktop\SpywareBlaster.lnk
[2012/12/05 19:12:58 | 000,002,514 | ---- | M] () -- C:\Users\Pati\Desktop\Windows 7 USB DVD Download Tool.lnk
[2012/12/05 19:05:01 | 000,001,085 | ---- | M] () -- C:\Users\Pati\Desktop\Phenomenon. La Ciudad del Cian_.exe - Acceso directo.lnk
[2012/12/05 19:04:52 | 000,002,008 | ---- | M] () -- C:\Users\Pati\Desktop\jugar amazingadventuresthecaribbeansecrettm.exe - Acceso directo.lnk
[2012/12/05 14:42:49 | 000,002,175 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2012/12/05 14:20:19 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/12/04 22:40:53 | 000,007,626 | ---- | M] () -- C:\Users\Pati\AppData\Local\Resmon.ResmonCfg
[2012/12/04 20:29:30 | 000,002,562 | ---- | M] () -- C:\Windows\diagwrn.xml
[2012/12/04 20:29:30 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml
[2012/12/04 18:24:44 | 3252,027,392 | R--- | M] () -- C:\X17-58859.iso
[2012/12/04 15:55:53 | 000,001,860 | ---- | M] () -- C:\Users\Pati\Desktop\burningstudio8.lnk
[2012/12/04 15:37:18 | 000,001,864 | ---- | M] () -- C:\Users\Public\Desktop\mkvmerge GUI.lnk
[2012/12/04 15:15:50 | 000,001,124 | ---- | M] () -- C:\Users\Pati\Desktop\7zFM.exe - Acceso directo.lnk
[2012/12/04 13:58:35 | 000,000,893 | ---- | M] () -- C:\Users\Pati\Desktop\Amazing Bubbles 3D Screensaver.lnk
[2012/12/04 13:17:25 | 000,002,140 | ---- | M] () -- C:\Users\Pati\Desktop\IrfanViewPortable.lnk
[2012/12/04 13:14:30 | 000,001,819 | ---- | M] () -- C:\Users\Pati\Desktop\ACDSee 32.lnk
[2012/12/04 01:23:55 | 000,001,598 | ---- | M] () -- C:\Users\Pati\Desktop\JDownloader.lnk
[2012/12/04 01:15:12 | 000,095,208 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2012/12/04 01:15:11 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2012/12/04 01:15:11 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2012/12/04 01:15:11 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012/12/04 01:15:11 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012/12/04 01:15:11 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012/12/03 23:37:39 | 000,000,616 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent 2.2.1.lnk
[2012/12/03 20:17:27 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/12/03 20:17:27 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/12/02 23:22:46 | 000,001,929 | ---- | M] () -- C:\Users\Pati\Desktop\KMPlayer.lnk
[2012/12/02 19:33:58 | 000,000,272 | ---- | M] () -- C:\Windows\SysNative\drivers\sfi.dat
[2012/12/02 19:32:17 | 000,001,112 | ---- | M] () -- C:\Users\Public\Desktop\Comodo Dragon.lnk
[2012/12/02 19:32:13 | 001,700,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\gdiplus.dll
[2012/12/02 19:32:13 | 001,060,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc71.dll
[2012/12/02 19:08:20 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/12/02 18:23:28 | 000,001,511 | ---- | M] () -- C:\Users\Pati\Desktop\Total Commander.lnk
[2012/12/02 17:28:45 | 000,000,959 | ---- | M] () -- C:\Users\Pati\Desktop\CD Catalog Expert.lnk
[2012/12/02 15:44:46 | 000,001,160 | ---- | M] () -- C:\Users\Pati\Desktop\IPE - Acceso directo.lnk
[2012/12/02 14:44:14 | 000,192,264 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2012/12/02 14:44:14 | 000,192,264 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2012/12/02 14:43:27 | 000,000,991 | ---- | M] () -- C:\Users\Public\Desktop\WinRAR.lnk
[2012/12/02 14:40:35 | 000,000,945 | ---- | M] () -- C:\Users\Pati\Desktop\SolSuite.lnk
[2012/12/02 14:32:59 | 000,285,280 | ---- | M] (Acronis) -- C:\Windows\SysNative\drivers\afcdp.sys
[2012/12/02 14:32:57 | 001,263,200 | ---- | M] (Acronis) -- C:\Windows\SysNative\drivers\tdrpm273.sys
[2012/12/02 14:32:55 | 000,970,336 | ---- | M] (Acronis) -- C:\Windows\SysNative\drivers\timntr.sys
[2012/12/02 14:32:52 | 000,277,088 | ---- | M] (Acronis) -- C:\Windows\SysNative\drivers\snapman.sys
[2012/12/02 14:32:47 | 000,001,141 | ---- | M] () -- C:\Users\Public\Desktop\Acronis True Image Home 2011.lnk
[2012/12/02 14:32:29 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\1043_ASUSTEK_N53SM_V20_WIN7.MRK
[2012/12/02 14:29:37 | 000,029,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3a.dll
[2012/12/02 14:23:46 | 000,001,065 | ---- | M] () -- C:\Users\Pati\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel® Turbo Boost Technology Monitor 2.0.lnk
[2012/12/02 14:23:33 | 000,000,716 | ---- | M] () -- C:\Users\Public\Desktop\eManual.Lnk
[2012/12/02 14:22:45 | 000,520,192 | ---- | M] (ScreenTime Media) -- C:\Windows\SysWow64\ASUS_Screensaver.scr
[2012/12/02 14:22:43 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
[2012/12/02 14:20:20 | 000,019,194 | ---- | M] () -- C:\Windows\SysNative\results.xml
[2012/12/02 14:18:13 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_FLxHCIc_01009.Wdf
[2012/12/02 14:15:33 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_btath_hcrp_01009.Wdf
[2012/12/02 14:14:27 | 000,246,804 | ---- | M] () -- C:\Windows\SysNative\drivers\AtherosBt.bin
[2012/12/02 14:14:27 | 000,001,242 | ---- | M] () -- C:\Windows\SysNative\drivers\ramps_0x01020200_40_0x01.dfu
[2012/12/02 14:14:27 | 000,001,204 | ---- | M] () -- C:\Windows\SysNative\drivers\ramps_0x01020200_40_0x02.dfu
[2012/12/02 14:14:27 | 000,001,204 | ---- | M] () -- C:\Windows\SysNative\drivers\ramps_0x01020200_40.dfu
[2012/12/02 14:14:27 | 000,001,198 | ---- | M] () -- C:\Windows\SysNative\drivers\ramps_0x01020200_26.dfu
[2012/12/02 13:11:38 | 000,001,960 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012/12/02 13:11:32 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012/12/02 12:36:22 | 000,358,696 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/12/02 12:28:01 | 004,465,036 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/12/02 12:21:14 | 000,001,149 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/12/02 11:49:22 | 000,001,285 | ---- | M] () -- C:\Users\Pati\Desktop\SnagIt32.lnk
[2012/12/02 11:43:34 | 000,002,004 | ---- | M] () -- C:\Users\Public\Desktop\Easy CD-DA Extractor.lnk
