Hi, I tried to clean it up before you responded, but below is my logs you requested. An Extras.txt file was not generated.
OTL logfile created on: 1/1/2013 11:24:39 AM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\CHINABOY\Desktop
Professional (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16453)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.00 Gb Total Physical Memory | 0.99 Gb Available Physical Memory | 32.90% Memory free
6.00 Gb Paging File | 3.80 Gb Available in Paging File | 63.42% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 286.86 Gb Total Space | 95.47 Gb Free Space | 33.28% Space Free | Partition Type: NTFS
Drive G: | 668.00 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF1.50
Drive I: | 930.86 Gb Total Space | 624.17 Gb Free Space | 67.05% Space Free | Partition Type: NTFS
Drive Q: | 9.77 Gb Total Space | 3.64 Gb Free Space | 37.30% Space Free | Partition Type: NTFS
Drive S: | 1.46 Gb Total Space | 0.52 Gb Free Space | 35.64% Space Free | Partition Type: NTFS
Computer Name: CHINABOY-LENOVO | User Name: CHINABOY | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (All) ========== PRC - [2013/01/01 11:19:42 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\CHINABOY\Desktop\OTL.exe
PRC - [2012/12/21 22:01:00 | 028,538,560 | ---- | M] (Dropbox, Inc.) -- C:\Users\CHINABOY\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012/12/13 14:26:20 | 003,290,896 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012/12/04 20:15:17 | 001,242,728 | ---- | M] (Google Inc.) -- C:\Users\CHINABOY\AppData\Local\Google\Chrome\Application\chrome.exe
PRC - [2012/11/29 18:06:06 | 000,701,792 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
PRC - [2012/11/09 23:23:32 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\WinSxS\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16455_none_062bdf1d989801d0\TiWorker.exe
PRC - [2012/11/07 23:45:20 | 000,770,520 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2012/10/26 12:17:52 | 000,079,384 | ---- | M] (Google) -- C:\Users\CHINABOY\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
PRC - [2012/10/23 10:10:40 | 001,084,328 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Password Manager\password_manager.exe
PRC - [2012/09/23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/09/21 12:50:26 | 000,057,704 | ---- | M] (Authentec Inc.) -- C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
PRC - [2012/09/20 19:44:06 | 000,186,248 | ---- | M] (Lenovo.) -- C:\Windows\System32\TpShocks.exe
PRC - [2012/09/07 08:09:02 | 000,366,480 | ---- | M] (Lenovo) -- C:\Program Files\Lenovo\Access Connections\SvcGuiHlpr.exe
PRC - [2012/09/07 08:08:50 | 000,272,272 | ---- | M] (Lenovo) -- C:\Program Files\Lenovo\Access Connections\AcSvc.exe
PRC - [2012/09/07 08:08:48 | 000,133,008 | ---- | M] (Lenovo) -- C:\Program Files\Lenovo\Access Connections\AcPrfMgrSvc.exe
PRC - [2012/07/25 23:17:18 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe
PRC - [2012/07/25 23:17:18 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe
PRC - [2012/07/25 23:17:18 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe
PRC - [2012/07/25 23:17:16 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\servicing\TrustedInstaller.exe
PRC - [2012/07/25 23:17:16 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe
PRC - [2012/07/25 22:50:01 | 002,114,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2012/07/25 22:31:20 | 000,023,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\WinStore\WSHost.exe
PRC - [2012/07/25 22:30:33 | 000,013,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpEng.exe
PRC - [2012/07/25 22:30:19 | 000,029,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RuntimeBroker.exe
PRC - [2012/07/25 22:21:03 | 000,333,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WWAHost.exe
PRC - [2012/07/25 22:21:03 | 000,196,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WUDFHost.exe
PRC - [2012/07/25 22:21:02 | 000,375,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiPrvSE.exe
PRC - [2012/07/25 22:21:02 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmplayer.exe
PRC - [2012/07/25 22:21:02 | 000,076,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanext.exe
PRC - [2012/07/25 22:21:01 | 000,411,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe
PRC - [2012/07/25 22:21:01 | 000,101,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe
PRC - [2012/07/25 22:20:59 | 000,239,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe
PRC - [2012/07/25 22:20:59 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhostex.exe
PRC - [2012/07/25 22:20:59 | 000,038,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe
PRC - [2012/07/25 22:20:58 | 000,496,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe
PRC - [2012/07/25 22:20:58 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2012/07/25 22:20:58 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2012/07/25 22:20:58 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2012/07/25 22:20:58 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2012/07/25 22:20:58 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2012/07/25 22:20:58 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2012/07/25 22:20:58 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2012/07/25 22:20:58 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2012/07/25 22:20:58 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2012/07/25 22:20:58 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2012/07/25 22:20:58 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2012/07/25 22:20:58 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2012/07/25 22:20:58 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2012/07/25 22:20:58 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2012/07/25 22:20:58 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2012/07/25 22:20:55 | 000,671,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe
PRC - [2012/07/25 22:20:55 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rundll32.exe
PRC - [2012/07/25 22:20:45 | 000,089,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe
PRC - [2012/07/25 22:20:44 | 000,300,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2012/07/25 22:20:44 | 000,045,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dasHost.exe
PRC - [2012/05/16 05:32:00 | 000,476,256 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\ThinkPad\Utilities\PWMUIAux.EXE
PRC - [2012/05/16 05:32:00 | 000,128,608 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\ThinkPad\Utilities\SCHTASK.EXE
PRC - [2012/04/17 18:20:54 | 002,326,288 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
PRC - [2012/04/17 18:20:36 | 000,498,960 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe
PRC - [2012/04/17 18:20:32 | 000,107,792 | ---- | M] (Intel® Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
PRC - [2012/03/08 11:19:40 | 000,104,208 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
PRC - [2012/03/01 10:35:18 | 000,509,448 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
PRC - [2011/11/04 15:37:16 | 000,330,304 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
PRC - [2011/10/20 10:58:46 | 000,101,440 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
PRC - [2011/08/12 13:42:50 | 000,648,744 | R--- | M] (Ericsson AB) -- C:\Program Files\Mobile Broadband drivers\WMCore\mini_WMCore.exe
PRC - [2011/07/12 18:03:34 | 000,064,960 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\LVOSDSVC.exe
PRC - [2011/07/12 16:54:02 | 000,127,336 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
PRC - [2011/07/12 16:53:18 | 000,142,696 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
PRC - [2011/07/12 10:20:50 | 000,387,944 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2011/06/22 05:57:14 | 000,045,056 | ---- | M] (Intuit) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
PRC - [2011/06/19 07:22:21 | 000,186,760 | ---- | M] () -- C:\Program Files\Photodex\ProShowGold\scsiaccess.exe
PRC - [2011/06/10 12:47:26 | 001,033,528 | ---- | M] (Lenovo Group Limited) -- c:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
PRC - [2011/05/25 13:06:20 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2011/04/08 07:50:02 | 000,542,264 | ---- | M] (Google) -- C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe
PRC - [2011/04/07 15:41:32 | 000,138,680 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\ZOOM\TpScrex.exe
PRC - [2011/03/09 10:18:06 | 001,060,864 | ---- | M] () -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
PRC - [2011/03/09 10:16:56 | 000,484,352 | ---- | M] () -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
PRC - [2011/03/09 10:07:54 | 000,238,592 | ---- | M] (WDC) -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
PRC - [2010/12/10 17:30:50 | 000,086,880 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
PRC - [2010/12/10 17:29:30 | 000,238,944 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
PRC - [2010/11/17 15:38:50 | 000,628,080 | ---- | M] (Juniper Networks) -- C:\Program Files\Juniper Networks\Common Files\dsNcService.exe
PRC - [2010/04/22 23:16:46 | 000,128,296 | ---- | M] (Synaptics Incorporated) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
PRC - [2010/04/22 23:16:04 | 001,725,736 | ---- | M] (Synaptics Incorporated) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2010/04/22 23:16:04 | 000,103,720 | ---- | M] (Synaptics Incorporated) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2010/01/28 16:47:00 | 000,319,488 | ---- | M] (Alcatel-Lucent) -- C:\Program Files\Common Files\Motive\McciCMService.exe
PRC - [2009/08/15 09:52:54 | 000,211,488 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe
PRC - [2009/06/04 18:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009/06/04 18:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2009/04/15 16:00:42 | 000,208,896 | R--- | M] () -- C:\Program Files\Lenovo\ATK Hotkey\LFKAS.exe
PRC - [2009/04/15 15:41:22 | 000,315,392 | R--- | M] (Lenovo) -- C:\Program Files\Lenovo\ATK Hotkey\LFKA.exe
PRC - [2009/04/15 14:57:58 | 000,077,824 | R--- | M] (ATK0101) -- C:\Program Files\Lenovo\ATK Hotkey\LControl.exe
PRC - [2009/02/13 15:39:02 | 000,094,208 | R--- | M] () -- C:\Program Files\Lenovo\ATK Hotkey\GFNEXSrv.exe
PRC - [2009/02/13 14:45:54 | 000,094,208 | R--- | M] () -- C:\Program Files\Lenovo\ATK Hotkey\ASLDRSrv.exe
PRC - [2008/05/14 04:36:36 | 000,036,128 | ---- | M] (Lenovo) -- C:\Windows\System32\ibmpmsvc.exe
PRC - [2008/01/11 19:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2007/10/18 01:37:04 | 000,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\Drivers\XAudio.exe
PRC - [2007/09/28 15:21:42 | 000,162,280 | ---- | M] (Digital Delivery Networks, Inc.) -- C:\Program Files\DDNI\SBITS\DDNIOEMService.exe
PRC - [2007/09/07 08:41:50 | 000,053,248 | R--- | M] (Utimaco Safeware AG) -- C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe
PRC - [2007/03/06 10:35:02 | 000,198,168 | ---- | M] (InterVideo Inc.) -- C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
PRC - [2007/01/04 21:48:52 | 000,112,152 | R--- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
PRC - [2006/09/12 23:00:00 | 000,045,056 | ---- | M] (brother Industries Ltd) -- C:\Windows\System32\brss01a.exe
PRC - [2002/04/11 23:00:00 | 000,057,344 | ---- | M] (brother Industries Ltd) -- C:\Windows\System32\brsvc01a.exe
========== Modules (No Company Name) ========== MOD - [2012/05/16 05:32:00 | 000,101,888 | ---- | M] () -- C:\Program Files\ThinkPad\Utilities\US\PWMROV.DLL
MOD - [2012/05/16 05:32:00 | 000,083,968 | ---- | M] () -- C:\Program Files\ThinkPad\Utilities\US\PWMRT32V.DLL
MOD - [2010/10/20 14:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/01/30 01:41:12 | 004,254,560 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2007/06/18 18:28:44 | 000,056,056 | ---- | M] () -- C:\Windows\System32\DLAAPI_W.DLL
MOD - [2007/03/09 18:16:52 | 000,106,496 | R--- | M] () -- C:\Program Files\Lenovo\ATK Hotkey\AGFNEX.dll
========== Services (SafeList) ========== SRV - [2012/12/30 02:02:21 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/12/13 14:26:20 | 003,290,896 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012/11/23 15:20:54 | 000,021,416 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Lenovo\System Update\SUService.exe -- (SUService)