[2012/12/02 11:01:16 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\1043_ASUSTeK_N53SM.alu
[2012/12/02 10:47:16 | 000,000,080 | ---- | M] () -- C:\Windows\SysNative\Defrag.ini
========== Files Created - No Company Name ========== [2012/12/10 19:14:43 | 000,061,440 | ---- | C] ( ) -- C:\Users\Pati\Desktop\VEW.exe
[2012/12/10 14:55:24 | 000,001,079 | ---- | C] () -- C:\Users\Pati\Desktop\Kaspersky Security Scan.lnk
[2012/12/10 13:37:59 | 000,001,846 | ---- | C] () -- C:\Users\Public\Desktop\COMODO Firewall.lnk
[2012/12/08 18:13:49 | 000,001,738 | ---- | C] () -- C:\Users\Pati\Desktop\PeerBlock.lnk
[2012/12/08 16:19:11 | 000,001,128 | ---- | C] () -- C:\Users\Public\Desktop\Foxit Reader.lnk
[2012/12/06 01:16:24 | 000,001,081 | ---- | C] () -- C:\Users\Pati\Desktop\SpywareBlaster.lnk
[2012/12/05 19:12:58 | 000,002,514 | ---- | C] () -- C:\Users\Pati\Desktop\Windows 7 USB DVD Download Tool.lnk
[2012/12/05 19:05:01 | 000,001,085 | ---- | C] () -- C:\Users\Pati\Desktop\Phenomenon. La Ciudad del Cian_.exe - Acceso directo.lnk
[2012/12/05 19:04:52 | 000,002,008 | ---- | C] () -- C:\Users\Pati\Desktop\jugar amazingadventuresthecaribbeansecrettm.exe - Acceso directo.lnk
[2012/12/05 14:42:49 | 000,002,187 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2012/12/05 14:42:49 | 000,002,175 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2012/12/05 14:20:19 | 000,001,111 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/12/04 22:40:53 | 000,007,626 | ---- | C] () -- C:\Users\Pati\AppData\Local\Resmon.ResmonCfg
[2012/12/04 20:28:32 | 000,002,562 | ---- | C] () -- C:\Windows\diagwrn.xml
[2012/12/04 20:28:32 | 000,001,908 | ---- | C] () -- C:\Windows\diagerr.xml
[2012/12/04 15:55:53 | 000,001,860 | ---- | C] () -- C:\Users\Pati\Desktop\burningstudio8.lnk
[2012/12/04 15:37:18 | 000,001,864 | ---- | C] () -- C:\Users\Public\Desktop\mkvmerge GUI.lnk
[2012/12/04 15:17:32 | 3252,027,392 | R--- | C] () -- C:\X17-58859.iso
[2012/12/04 15:15:50 | 000,001,124 | ---- | C] () -- C:\Users\Pati\Desktop\7zFM.exe - Acceso directo.lnk
[2012/12/04 13:58:35 | 001,122,304 | ---- | C] () -- C:\Windows\SysWow64\Amazing_Bubbles_3D.scr
[2012/12/04 13:58:35 | 000,000,893 | ---- | C] () -- C:\Users\Pati\Desktop\Amazing Bubbles 3D Screensaver.lnk
[2012/12/04 13:58:35 | 000,000,081 | ---- | C] () -- C:\Windows\amazing-bubbles-3D-homepage.url
[2012/12/04 12:10:04 | 000,000,046 | ---- | C] () -- C:\Windows\rixane-screensavers.url
[2012/12/04 01:23:55 | 000,001,598 | ---- | C] () -- C:\Users\Pati\Desktop\JDownloader.lnk
[2012/12/04 01:23:49 | 000,001,562 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
[2012/12/04 01:23:49 | 000,001,506 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Uninstaller.lnk
[2012/12/04 01:23:49 | 000,001,485 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
[2012/12/03 23:37:39 | 000,000,616 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent 2.2.1.lnk
[2012/12/03 19:49:20 | 000,000,838 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/12/02 23:28:27 | 000,002,140 | ---- | C] () -- C:\Users\Pati\Desktop\IrfanViewPortable.lnk
[2012/12/02 19:33:58 | 000,000,272 | ---- | C] () -- C:\Windows\SysNative\drivers\sfi.dat
[2012/12/02 19:32:17 | 000,001,112 | ---- | C] () -- C:\Users\Public\Desktop\Comodo Dragon.lnk
[2012/12/02 19:08:20 | 000,000,824 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/12/02 17:28:45 | 000,000,959 | ---- | C] () -- C:\Users\Pati\Desktop\CD Catalog Expert.lnk
[2012/12/02 16:53:35 | 000,072,448 | ---- | C] () -- C:\Windows\SysWow64\MYICONS.DLL
[2012/12/02 15:44:46 | 000,001,160 | ---- | C] () -- C:\Users\Pati\Desktop\IPE - Acceso directo.lnk
[2012/12/02 14:43:27 | 000,000,991 | ---- | C] () -- C:\Users\Public\Desktop\WinRAR.lnk
[2012/12/02 14:40:35 | 000,000,957 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SolSuite.lnk
[2012/12/02 14:40:35 | 000,000,945 | ---- | C] () -- C:\Users\Pati\Desktop\SolSuite.lnk
[2012/12/02 14:32:47 | 000,001,141 | ---- | C] () -- C:\Users\Public\Desktop\Acronis True Image Home 2011.lnk
[2012/12/02 14:32:29 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\1043_ASUSTEK_N53SM_V20_WIN7.MRK
[2012/12/02 14:32:14 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\acovcnt.exe
[2012/12/02 14:23:33 | 000,000,716 | ---- | C] () -- C:\Users\Public\Desktop\eManual.Lnk
[2012/12/02 14:22:55 | 000,003,656 | ---- | C] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2012/12/02 14:22:55 | 000,001,368 | ---- | C] () -- C:\Windows\SysNative\ServiceFilter.ini
[2012/12/02 14:22:55 | 000,000,105 | ---- | C] () -- C:\Windows\SysNative\FastBoot.ini
[2012/12/02 14:22:55 | 000,000,080 | ---- | C] () -- C:\Windows\SysNative\Defrag.ini
[2012/12/02 14:22:55 | 000,000,052 | ---- | C] () -- C:\Windows\SysNative\RemoveFont.ini
[2012/12/02 14:22:55 | 000,000,015 | ---- | C] () -- C:\Windows\SysNative\BootTime.ini
[2012/12/02 14:22:36 | 000,003,116 | ---- | C] () -- C:\Windows\SysNative\wimfltr.inf
[2012/12/02 14:22:00 | 000,001,929 | ---- | C] () -- C:\Users\Pati\Desktop\KMPlayer.lnk
[2012/12/02 14:21:56 | 000,443,274 | ---- | C] () -- C:\Windows\SysNative\netathrx.inf
[2012/12/02 14:21:56 | 000,068,275 | ---- | C] () -- C:\Windows\SysNative\athrextx.cat
[2012/12/02 14:21:35 | 000,001,083 | ---- | C] () -- C:\setup.iss
[2012/12/02 14:21:02 | 000,074,272 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll
[2012/12/02 14:20:20 | 000,019,194 | ---- | C] () -- C:\Windows\SysNative\results.xml
[2012/12/02 14:18:19 | 000,154,240 | ---- | C] () -- C:\Windows\AsPatch10430001.exe
[2012/12/02 14:18:13 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_FLxHCIc_01009.Wdf
[2012/12/02 14:18:02 | 000,008,192 | ---- | C] () -- C:\Windows\SysNative\drivers\IntelMEFWVer.dll
[2012/12/02 14:17:34 | 003,536,817 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin
[2012/12/02 14:17:08 | 000,016,127 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2012/12/02 14:15:33 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_btath_hcrp_01009.Wdf
[2012/12/02 14:07:55 | 2609,688,574 | -HS- | C] () -- C:\hiberfil.sys
[2012/12/02 13:11:38 | 000,001,960 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012/12/02 13:11:32 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2012/12/02 12:22:46 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012/12/02 12:21:14 | 000,001,161 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/12/02 12:21:14 | 000,001,149 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/12/02 12:08:22 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012/12/02 11:49:22 | 000,001,285 | ---- | C] () -- C:\Users\Pati\Desktop\SnagIt32.lnk
[2012/12/02 11:43:34 | 000,002,004 | ---- | C] () -- C:\Users\Public\Desktop\Easy CD-DA Extractor.lnk
[2012/12/02 11:17:05 | 000,001,819 | ---- | C] () -- C:\Users\Pati\Desktop\ACDSee 32.lnk
[2012/12/02 11:14:40 | 000,001,511 | ---- | C] () -- C:\Users\Pati\Desktop\Total Commander.lnk
[2012/12/02 11:01:16 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\1043_ASUSTeK_N53SM.alu
[2012/12/02 10:49:34 | 000,001,065 | ---- | C] () -- C:\Users\Pati\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel® Turbo Boost Technology Monitor 2.0.lnk
[2012/12/02 10:49:21 | 000,001,395 | ---- | C] () -- C:\Users\Pati\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012/12/02 10:48:35 | 000,001,429 | ---- | C] () -- C:\Users\Pati\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/10/10 02:22:34 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012/10/10 02:22:28 | 000,272,928 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng600.bin
[2012/10/10 02:22:20 | 000,963,452 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng600.bin
[2011/11/03 09:46:43 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011/11/03 09:46:40 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011/11/03 09:46:35 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011/10/18 01:17:57 | 004,465,036 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
========== ZeroAccess Check ========== [2009/07/14 01:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 02:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 01:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 22:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 09:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 22:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ========== [2012/12/02 14:57:27 | 000,000,000 | ---D | M] -- C:\Users\Pati\AppData\Roaming\Acronis
[2012/12/02 18:55:10 | 000,000,000 | ---D | M] -- C:\Users\Pati\AppData\Roaming\Ashampoo
[2012/12/02 11:11:10 | 000,000,000 | ---D | M] -- C:\Users\Pati\AppData\Roaming\ASUS WebStorage
[2012/12/04 15:46:43 | 000,000,000 | ---D | M] -- C:\Users\Pati\AppData\Roaming\mkvtoolnix
[2012/12/05 19:56:33 | 000,000,000 | ---D | M] -- C:\Users\Pati\AppData\Roaming\QuickScan
[2012/12/11 00:10:20 | 000,000,000 | ---D | M] -- C:\Users\Pati\AppData\Roaming\SolSuite
[2012/12/07 22:08:31 | 000,000,000 | ---D | M] -- C:\Users\Pati\AppData\Roaming\SSW
[2012/12/04 00:02:51 | 000,000,000 | ---D | M] -- C:\Users\Pati\AppData\Roaming\uTorrent
[2012/12/02 11:36:18 | 000,000,000 | ---D | M] -- C:\Users\Pati\AppData\Roaming\Zeon
========== Purity Check ========== ========== Custom Scans ========== ========== Drive Information ========== Physical Drives
---------------
Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: ST9750420AS
Partitions: 2
Status: OK
Status Info: 0
Partitions
---------------
DeviceID: Disk #0, Partition #0
PartitionType: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 25,00GB
Starting Offset: 1048576
Hidden sectors: 0
DeviceID: Disk #0, Partition #1
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 674,00GB
Starting Offset: 26844594176
Hidden sectors: 0
< %SYSTEMDRIVE%\*.exe > < %systemroot%\assembly\GAC_32\*.ini > < %systemroot%\assembly\GAC_64\*.ini > < %SYSTEMDRIVE%\*.exe > < %ALLUSERSPROFILE%\Application Data\*.exe > < %APPDATA%\*. >[2012/12/02 14:57:27 | 000,000,000 | ---D | M] -- C:\Users\Pati\AppData\Roaming\Acronis
[2012/12/02 12:17:46 | 000,000,000 | ---D | M] -- C:\Users\Pati\AppData\Roaming\Adobe
[2012/12/02 18:55:10 | 000,000,000 | ---D | M] -- C:\Users\Pati\AppData\Roaming\Ashampoo
[2012/12/02 11:11:10 | 000,000,000 | ---D | M] -- C:\Users\Pati\AppData\Roaming\ASUS WebStorage
[2012/12/02 14:54:03 | 000,000,000 | ---D | M] -- C:\Users\Pati\AppData\Roaming\Atheros
[2012/12/02 14:26:10 | 000,000,000 | ---D | M] -- C:\Users\Pati\AppData\Roaming\CyberLink
[2012/12/02 10:48:21 | 000,000,000 | ---D | M] -- C:\Users\Pati\AppData\Roaming\Identities
[2012/12/02 12:17:47 | 000,000,000 | ---D | M] -- C:\Users\Pati\AppData\Roaming\Macromedia
[2012/12/05 14:20:39 | 000,000,000 | ---D | M] -- C:\Users\Pati\AppData\Roaming\Malwarebytes
[2009/07/14 04:44:38 | 000,000,000 | ---D | M] -- C:\Users\Pati\AppData\Roaming\Media Center Programs
[2012/12/05 19:12:58 | 000,000,000 | --SD | M] -- C:\Users\Pati\AppData\Roaming\Microsoft
[2012/12/04 15:46:43 | 000,000,000 | ---D | M] -- C:\Users\Pati\AppData\Roaming\mkvtoolnix
[2012/12/02 12:21:27 | 000,000,000 | ---D | M] -- C:\Users\Pati\AppData\Roaming\Mozilla
[2012/12/05 19:56:33 | 000,000,000 | ---D | M] -- C:\Users\Pati\AppData\Roaming\QuickScan
[2012/12/11 00:10:20 | 000,000,000 | ---D | M] -- C:\Users\Pati\AppData\Roaming\SolSuite
[2012/12/07 22:08:31 | 000,000,000 | ---D | M] -- C:\Users\Pati\AppData\Roaming\SSW
[2012/12/04 00:02:51 | 000,000,000 | ---D | M] -- C:\Users\Pati\AppData\Roaming\uTorrent
[2012/12/04 18:24:45 | 000,000,000 | ---D | M] -- C:\Users\Pati\AppData\Roaming\WinRAR
[2012/12/02 11:36:18 | 000,000,000 | ---D | M] -- C:\Users\Pati\AppData\Roaming\Zeon
< MD5 for: ATAPI.SYS >[2009/07/13 22:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/13 22:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/13 22:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009/07/13 22:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2004/08/03 18:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\compartida\Patricia\backup drivers de mi anterior XP\Canal IDE principal\atapi.sys