SRV - [2012/11/17 18:15:31 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/09/23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/09/07 08:08:50 | 000,272,272 | ---- | M] (Lenovo) [Auto | Running] -- C:\Program Files\Lenovo\Access Connections\AcSvc.exe -- (AcSvc)
SRV - [2012/09/07 08:08:48 | 000,133,008 | ---- | M] (Lenovo) [Auto | Running] -- C:\Program Files\Lenovo\Access Connections\AcPrfMgrSvc.exe -- (AcPrfMgrSvc)
SRV - [2012/07/25 23:03:42 | 002,205,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\spool\drivers\w32x86\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012/07/25 22:31:20 | 002,151,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\WSService.dll -- (WSService)
SRV - [2012/07/25 22:30:33 | 000,013,864 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2012/07/25 22:20:30 | 001,536,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wlidsvc.dll -- (wlidsvc)
SRV - [2012/07/25 22:20:19 | 000,051,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wiarpc.dll -- (WiaRpc)
SRV - [2012/07/25 22:20:13 | 000,226,304 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wcmsvc.dll -- (Wcmsvc)
SRV - [2012/07/25 22:20:11 | 000,192,512 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\vaultsvc.dll -- (VaultSvc)
SRV - [2012/07/25 22:20:07 | 000,113,664 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\TimeBrokerServer.dll -- (TimeBroker)
SRV - [2012/07/25 22:20:05 | 000,117,248 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV - [2012/07/25 22:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2012/07/25 22:20:04 | 000,010,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\svsvc.dll -- (svsvc)
SRV - [2012/07/25 22:19:54 | 000,132,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2012/07/25 22:19:40 | 002,028,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2012/07/25 22:19:22 | 000,364,032 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netprofmsvc.dll -- (netprofm)
SRV - [2012/07/25 22:19:21 | 000,138,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\NcaSvc.dll -- (NcaSvc)
SRV - [2012/07/25 22:19:21 | 000,062,976 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV - [2012/07/25 22:18:55 | 000,349,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lsm.dll -- (LSM)
SRV - [2012/07/25 22:18:47 | 000,043,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\keyiso.dll -- (KeyIso)
SRV - [2012/07/25 22:18:28 | 000,095,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\fhsvc.dll -- (fhsvc)
SRV - [2012/07/25 22:18:24 | 000,027,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\efssvc.dll -- (EFS)
SRV - [2012/07/25 22:18:18 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\DeviceSetupManager.dll -- (DsmSvc)
SRV - [2012/07/25 22:18:13 | 000,261,632 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\das.dll -- (DeviceAssociationService)
SRV - [2012/07/25 22:18:01 | 000,136,704 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\bisrv.dll -- (BrokerInfrastructure)
SRV - [2012/07/25 22:17:58 | 000,136,704 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV - [2012/07/25 22:17:58 | 000,109,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV - [2012/07/25 19:27:36 | 000,276,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicvss)
SRV - [2012/07/25 19:27:36 | 000,276,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmictimesync)
SRV - [2012/07/25 19:27:36 | 000,276,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicshutdown)
SRV - [2012/07/25 19:27:36 | 000,276,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicrdv)
SRV - [2012/07/25 19:27:36 | 000,276,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmickvpexchange)
SRV - [2012/07/25 19:27:36 | 000,276,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicheartbeat)
SRV - [2012/05/16 05:32:00 | 001,665,120 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files\ThinkPad\Utilities\PWMEWSVC.exe -- (PwmEWSvc)
SRV - [2012/05/16 05:32:00 | 001,662,560 | ---- | M] (Lenovo) [On_Demand | Stopped] -- C:\Program Files\ThinkPad\Utilities\PWMDBSVC.exe -- (Power Manager DBC Service)
SRV - [2012/04/17 18:20:54 | 002,326,288 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
SRV - [2012/04/17 18:20:42 | 000,241,936 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV - [2012/04/17 18:20:36 | 000,498,960 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2012/04/17 18:20:32 | 000,107,792 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2012/04/13 17:09:02 | 005,259,048 | ---- | M] () [On_Demand | Stopped] -- C:\ProgramData\TVersity\Media Server\MediaServer.exe -- (TVersityMediaServer)
SRV - [2012/03/08 11:19:40 | 000,104,208 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
SRV - [2012/03/01 10:35:18 | 000,509,448 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV - [2012/01/05 16:15:14 | 003,002,192 | ---- | M] (Conceiva Pty. Ltd.) [On_Demand | Stopped] -- C:\Program Files\Conceiva\Mezzmo\MezzmoMediaServer.exe -- (Mezzmo)
SRV - [2011/08/12 13:42:50 | 000,648,744 | R--- | M] (Ericsson AB) [Auto | Running] -- C:\Program Files\Mobile Broadband drivers\WMCore\mini_WMCore.exe -- (WMCoreService)
SRV - [2011/07/12 16:54:02 | 000,127,336 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe -- (Lenovo.VIRTSCRLSVC)
SRV - [2011/07/12 16:53:18 | 000,142,696 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe -- (TPHKSVC)
SRV - [2011/06/22 05:57:14 | 000,045,056 | ---- | M] (Intuit) [Auto | Running] -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2011/06/19 07:22:21 | 000,186,760 | ---- | M] () [Auto | Running] -- C:\Program Files\Photodex\ProShowGold\scsiaccess.exe -- (ScsiAccess)
SRV - [2011/06/10 12:47:26 | 001,033,528 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- c:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe -- (ThinkVantage Registry Monitor Service)
SRV - [2011/03/09 10:18:06 | 001,060,864 | ---- | M] () [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe -- (WDFME)
SRV - [2011/03/09 10:16:56 | 000,484,352 | ---- | M] () [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe -- (WDSC)
SRV - [2011/03/09 10:07:54 | 000,238,592 | ---- | M] (WDC) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService)
SRV - [2010/11/17 15:38:50 | 000,628,080 | ---- | M] (Juniper Networks) [Auto | Running] -- C:\Program Files\Juniper Networks\Common Files\dsNcService.exe -- (dsNcService)
SRV - [2010/03/25 09:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010/02/19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/09/24 04:08:22 | 000,362,992 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- c:\Program Files\Roxio\Digital Home 10\RoxioUpnpService10.exe -- (Roxio Upnp Server 10)
SRV - [2009/09/24 04:08:08 | 000,313,840 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- c:\Program Files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe -- (Roxio UPnP Renderer 10)
SRV - [2009/09/24 04:02:26 | 000,309,744 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe -- (RoxLiveShare10)
SRV - [2009/09/24 04:02:16 | 000,166,384 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe -- (RoxWatch10)
SRV - [2009/09/24 04:01:04 | 001,124,848 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe -- (RoxMediaDB10)
SRV - [2009/06/04 18:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2009/04/15 16:00:42 | 000,208,896 | R--- | M] () [Auto | Running] -- C:\Program Files\Lenovo\ATK Hotkey\LFKAS.exe -- (LFKAS)
SRV - [2009/02/13 15:39:02 | 000,094,208 | R--- | M] () [Auto | Running] -- C:\Program Files\Lenovo\ATK Hotkey\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2009/02/13 14:45:54 | 000,094,208 | R--- | M] () [Auto | Running] -- C:\Program Files\Lenovo\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService)
SRV - [2008/11/18 14:45:28 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2008/05/24 18:17:54 | 000,520,192 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe -- (TVT Backup Protection Service)
SRV - [2008/05/24 17:28:20 | 000,253,952 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C:\Program Files\Lenovo\Rescue and Recovery\UpdateMonitor.exe -- (TVT_UpdateMonitor)
SRV - [2008/01/11 19:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2007/09/28 15:21:42 | 000,162,280 | ---- | M] (Digital Delivery Networks, Inc.) [Auto | Running] -- C:\Program Files\DDNI\SBITS\DDNIOEMService.exe -- (DDNIOEMService)
SRV - [2007/03/06 10:35:02 | 000,198,168 | ---- | M] (InterVideo Inc.) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe -- (Capture Device Service)
SRV - [2007/01/04 21:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
========== Driver Services (SafeList) ========== DRV - File not found [Kernel | Auto | Stopped] -- C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys -- (smihlp)
DRV - [2012/12/08 03:01:04 | 000,013,560 | ---- | M] (GFI Software) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\gfibto.sys -- (gfibto)
DRV - [2012/09/19 10:02:06 | 000,181,344 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2012/09/19 10:02:06 | 000,083,168 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2012/09/06 10:49:06 | 000,020,328 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ApsHM86.sys -- (TPDIGIMN)
DRV - [2012/07/25 23:17:18 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\condrv.sys -- (condrv)
DRV - [2012/07/25 22:48:44 | 000,058,608 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\acpiex.sys -- (acpiex)
DRV - [2012/07/25 22:48:33 | 000,121,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\tpm.sys -- (TPM)
DRV - [2012/07/25 22:48:29 | 000,049,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\Drivers\dam.sys -- (dam)
DRV - [2012/07/25 22:42:33 | 000,068,848 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV - [2012/07/25 22:42:32 | 000,099,056 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV - [2012/07/25 22:42:32 | 000,070,384 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\EhStorClass.sys -- (EhStorClass)
DRV - [2012/07/25 22:42:31 | 000,085,232 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\3ware.sys -- (3ware)
DRV - [2012/07/25 22:42:19 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV - [2012/07/25 22:42:19 | 000,285,424 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV - [2012/07/25 22:42:19 | 000,267,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV - [2012/07/25 22:42:19 | 000,179,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\UCX01000.SYS -- (UCX01000)
DRV - [2012/07/25 22:42:19 | 000,080,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\VerifierExt.sys -- (VerifierExt)
DRV - [2012/07/25 22:42:18 | 000,076,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\uaspstor.sys -- (UASPStor)
DRV - [2012/07/25 22:42:18 | 000,066,288 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\storahci.sys -- (storahci)
DRV - [2012/07/25 22:42:15 | 000,238,320 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\spaceport.sys -- (spaceport)
DRV - [2012/07/25 22:42:15 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV - [2012/07/25 22:42:15 | 000,059,120 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\mvumis.sys -- (mvumis)
DRV - [2012/07/25 22:42:15 | 000,046,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\sdstor.sys -- (sdstor)
DRV - [2012/07/25 22:42:14 | 000,024,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV - [2012/07/25 22:40:36 | 000,038,640 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV - [2012/07/25 22:40:10 | 000,256,240 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\clfs.sys -- (CLFS)
DRV - [2012/07/25 22:39:55 | 000,029,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\terminpt.sys -- (terminpt)
DRV - [2012/07/25 22:39:55 | 000,023,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2012/07/25 22:39:35 | 000,057,072 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\pdc.sys -- (pdc)
DRV - [2012/07/25 22:39:13 | 000,030,448 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\Drivers\cnghwassist.sys -- (cnghwassist)
DRV - [2012/07/25 22:34:01 | 000,199,920 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\System32\Drivers\WdFilter.sys -- (WdFilter)