[2004/08/03 18:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\compartida\Patricia\backup drivers de mi anterior XP\Canal IDE secundario\atapi.sys
< MD5 for: CSRSS.EXE >[2009/07/13 22:39:02 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=60C2862B4BF0FD9F582EF344C2B1EC72 -- C:\Windows\SysNative\csrss.exe
[2009/07/13 22:39:02 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=60C2862B4BF0FD9F582EF344C2B1EC72 -- C:\Windows\winsxs\amd64_microsoft-windows-csrss_31bf3856ad364e35_6.1.7600.16385_none_b4d8d57efdc6b4f3\csrss.exe
< MD5 for: EXPLORER.EXE >[2011/10/18 00:40:45 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/10/18 00:40:45 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/13 22:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/10/18 00:40:45 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2011/10/18 00:40:45 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/10/18 00:40:45 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Make_PE3\PE3_mod\WIN7_add\amd64\Windows\explorer.exe
[2011/10/18 00:40:45 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/10/18 00:40:45 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/10/18 00:40:45 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 09:17:10 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/11/21 14:08:56 | 003,039,744 | ---- | M] (Microsoft Corporation) MD5=61174E79C6F5D6A7DE13F0791AD531C1 -- C:\recuperacion\Ultimate Windows Customizer\Tools\explorer.exe
[2008/03/26 15:40:00 | 000,188,928 | ---- | M] (Boa Software) MD5=7AB49E271927AF205197A9B4541FB9B5 -- C:\Make_PE3\PE3_mod\PE3_add\amd64\Program Files (x86)\BSExplorer\explorer.exe
[2008/03/26 15:40:00 | 000,188,928 | ---- | M] (Boa Software) MD5=7AB49E271927AF205197A9B4541FB9B5 -- C:\Make_PE3\PE3_mod\PE3_add\ia64\Program Files (x86)\BSExplorer\explorer.exe
[2008/03/26 15:40:00 | 000,188,928 | ---- | M] (Boa Software) MD5=7AB49E271927AF205197A9B4541FB9B5 -- C:\Make_PE3\PE3_mod\PE3_add\x86\Program Files\BSExplorer\explorer.exe
[2008/03/26 15:40:00 | 000,188,928 | ---- | M] (Boa Software) MD5=7AB49E271927AF205197A9B4541FB9B5 -- C:\Make_PE3\PE3_mod\PE3_add\x86_min\Program Files\BSExplorer\explorer.exe
[2011/10/18 00:40:45 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/10/18 00:40:45 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/20 10:24:46 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009/07/13 22:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2011/10/18 00:40:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2012/11/13 14:07:52 | 003,906,584 | ---- | M] (Safer-Networking Ltd.) MD5=E4A0900CF535888DDD85B10040CA3E34 -- C:\Program Files (x86)\Spybot - Search & Destroy 2\explorer.exe
< MD5 for: MSWSOCK.DLL >[2009/07/13 22:15:51 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=11A41F17527ED75D6B758FDD7F4FD00D -- C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7600.16385_none_b829ad298e9f53ff\mswsock.dll
[2010/11/20 10:27:12 | 000,326,144 | ---- | M] (Microsoft Corporation) MD5=1D5185A4C7E6695431AE4B55C3D7D333 -- C:\Windows\SysNative\mswsock.dll
[2010/11/20 10:27:12 | 000,326,144 | ---- | M] (Microsoft Corporation) MD5=1D5185A4C7E6695431AE4B55C3D7D333 -- C:\Windows\winsxs\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.17514_none_16795c7543eb48cf\mswsock.dll
[2010/11/20 09:19:58 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=8999B8631C7FD9F7F9EC3CAFD953BA24 -- C:\Make_PE3\PE3_mod\WIN7_add\amd64\Windows\SysWow64\mswsock.dll
[2010/11/20 09:19:58 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=8999B8631C7FD9F7F9EC3CAFD953BA24 -- C:\Windows\SysWOW64\mswsock.dll
[2010/11/20 09:19:58 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=8999B8631C7FD9F7F9EC3CAFD953BA24 -- C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.17514_none_ba5ac0f18b8dd799\mswsock.dll
[2009/07/13 22:41:34 | 000,320,000 | ---- | M] (Microsoft Corporation) MD5=FC76FE3C1E1FDB761244D4F74EF560FD -- C:\Windows\winsxs\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7600.16385_none_144848ad46fcc535\mswsock.dll
< MD5 for: NAPINSP.DLL >[2009/07/13 22:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=0B7E85364CB878E2AD531DB7B601A9E5 -- C:\Windows\SysWOW64\NapiNSP.dll
[2009/07/13 22:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=0B7E85364CB878E2AD531DB7B601A9E5 -- C:\Windows\winsxs\x86_microsoft-windows-n..ider-infrastructure_31bf3856ad364e35_6.1.7600.16385_none_abf396ebf0847c31\NapiNSP.dll
[2009/07/13 22:41:52 | 000,068,096 | ---- | M] (Microsoft Corporation) MD5=58A0CDABEA255616827B1C22C9994466 -- C:\Windows\SysNative\NapiNSP.dll
[2009/07/13 22:41:52 | 000,068,096 | ---- | M] (Microsoft Corporation) MD5=58A0CDABEA255616827B1C22C9994466 -- C:\Windows\winsxs\amd64_microsoft-windows-n..ider-infrastructure_31bf3856ad364e35_6.1.7600.16385_none_0812326fa8e1ed67\NapiNSP.dll
< MD5 for: NLAAPI.DLL >[2009/07/13 22:16:03 | 000,051,712 | ---- | M] (Microsoft Corporation) MD5=045DB4EAB4FBD23210E85ECC3F464A2E -- C:\Windows\winsxs\wow64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7600.16385_none_cdcf91c058fc0e07\nlaapi.dll
[2012/01/13 04:12:03 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=0BA65122FFA7E37564EE86422DBF7AE8 -- C:\Windows\SysWOW64\nlaapi.dll
[2012/01/13 04:12:03 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=0BA65122FFA7E37564EE86422DBF7AE8 -- C:\Windows\winsxs\wow64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7601.17964_none_cfca9d84561311f2\nlaapi.dll
[2010/11/20 09:20:32 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=104A1070E90F1C530328E69B49718841 -- C:\Windows\winsxs\wow64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7601.17514_none_d000a58855ea91a1\nlaapi.dll
[2012/10/03 13:29:27 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=11B8C7970C10650827D060AA81BEE63F -- C:\Windows\winsxs\wow64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7601.22124_none_d07f52216f10753a\nlaapi.dll
[2010/11/20 10:27:24 | 000,070,656 | ---- | M] (Microsoft Corporation) MD5=2DF36F15B2BC1571A6A542A3C2107920 -- C:\Windows\winsxs\amd64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7601.17514_none_c5abfb362189cfa6\nlaapi.dll
[2012/10/03 14:44:21 | 000,070,656 | ---- | M] (Microsoft Corporation) MD5=46BB91A169B9B31FF44EB04C48EC1D41 -- C:\Windows\SysNative\nlaapi.dll
[2012/10/03 14:44:21 | 000,070,656 | ---- | M] (Microsoft Corporation) MD5=46BB91A169B9B31FF44EB04C48EC1D41 -- C:\Windows\winsxs\amd64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7601.17964_none_c575f33221b24ff7\nlaapi.dll
[2009/07/13 22:41:52 | 000,070,144 | ---- | M] (Microsoft Corporation) MD5=86E3822A34D454032D8E88C72AE8CF2D -- C:\Windows\winsxs\amd64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7600.16385_none_c37ae76e249b4c0c\nlaapi.dll
[2012/10/03 14:32:48 | 000,070,656 | ---- | M] (Microsoft Corporation) MD5=C98BCE54F31113D5E736C1097FD086DC -- C:\Windows\winsxs\amd64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7601.22124_none_c62aa7cf3aafb33f\nlaapi.dll
< MD5 for: PNRPNSP.DLL >[2009/07/13 22:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) MD5=5CF640EDDB1E40A5AB1BB743BCDEC610 -- C:\Windows\SysWOW64\pnrpnsp.dll
[2009/07/13 22:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) MD5=5CF640EDDB1E40A5AB1BB743BCDEC610 -- C:\Windows\winsxs\wow64_microsoft-windows-peertopeerpnrp_31bf3856ad364e35_6.1.7600.16385_none_d7c8b1ac70865dab\pnrpnsp.dll
[2009/07/13 22:41:53 | 000,086,016 | ---- | M] (Microsoft Corporation) MD5=613C8CE10A5FDE582BA5FA64C4D56AAA -- C:\Windows\SysNative\pnrpnsp.dll
[2009/07/13 22:41:53 | 000,086,016 | ---- | M] (Microsoft Corporation) MD5=613C8CE10A5FDE582BA5FA64C4D56AAA -- C:\Windows\winsxs\amd64_microsoft-windows-peertopeerpnrp_31bf3856ad364e35_6.1.7600.16385_none_cd74075a3c259bb0\pnrpnsp.dll
< MD5 for: PRINTISOLATIONHOST.EXE >[2009/07/13 22:39:27 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=22F020C76E339EB2B2187BA73A7E4173 -- C:\Windows\SysNative\PrintIsolationHost.exe
[2009/07/13 22:39:27 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=22F020C76E339EB2B2187BA73A7E4173 -- C:\Windows\winsxs\amd64_microsoft-windows-p..ng-server-isolation_31bf3856ad364e35_6.1.7600.16385_none_f8a40495785334a9\PrintIsolationHost.exe
< MD5 for: SERVICES.EXE >[2009/07/13 22:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009/07/13 22:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
< MD5 for: SVCHOST.EXE >[2009/07/13 22:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Make_PE3\PE3_mod\WIN7_add\amd64\Windows\SysWow64\svchost.exe
[2009/07/13 22:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/13 22:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2012/09/29 19:54:26 | 000,218,184 | ---- | M] () MD5=8846E87210AD131CF71E3E2E49F647B0 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009/07/13 22:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/13 22:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: USERINIT.EXE >[2010/11/20 09:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 09:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/13 22:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/13 22:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 10:25:26 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 10:25:26 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >[2010/11/20 10:25:32 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/20 10:25:32 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/13 22:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2012/09/29 19:54:26 | 000,218,184 | ---- | M] () MD5=8846E87210AD131CF71E3E2E49F647B0 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
< MD5 for: WINRNR.DLL >[2009/07/13 22:41:56 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=2E2072EB48238FCA8FBB7A9F5FABAC45 -- C:\Make_PE3\PE3_mod\WIN7_add\amd64\Windows\System32\winrnr.dll
[2009/07/13 22:41:56 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=2E2072EB48238FCA8FBB7A9F5FABAC45 -- C:\Windows\SysNative\winrnr.dll
[2009/07/13 22:41:56 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=2E2072EB48238FCA8FBB7A9F5FABAC45 -- C:\Windows\winsxs\amd64_microsoft-windows-dns-client-winrnr_31bf3856ad364e35_6.1.7600.16385_none_b543449669c73e11\winrnr.dll
[2009/07/13 22:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=5DF5D8CFD9B9573FA3B2C89D9061A240 -- C:\Make_PE3\PE3_mod\WIN7_add\amd64\Windows\SysWow64\winrnr.dll
[2009/07/13 22:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=5DF5D8CFD9B9573FA3B2C89D9061A240 -- C:\Windows\SysWOW64\winrnr.dll
[2009/07/13 22:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=5DF5D8CFD9B9573FA3B2C89D9061A240 -- C:\Windows\winsxs\x86_microsoft-windows-dns-client-winrnr_31bf3856ad364e35_6.1.7600.16385_none_5924a912b169ccdb\winrnr.dll
< MD5 for: WSHELPER.DLL >[2009/07/13 22:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) MD5=5B90BB3171504C9DAF3C5CB44B203CA7 -- C:\Windows\SysWOW64\wshelper.dll
[2009/07/13 22:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) MD5=5B90BB3171504C9DAF3C5CB44B203CA7 -- C:\Windows\winsxs\wow64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6ace9e67456cc40b\wshelper.dll
[2009/07/13 22:41:58 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=D314DA4B0B8DCD023D547FC568E34FB6 -- C:\Windows\SysNative\wshelper.dll
[2009/07/13 22:41:58 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=D314DA4B0B8DCD023D547FC568E34FB6 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6079f415110c0210\wshelper.dll