DRV - [2012/07/25 22:33:00 | 000,130,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\vmbus.sys -- (vmbus)
DRV - [2012/07/25 22:33:00 | 000,042,344 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\vmstorfl.sys -- (storflt)
DRV - [2012/07/25 22:33:00 | 000,032,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\storvsc.sys -- (storvsc)
DRV - [2012/07/25 22:30:33 | 000,028,072 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\WdBoot.sys -- (WdBoot)
DRV - [2012/07/25 21:36:54 | 000,042,496 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV - [2012/07/25 21:36:49 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\mshidumdf.sys -- (mshidumdf)
DRV - [2012/07/25 21:36:36 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\HyperVideo.sys -- (HyperVideo)
DRV - [2012/07/25 21:36:35 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\BasicRender.sys -- (BasicRender)
DRV - [2012/07/25 21:35:48 | 000,025,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV - [2012/07/25 21:35:30 | 000,006,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\vms3cap.sys -- (s3cap)
DRV - [2012/07/25 21:35:28 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\npsvctrig.sys -- (npsvctrig)
DRV - [2012/07/25 21:35:23 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\fxppm.sys -- (FxPPM)
DRV - [2012/07/25 21:35:10 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\kdnic.sys -- (kdnic)
DRV - [2012/07/25 21:35:06 | 000,008,704 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\acpitime.sys -- (acpitime)
DRV - [2012/07/25 21:35:04 | 000,009,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\vmgencounter.sys -- (gencounter)
DRV - [2012/07/25 21:34:43 | 000,008,704 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\acpipagr.sys -- (acpipagr)
DRV - [2012/07/25 21:34:42 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV - [2012/07/25 21:34:22 | 000,018,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2012/07/25 21:34:16 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BthhfHid.sys -- (bthhfhid)
DRV - [2012/07/25 21:34:04 | 000,010,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\hyperkbd.sys -- (hyperkbd)
DRV - [2012/07/25 21:33:53 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\SerCx.sys -- (SerCx)
DRV - [2012/07/25 21:33:50 | 000,046,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\SpbCx.sys -- (SpbCx)
DRV - [2012/07/25 21:33:50 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\vwifimp.sys -- (vwifimp)
DRV - [2012/07/25 21:33:37 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\winusb.sys -- (WinUsb)
DRV - [2012/07/25 21:33:29 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2012/07/25 21:33:16 | 000,044,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV - [2012/07/25 21:33:00 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\hidi2c.sys -- (hidi2c)
DRV - [2012/07/25 21:32:54 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2012/07/25 21:32:53 | 000,028,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\dmvsc.sys -- (dmvsc)
DRV - [2012/07/25 21:32:02 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\wpcfltr.sys -- (wpcfltr)
DRV - [2012/07/25 21:31:11 | 000,110,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV - [2012/07/25 21:30:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\mslldp.sys -- (MsLldp)
DRV - [2012/07/25 21:30:39 | 000,084,480 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\Drivers\Ndu.sys -- (Ndu)
DRV - [2012/07/23 11:11:44 | 000,129,384 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ApsX86.sys -- (Shockprf)
DRV - [2012/06/27 21:06:16 | 010,900,840 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2012/05/16 05:32:00 | 000,017,736 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\Windows\System32\Drivers\TPPWR32V.SYS -- (TPPWRIF)
DRV - [2012/01/23 16:43:06 | 007,523,840 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\NETwNs32.sys -- (NETwNs32)
DRV - [2011/08/12 14:55:04 | 000,232,488 | ---- | M] (Ericsson AB) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\WwanUsbMp.sys -- (WwanUsbServ)
DRV - [2011/08/03 22:32:15 | 000,032,824 | ---- | M] (Lenovo Information Product(ShenZhen China) Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\psadd.sys -- (psadd)
DRV - [2011/07/15 13:13:12 | 000,135,680 | ---- | M] (Oracle Corporation) [Kernel | Auto | Running] -- C:\Program Files\YouWave_Android\vb\VBoxDrv.sys -- (VBoxDrv)
DRV - [2011/06/27 10:54:30 | 000,022,640 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- c:\Program Files\PC-Doctor\pcdsrvc.pkms -- (PCDSRVC{3037D694-FD904ACA-06020200}_0)
DRV - [2011/06/13 21:58:02 | 000,026,152 | ---- | M] (Ericsson AB) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\wwanussf.sys -- (ecnssndisfltr)
DRV - [2011/06/13 21:58:02 | 000,023,592 | ---- | M] (Ericsson AB) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\wwanuss.sys -- (ecnssndis)
DRV - [2011/06/02 10:08:34 | 000,011,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\SystemRequirementsLab\cpudrv.sys -- (cpudrv)
DRV - [2011/04/29 10:43:24 | 000,419,656 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\Mbm3Mdm.sys -- (Mbm3Mdm)
DRV - [2011/04/29 10:43:14 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\Mbm3mdfl.sys -- (Mbm3mdfl)
DRV - [2011/04/29 10:43:08 | 000,364,232 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\Mbm3CBus.sys -- (Mbm3CBus)
DRV - [2010/09/07 14:09:06 | 000,013,680 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\Windows\System32\Drivers\smiif32.sys -- (lenovo.smi)
DRV - [2010/01/28 16:46:44 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2010/01/28 16:46:42 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2009/12/30 11:21:18 | 000,027,192 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\System32\Drivers\revoflt.sys -- (Revoflt)
DRV - [2009/09/15 18:40:18 | 006,114,816 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\NETw5s32.sys -- (NETw5s32)
DRV - [2009/09/08 17:13:16 | 000,065,584 | ---- | M] (Citrix Systems, Inc.) [Kernel | System | Running] -- C:\Windows\System32\Drivers\ctxusbm.sys -- (ctxusbm)