< %systemroot%\*. /mp /s > < hklm\software\clients\startmenuinternet|command /rs >HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/11/29 07:20:43 | 000,891,072 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/11/29 07:20:43 | 000,891,072 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/11/29 07:20:43 | 000,891,072 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files (x86)\Mozilla Firefox\firefox.exe [2012/11/29 05:26:08 | 000,916,960 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -preferences [2012/11/29 05:26:08 | 000,916,960 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -safe-mode [2012/11/29 05:26:08 | 000,916,960 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2011/03/28 20:24:08 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2011/03/28 20:24:08 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2011/03/28 20:24:08 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -extoff [2012/10/08 05:37:24 | 000,748,704 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files (x86)\Internet Explorer\iexplore.exe [2012/10/08 05:37:24 | 000,748,704 | ---- | M] (Microsoft Corporation)
< hklm\software\clients\startmenuinternet|command /64 /rs >64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /HIDESHORTCUTS [2012/11/29 07:20:43 | 000,891,072 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SHOWSHORTCUTS [2012/11/29 07:20:43 | 000,891,072 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SETASDEFAULTAPPGLOBAL [2012/11/29 07:20:43 | 000,891,072 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE [2012/11/29 05:26:08 | 000,916,960 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -PREFERENCES [2012/11/29 05:26:08 | 000,916,960 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -SAFE-MODE [2012/11/29 05:26:08 | 000,916,960 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2011/03/28 20:24:08 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2011/03/28 20:24:08 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2011/03/28 20:24:08 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2012/10/08 05:37:24 | 000,748,704 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE [2012/10/08 05:37:24 | 000,748,704 | ---- | M] (Microsoft Corporation)
< %systemroot%\system32\*.dll /lockedfiles > < %systemroot%\Tasks\*.job /lockedfiles > < %systemdrive%\$Recycle.Bin|@;true;true;true /fp > < %systemroot%\system32\drivers\*.sys /lockedfiles > ========== Alternate Data Streams ========== @Alternate Data Stream - 100 bytes -> C:\ProgramData\Temp:5C321E34
< End of report >
OTL ExtrasOTL Extras logfile created on: 11/12/2012 11:43:54 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Pati\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000c0a | Country: Argentina | Language: ESS | Date Format: dd/MM/yyyy
13,91 Gb Total Physical Memory | 10,94 Gb Available Physical Memory | 78,64% Memory free
27,81 Gb Paging File | 24,85 Gb Available in Paging File | 89,33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 673,63 Gb Total Space | 556,44 Gb Free Space | 82,60% Space Free | Partition Type: NTFS
Computer Name: AS-PC | User Name: Pati | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (All) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm[@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cpl[@ = cplfile] -- C:\Windows\SysNative\control.exe (Microsoft Corporation)
.hlp[@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta[@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html[@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf[@ = inffile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.ini[@ = inifile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.js[@ = JSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.jse[@ = JSEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.reg[@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.txt[@ = txtfile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.vbe[@ = VBEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.vbs[@ = VBSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsf[@ = WSFFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsh[@ = WSHFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = comfile] -- "%1" %*
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf [@ = inffile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\SysWow64\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\Windows\SysWow64\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [!ezcddaxa] -- "C:\Program Files (x86)\Easy CD-DA Extractor 9\convert.exe" "%1" ()
Directory [!ezcddaxb] -- "C:\Program Files (x86)\Easy CD-DA Extractor 9\burn.exe" "%1" ()
Directory [!ezcddaxc] -- "C:\Program Files (x86)\Easy CD-DA Extractor 9\burn2.exe" "%1" ()
Directory [Browse with ACDSee] -- C:\Program Files (x86)\ACDSee32\ACDSee32.exe "%1" (ACD Systems, Ltd.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [!ezcddaxa] -- "C:\Program Files (x86)\Easy CD-DA Extractor 9\convert.exe" "%1" ()
Directory [!ezcddaxb] -- "C:\Program Files (x86)\Easy CD-DA Extractor 9\burn.exe" "%1" ()
Directory [!ezcddaxc] -- "C:\Program Files (x86)\Easy CD-DA Extractor 9\burn2.exe" "%1" ()
Directory [Browse with ACDSee] -- C:\Program Files (x86)\ACDSee32\ACDSee32.exe "%1" (ACD Systems, Ltd.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{024EEA64-8643-4FAA-9F00-9566CAAC616C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{07A99DB6-FEB6-432B-8B6A-F700E24B99BC}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{080534B7-630B-45EA-A6D2-86A6B47998B3}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0E173E55-32CA-46BC-91D4-1F21F2121FAF}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{13C9294B-AAB7-4153-96DA-9C5E1563C95A}" = lport=445 | protocol=6 | dir=in | app=system |
"{28AC576E-4E6D-4C2D-A301-7B4A2E20CD5D}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{42E4D0F8-9078-484A-95F1-DBC425DDF013}" = rport=445 | protocol=6 | dir=out | app=system |
"{52175624-7E3B-4B34-8F89-C3FB5F7B4B2D}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{52591004-973C-408D-AB52-E2EFC9759AC7}" = lport=139 | protocol=6 | dir=in | app=system |
"{5A6A2B11-632F-43E7-8111-433D3DA72ED6}" = lport=2869 | protocol=6 | dir=in | app=system |
"{6E93499A-7311-49D9-B1FD-6AB258ED908B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8112B3F3-D51F-401F-980B-AE858C6DE540}" = lport=10243 | protocol=6 | dir=in | app=system |
"{8B9AE995-116D-478E-AE33-30E98C6E2CE9}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9C844C59-8D9D-4680-AE47-5CFEFA89D465}" = rport=137 | protocol=17 | dir=out | app=system |
"{B4FED2C4-3196-41B6-8A90-39CD961AB2B5}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B808CC6D-352C-41FB-B885-6F5BEE565F0E}" = lport=138 | protocol=17 | dir=in | app=system |
"{C032DF9B-A8EB-462E-804D-F9CEA66AD631}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C1392BBD-0B1E-497C-91B7-B219FC8B60EA}" = rport=10243 | protocol=6 | dir=out | app=system |
"{C74CB7A8-7BBC-4A31-86F5-03E15B84A7CC}" = lport=137 | protocol=17 | dir=in | app=system |
"{E54E09B8-6585-40C8-9F2E-1F36FB79C5EA}" = rport=138 | protocol=17 | dir=out | app=system |
"{EFDE411F-D0AF-4331-98C8-625AEC235BB1}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss |
[email protected],-28539 |
"{F1C3E909-19A2-4A13-9284-721D2B7BC942}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{F8FD9760-1AA8-4E72-8C96-911DDAF90CE0}" = rport=139 | protocol=6 | dir=out | app=system |
========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04B43622-B695-4177-B106-078F52C7A669}" = protocol=1 | dir=out |
[email protected],-28544 |
"{07FBF696-47F2-428B-BF2D-03DBCB6A8314}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{0BA1DF8D-748B-4E8D-BB48-5AA575CFC1C1}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{0DD33D1F-52DA-44F4-AB22-C7B5293C6A00}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{195329F7-49B7-47FA-BF4D-5FC738502C34}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{1B9E6A9B-ADFC-4E3C-A94D-2F89F7837B11}" = protocol=6 | dir=in | app=c:\utorrent 2.2.1\utorrent.exe |
"{2F3AE42A-6A89-4AAA-9E0F-931CEDB6D183}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{37C1ED74-FE1E-4E25-9C59-42141588DCFE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{59C5723D-2024-4F38-A54D-EC80EA0E75EE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5D35B4B5-6F4B-42BD-8C04-4A773CB9CCEA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{611ECEB5-5C53-4AAB-A9CA-11C0ADE8E713}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{65616801-6C93-463B-AAB3-46A5DBB0F4A1}" = protocol=1 | dir=in |
[email protected],-28543 |
"{6663EB01-F5B6-435F-8A10-BD3207192DB9}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe |
"{77C73DD5-D272-4802-8B62-9057CF1EDA50}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd cinema\powerdvdcinema10.exe |
"{7C4AD716-F6D9-4AAA-A8A3-1E5D258AAEBE}" = protocol=17 | dir=in | app=c:\utorrent 2.2.1\utorrent.exe |
"{7CCF7B3D-FEBE-4E97-8B28-49071C4A42C6}" = protocol=58 | dir=in |
[email protected],-28545 |
"{8195AD7A-C4EB-4E87-8AB6-437B00904B1C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{88FA2ED2-B7E2-43E0-A1CB-8C3BBDAE2729}" = protocol=58 | dir=out |
[email protected],-28546 |
"{91B7F724-C3EF-4EE2-9E8A-3AC484A74E07}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr8.exe |
"{9311E0C9-43C4-48F1-BFA3-46CC37CA7E24}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{94EAF6BE-AB07-407D-B860-AD37C0474C10}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A6038932-DBEA-45B8-98FA-1B3B1DCB93C3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B8CB22FC-7290-4204-8E66-BA60DDA938E5}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BF0F0FA6-8F7E-48A5-B40A-3F1AD3E9A295}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{CD61D8F9-806C-4310-9BA9-5672E4A77718}" = protocol=6 | dir=out | app=system |
"{CFC1E08B-4C49-4063-8B89-B8B681942D4C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{D27248F6-A72D-4A3D-8298-C483DD5C12C5}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{015C5B35-B678-451C-9AEE-821E8D69621C}_is1" = PeerBlock 1.1 (r518)
"{01E66AC4-B28B-494C-993D-3CD17020BEBC}" = Fresco Logic USB3.0 Host Controller
"{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources
"{1FB31F44-D4D0-4D76-944A-A1A5D79FD321}" = Windows Live Family Safety
"{206BD2C5-DE08-4577-A0D7-D441A79D5A3A}" = Windows Live Remote Client Resources
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Bluetooth Win7 Suite (64)
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{33B98264-A889-4913-A0CA-C364A75032B3}" = ASUS Power4Gear Hybrid
"{3CE222BA-66A6-4D18-BEE9-5D21C5798C3E}" = Windows Live Family Safety
"{3D7F836A-AE1F-4FA6-8DB9-4FE06697AB0A}" = Windows Live Family Safety
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6DDCFF78-6F91-438C-9567-C5CAA9D7F56C}" = Windows Live Family Safety
"{749BE6FF-815E-4F36-901B-7AC301B50330}" = Windows Live Family Safety
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{825C7D3F-D0B3-49D5-A42B-CBB0FBE85E99}" = Windows Live Remote Client Resources
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{AE91E0F3-C49A-4EF4-8B98-A07BD409EB90}" = Windows Live Remote Service Resources
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel de control de NVIDIA 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Controlador de gráficos 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Software del sistema PhysX 9.12.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Actualización de NVIDIA 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}" = Intel® Turbo Boost Technology Monitor 2.0
"{CEA21F20-DBF4-464C-8B81-28B8508AFDDD}" = Windows Live Family Safety
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E01819BD-709F-43A1-9600-6F5E4C584C37}" = Windows Live Family Safety
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E62381A7-B1C1-4121-8262-84D38C77786C}" = COMODO Internet Security
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FAA3933C-6F0D-4350-B66B-9D7F7031343E}" = Windows Live Remote Service Resources
"CCleaner" = CCleaner
"Elantech" = ETDWare PS/2-x64 7.0.5.16_WHQL
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{000F2A10-9CDF-47BF-9CF2-9AC87567B433}" = Windows Live Photo Common
"{03241D8D-2217-42F7-9FCB-6A68D141C14D}" = Windows Live 软件包
"{04668DF2-D32F-4555-9C7E-35523DCD6544}" = Control ActiveX de Windows Live Mesh para conexiones remotas
"{04A3A6B0-8E19-49BB-82FF-65C5A55F917D}" = Acronis True Image Home 2011
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{062E4D94-8306-46D5-81B6-45E6AD09C799}" = Windows Live Messenger