DRV - [2009/07/01 17:05:10 | 000,232,472 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\iaNvStor.sys -- (iaNvStor)
DRV - [2009/06/04 21:44:28 | 000,014,344 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\PuAcpi32.sys -- (MTsensor32)
DRV - [2008/07/31 02:12:58 | 000,173,584 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\USBSTK.sys -- (DCamUSBGene)
DRV - [2008/07/14 18:31:06 | 000,378,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\lnvocard.sys -- (lnvocard)
DRV - [2008/07/14 18:31:06 | 000,302,464 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\lnvobus.sys -- (lnvobus)
DRV - [2008/07/10 13:27:30 | 000,072,232 | ---- | M] (Ericsson AB) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\lnvogps.sys -- (lnvogps)
DRV - [2008/06/26 14:08:36 | 000,024,232 | ---- | M] (Sony Ericsson) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\lnvoscard.sys -- (Sony_EricssonWWSC)
DRV - [2008/06/19 13:03:00 | 000,043,040 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\nvhda32v.sys -- (NVHDA)
DRV - [2008/05/06 15:06:00 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2008/04/18 18:40:24 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\Drivers\WimFltr.sys -- (WimFltr)
DRV - [2008/04/02 02:47:38 | 000,203,776 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2008/02/15 19:42:42 | 000,046,592 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\Drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/10/18 01:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\Drivers\XAudio.sys -- (XAudio)
DRV - [2007/09/07 08:38:12 | 000,057,856 | R--- | M] (Utimaco Safeware AG) [Kernel | Auto | Running] -- C:\Program Files\Utimaco\SafeGuard PrivateDisk\privatediskm.sys -- (PrivateDisk)
DRV - [2007/07/30 13:54:02 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\Drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/07/30 12:42:58 | 000,043,008 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\Drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2007/07/24 13:09:04 | 000,013,880 | R--- | M] () [Kernel | Auto | Running] -- C:\Program Files\Lenovo\ATK Hotkey\ASMMAP.sys -- (ASMMAP)
DRV - [2007/06/18 18:29:56 | 000,009,400 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLADResM.SYS -- (DLADResM)
DRV - [2007/06/18 18:29:10 | 000,035,064 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLABMFSM.SYS -- (DLABMFSM)
DRV - [2007/06/18 18:29:08 | 000,093,752 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2007/06/18 18:29:06 | 000,098,136 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2007/06/18 18:29:04 | 000,026,744 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2007/06/18 18:28:58 | 000,032,472 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2007/06/18 18:28:54 | 000,014,520 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2007/06/18 18:28:52 | 000,105,048 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2007/02/08 22:05:30 | 000,028,120 | ---- | M] (Roxio) [File_System | System | Running] -- C:\Windows\System32\Drivers\DLARTL_M.SYS -- (DLARTL_M)
DRV - [2007/02/08 22:05:30 | 000,012,856 | ---- | M] (Roxio) [File_System | System | Running] -- C:\Windows\System32\Drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2004/03/23 21:12:34 | 000,017,280 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\nsndis5.sys -- (NSNDIS5)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {154d339e-ccaa-49a5-9b38-6878ad4220bc}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://search.live.c...rms}&FORM=LENIEIE - HKLM\..\SearchScopes\{154d339e-ccaa-49a5-9b38-6878ad4220bc}: "URL" =
http://www.searchamo...q={searchTerms}IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" =
http://search.condui...&ctid=CT2548838 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://lenovo.live.comIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
http://www.lenovo.com/welcome/thinkpad [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://google.com/IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
http://www.searchamo...q={searchTerms}IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.searchamo...q={searchTerms}IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" =
http://search.babylo...0000016eac51682IE - HKCU\..\SearchScopes\{154d339e-ccaa-49a5-9b38-6878ad4220bc}: "URL" =
http://www.searchamo...q={searchTerms}IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" =
http://search.condui...&ctid=CT2548838IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:56929
========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "SearchAmong"
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: {5384767E-00D9-40E9-B72F-9CC39D655D6F}:1.4.2.1
FF - prefs.js..extensions.enabledAddons:
[email protected]:1.2
FF - prefs.js..keyword.URL: "
http://www.searchamo...results.php?q="FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 56929
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@ascendo-inc/DataVault;version=1: C:\Program Files\DataVault\npapi.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@photodex.com/PhotodexPresenter: C:\Program Files\Photodex Presenter\npPxPlay.dll ( )
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\CHINABOY\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\CHINABOY\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\CHINABOY\AppData\Local\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\CHINABOY\AppData\Local\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\CHINABOY\AppData\Local\Facebook\Messenger\2.1.4651.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\
[email protected]: C:\Program Files\DataVault\firefox [2012/03/10 10:12:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\
[email protected]: C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012/10/27 00:25:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/01/01 09:43:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/12/01 07:11:19 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{F74D5734-46F5-4B16-96F0-1E7FBF41B750}: C:\Program Files\Lenovo\Password Manager\PWM Firefox Extension\2.0b12 [2013/01/01 07:55:04 | 000,000,000 | ---D | M]