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}" = SonicMaster
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail
"{0E1FE502-7536-4155-BBC6-7BE8E465DE08}" = Firebird SQL Server - MAGIX Edition
"{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live
"{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = ASUS Video Magic
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{29373E24-AC72-424E-8F2A-FB0F9436F21F}" = Windows Live Photo Common
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2C865FB0-051E-4D22-AC62-428E035AEAF0}" = Windows Live Mesh
"{2D49C296-BCCA-4800-BAF6-A0269EBDCF74}" = Windows Live Messenger
"{2FDD750F-49B7-40C1-9D5E-D2955BC0E2D8}" = NVIDIA PhysX
"{317D56AC-0DB3-48F5-929A-42032DAC9AD7}" = Windows Live Writer
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{368BEC2C-B7A2-4762-9213-2D8465D533CA}" = Windows Live UX Platform Language Pack
"{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{4555BB9E-E715-4260-A178-E8EFD2B653E3}" = Alcor Micro USB Card Reader
"{46EA439E-2D16-49B6-AA80-00DE992FE7CE}" = Microsoft Windows Debugging Symbols
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer
"{499DED08-6FA8-4749-8E94-8526CC9D1CA8}" = ExpressGate Cloud
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{56009CA3-423B-41F8-884A-E5B049534F15}" = Kaspersky Security Scan
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{588CE0C0-860B-49A8-AFCF-3C69465B345F}" = Windows Live Mesh
"{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker
"{622DE1BE-9EDE-49D3-B349-29D64760342A}" = 適用遠端連線的 Windows Live Mesh ActiveX 控制項
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{6807427D-8D68-4D30-AF5B-0B38F8F948C8}" = Windows Live Writer Resources
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68ADAEAA-DABD-45C1-9CC2-F995407549CD}" = Microsoft Windows Debugging Symbols
"{6CB36609-E3A6-446C-A3C1-C71E311D2B9C}" = Windows Live Movie Maker
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7115EEBC-DA7B-434C-B81C-EA5B26EA9A94}" = Windows Live Writer Resources
"{753F0A72-59C3-41CE-A36A-F2DF2079275C}" = Windows Live Mail
"{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack
"{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh
"{7B982EBD-D017-4527-BF1A-FC489EC6B100}" = Windows Live 照片库
"{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials
"{7D916FA5-DAE9-4A25-B089-655C70EAF607}" = Qualcomm Atheros WiFi Driver Installation
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{8FF3891F-01B5-4A71-BFCD-20761890471C}" = Windows Live Messenger
"{903EDF14-4E28-4463-AA5E-4AEE71C0263B}" = Windows Live Movie Maker
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0B91308-6666-4249-8FF6-1E11AFD75FE1}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}" = ASUS USB Charger Plus
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials
"{BAEE89D5-6E87-4F89-9603-A1C100479181}" = Windows Live Messenger
"{C4BC5A5F-4A97-47CC-99C3-AB8E10572AFE}" = Wireless Console 3
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CCF298AF-9CE1-4B26-B251-486E98A34789}" = Windows 7 USB/DVD Download Tool
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D299197D-CDEA-41A6-A363-F532DE4114FD}" = Windows Live UX Platform Language Pack
"{D39F0676-163E-4595-A917-E28F99BBD4D2}" = ASUS AI Recovery
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker
"{DD47370C-E0F1-407F-9DB0-3FF98907F1BC}" = ASUS Music Maker
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso
"{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}" = Controlo ActiveX do Windows Live Mesh para Ligações Remotas
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E62E0550-C098-43A2-B54B-03FB1E634483}" = Windows Live Writer
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources
"{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{EEF99142-3357-402C-B298-DEC303E12D92}" = Windows Live 影像中心
"{EF7EAB13-46FC-49DD-8E3C-AAF8A286C5BB}" = Windows Live 程式集
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{F992409C-9D10-4AE2-BAEB-B5409AD3785E}" = 用于远程连接的 Windows Live Mesh ActiveX 控件(简体中文)
"{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"5513-1208-7298-9440" = JDownloader 0.9
"ACDSee 32" = ACDSee 32
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Amazing Bubbles 3D_is1" = Amazing Bubbles 3D 1.4
"AmUStor" = Alcor Micro USB Card Reader
"Ashampoo Burning Studio 8_is1" = Ashampoo Burning Studio 8.09
"Asus Vibe2.0" = AsusVibe2.0
"ASUS WebStorage" = ASUS WebStorage
"ASUS_Screensaver" = ASUS_Screensaver
"avast" = avast! Free Antivirus
"CD Catalog Expert_is1" = CD Catalog Expert 9.23.7.1025
"Comodo Dragon" = Comodo Dragon
"Easy CD-DA Extractor 9.1.3" = Easy CD-DA Extractor 9.1.3
"Foxit Reader_is1" = Foxit Reader
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = ASUS Video Magic
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{499DED08-6FA8-4749-8E94-8526CC9D1CA8}" = ExpressGate Cloud
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso
"InstallWIX_{56009CA3-423B-41F8-884A-E5B049534F15}" = Kaspersky Security Scan
"MAGIX_MSI_mm17_silver_asus" = ASUS Music Maker
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versión 1.65.1.1000
"MKVToolNix" = MKVToolNix 5.8.0
"Mozilla Firefox 17.0.1 (x86 es-AR)" = Mozilla Firefox 17.0.1 (x86 es-AR)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"SolSuite" = SolSuite
"SpywareBlaster_is1" = SpywareBlaster 4.6
"The KMPlayer" = The KMPlayer (remove only)
"Total Commander 7.55" = Total Commander 7.55
"uTorrent" = µTorrent
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = Compresor WinRAR
========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"b42df5509af5850e" = SSW Diagnostics 5.52
========== Last 20 Event Log Errors ========== [ Spybot - Search and Destroy Events ]
Error - 05/12/2012 14:11:33 | Computer Name = As-PC | Source = SDCleaner | ID = 100
Description = LoadCleaningInstructions
< End of report >
Thank you for taking your time helping me.
Edited by Paty, 11 December 2012 - 09:53 AM.