[2011/05/30 22:31:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\CHINABOY\AppData\Roaming\Mozilla\Extensions
[2012/12/08 03:00:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\CHINABOY\AppData\Roaming\Mozilla\Firefox\Profiles\hzu7wqsx.default\extensions
[2012/10/27 10:37:36 | 000,000,000 | ---D | M] (EPUBReader) -- C:\Users\CHINABOY\AppData\Roaming\Mozilla\Firefox\Profiles\hzu7wqsx.default\extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}
[2012/11/13 06:12:22 | 000,000,000 | ---D | M] (TVersitybar Community Toolbar) -- C:\Users\CHINABOY\AppData\Roaming\Mozilla\Firefox\Profiles\hzu7wqsx.default\extensions\{66bd2442-241b-44cd-8c7a-b51037053cdb}
[2012/12/08 03:00:34 | 000,000,000 | ---D | M] (Lavasoft Search Plugin) -- C:\Users\CHINABOY\AppData\Roaming\Mozilla\Firefox\Profiles\hzu7wqsx.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack
[2012/07/21 09:27:31 | 000,000,778 | ---- | M] () -- C:\Users\CHINABOY\AppData\Roaming\Mozilla\Firefox\Profiles\hzu7wqsx.default\searchplugins\SearchAmong.xml
[2013/01/01 08:57:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/12/14 21:06:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/10/27 00:25:48 | 000,000,000 | ---D | M] (Adobe Acrobat - Create PDF) -- C:\PROGRAM FILES\ADOBE\ACROBAT 10.0\ACROBAT\BROWSER\WCFIREFOXEXTN
[2012/11/17 18:15:32 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2009/09/12 22:05:42 | 000,124,240 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\CCMSDK.dll
[2009/09/12 22:06:22 | 000,070,488 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\CgpCore.dll
[2009/09/12 22:06:32 | 000,091,480 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\confmgr.dll
[2009/09/12 22:06:28 | 000,022,360 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\ctxlogging.dll
[2009/09/12 22:08:36 | 000,406,864 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npicaN.dll
[2009/09/12 22:06:24 | 000,023,896 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\TcpPServ.dll
[2012/05/27 16:47:18 | 000,002,355 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012/11/02 03:25:10 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/11/17 18:15:01 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
========== Chrome ========== CHR - homepage:
http://google.com/CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
CHR - homepage:
http://google.com/CHR - plugin: Shockwave Flash (Enabled) = C:\Users\CHINABOY\AppData\Local\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\CHINABOY\AppData\Local\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Users\CHINABOY\AppData\Local\Google\Chrome\Application\23.0.1271.97\pdf.dll
CHR - plugin: Skype Click to Call (Enabled) = C:\Users\CHINABOY\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: downloadUpdater (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdnu.dll
CHR - plugin: downloadUpdater2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\CHINABOY\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\CHINABOY\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: AdobeAAMDetect (Enabled) = C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
CHR - plugin: Ascendo DataVault (Enabled) = C:\Program Files\DataVault\npapi.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java Platform SE 7 U9 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Photodex Presenter Plugin (Enabled) = C:\Program Files\Photodex Presenter\npPxPlay.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Facebook Desktop (Enabled) = C:\Users\CHINABOY\AppData\Local\Facebook\Messenger\2.1.4651.0\npFbDesktopPlugin.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.11 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: ThinkVantage Password Manager = C:\Users\CHINABOY\AppData\Local\Google\Chrome\User Data\Default\Extensions\geempcnjhccnoepfmahaeemnnfnignab\4.10.6_0\
CHR - Extension: DataVault Extension = C:\Users\CHINABOY\AppData\Local\Google\Chrome\User Data\Default\Extensions\idbmmgcdhhiblollphopejjpnkpdgbii\4.8.1_0\
CHR - Extension: Skype Click to Call = C:\Users\CHINABOY\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.5.0.11422_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\CHINABOY\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: WhiteSmoke US New E1 = C:\Users\CHINABOY\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocoombckbcnabpaghmokhaapnbngahck\10.13.20.29_0\
O1 HOSTS File: ([2012/11/19 20:10:05 | 000,438,329 | ---- | M]) - C:\Windows\System32\Drivers\etc\hosts
O1 - Hosts: For Windows 7
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 lm.licenses.adobe.com
O1 - Hosts: 127.0.0.1 na2m-pr.licenses.adobe.com
O1 - Hosts: 127.0.0.1 adobe.tt.omtrdc.net
O1 - Hosts: 127.0.0.1 products.adobe.com
O1 - Hosts: 127.0.0.1 hl2rcv.adobe.com
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 15073 more lines...
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {0E1230F8-EA50-42A9-983C-D22ABC2EED3B} - No CLSID value found.
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (IePasswordManagerHelper Class) - {BF468356-BB7E-42D7-9F15-4F3B9BCFCED2} - C:\Program Files\Lenovo\Password Manager\tvtpwm_ie_com.dll (Lenovo Group Limited)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (DataVault Bar) - {0D792CB2-2654-4E99-A597-7FC317F04D61} - C:\Program Files\DataVault\ie.dll ()
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (DataVault Bar) - {0D792CB2-2654-4E99-A597-7FC317F04D61} - C:\Program Files\DataVault\ie.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AcWin7Hlpr] C:\Program Files\Lenovo\Access Connections\AcTBenabler.exe (Lenovo)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IaNvSrv] C:\Program Files\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe (Intel Corporation)
O4 - HKLM..\Run: [PasswordManager] C:\Program Files\Lenovo\Password Manager\password_manager.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [PDService.exe] C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe (Utimaco Safeware AG)
O4 - HKLM..\Run: [PSQLLauncher] C:\Program Files\ThinkVantage Fingerprint Software\launcher.exe (Authentec Inc.)
O4 - HKLM..\Run: [PWMTRV] C:\Program Files\ThinkPad\Utilities\PWMTR32V.DLL (Lenovo Group Limited)
O4 - HKLM..\Run: [RoxWatchTray] c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe (Sonic Solutions)
O4 - HKLM..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\LVOSDSVC.exe (Lenovo Group Limited)
O4 - HKCU..\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - Startup: C:\Users\CHINABOY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\CHINABOY\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Save to DataVault - C:\Program Files\DataVault [2012/03/10 10:12:25 | 000,000,000 | ---D | M]
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm File not found
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm File not found
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm File not found
O9 - Extra 'Tools' menuitem : @C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm File not found
O9 - Extra 'Tools' menuitem : Lenovo Password Manager... - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - C:\Program Files\Lenovo\Password Manager\tvtpwm_ie_com.dll (Lenovo Group Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: arise.com ([ns] https in Trusted sites)
O15 - HKCU\..Trusted Domains: west.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: westathome.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: westathome.net ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: workathomeagent.net ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: x10.com ([gate] http in Trusted sites)
O15 - HKCU\..Trusted Domains: x10.com ([multiview] http in Trusted sites)
O15 - HKCU\..Trusted Domains: x10.com ([myhouse] http in Trusted sites)
O16 - DPF: {001000AF-2DEF-0200-10B6-DC5BA692C858}
http://control.x10.com/vidnx.cab (Vidnc Class)
O16 - DPF: {001000AF-2DEF-0202-10B6-DC5BA692C858}
http://www.x10.com/s.../X10NetTest.cab (X10NetTest Class)
O16 - DPF: {001000AF-2DEF-0206-10B6-DC5BA692C858}
http://gate.x10.com/control/xvidnx.cab (Xvidnc Class)
O16 - DPF: {001000AF-2DEF-0209-10B6-DC5BA692C858}
http://site.x10.com/cabs/antx.cab (Antx Class)
O16 - DPF: {106E49CF-797A-11D2-81A2-00E02C015623}
http://www.alternati...x-w32-2.0.2.cab (AlternaTIFF ActiveX)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967}
http://dlm.tools.aka...vex-2.2.5.7.cab (DLM Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 10.9.2)
O16 - DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_09)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 10.9.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F}
https://ns.arise.com...SetupClient.cab (JuniperSetupClientControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{97CD6EBD-E1AC-45BA-863E-8B4BD4E93825}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\intu-help-qb2 {84D77A00-41B5-4b8b-8ADF-86486D72E749} - C:\Program Files\Intuit\QuickBooks 2009\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\WINDOWS\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - Winlogon\Notify\psfus: DllName - (C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll) - C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (Authentec Inc.)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O24 - Desktop WallPaper: C:\SWTOOLS\Wallpaper\BlueMap1680X1050.jpg
O24 - Desktop BackupWallPaper: C:\SWTOOLS\Wallpaper\BlueMap1680X1050.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009/06/18 16:12:18 | 000,000,088 | ---- | M] () - G:\autorun.inf -- [ UDF1.50 ]
O33 - MountPoints2\{a100c16c-8ca0-11e0-9d9a-028037ec0200}\Shell - "" = AutoRun
O33 - MountPoints2\{a100c16c-8ca0-11e0-9d9a-028037ec0200}\Shell\AutoRun\command - "" = G:\WD SmartWare.exe -- [2009/10/14 16:28:45 | 003,271,968 | ---- | M] (Western Digital)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\WINDOWS\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
NetSvcs: wlidsvc - C:\Windows\System32\wlidsvc.dll (Microsoft Corporation)
NetSvcs: SystemEventsBroker - C:\Windows\System32\SystemEventsBrokerServer.dll (Microsoft Corporation)
NetSvcs: DsmSvc - C:\Windows\System32\DeviceSetupManager.dll (Microsoft Corporation)
NetSvcs: NcaSvc - C:\Windows\System32\NcaSvc.dll (Microsoft Corporation)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ========== [2013/01/01 11:19:42 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\CHINABOY\Desktop\OTL.exe
[2013/01/01 10:00:40 | 000,000,000 | ---D | C] -- C:\Users\CHINABOY\AppData\Roaming\VS Revo Group
[2013/01/01 08:58:05 | 000,940,544 | ---- | C] (Apache Software Foundation) -- C:\Users\CHINABOY\AppData\Local\log4cxx.dll
[2013/01/01 08:34:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2013/01/01 08:19:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\BuzzSocialPointsChecker
[2013/01/01 08:17:24 | 000,000,000 | ---D | C] -- C:\Users\CHINABOY\AppData\Local\SwvUpdater
[2013/01/01 08:16:47 | 000,000,000 | ---D | C] -- C:\Users\CHINABOY\AppData\Local\CRE
[2013/01/01 07:43:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SPBA
[2012/12/31 22:09:11 | 000,000,000 | ---D | C] -- C:\Users\CHINABOY\AppData\Roaming\Serif
[2012/12/31 21:57:48 | 000,695,648 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012/12/31 21:57:48 | 000,080,736 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012/12/31 21:46:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2012/12/31 21:42:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serif Applications
[2012/12/31 21:38:44 | 000,000,000 | ---D | C] -- C:\Program Files\Serif
[2012/12/31 16:19:18 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\synceng.dll
[2012/12/31 16:19:14 | 008,854,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\twinui.dll
[2012/12/31 16:17:59 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\pcadm.dll
[2012/12/31 16:17:59 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\pcalua.exe
[2012/12/31 16:17:59 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\pcaevts.dll
[2012/12/31 16:17:56 | 003,401,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\win32k.sys
[2012/12/31 16:17:54 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnet.dll
[2012/12/31 16:17:54 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnathlp.dll
[2012/12/31 16:17:54 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnsvr.exe
[2012/12/31 16:17:54 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnhupnp.dll
[2012/12/31 16:17:54 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnhpast.dll
[2012/12/31 16:17:54 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnlobby.dll
[2012/12/31 16:17:54 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnaddr.dll
[2012/12/31 16:17:44 | 002,400,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msmpeg2vdec.dll
[2012/12/31 16:09:38 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\poqexec.exe
[2012/12/31 16:08:44 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ReAgentc.exe
[2012/12/31 16:07:42 | 000,300,032 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\atmfd.dll
[2012/12/31 16:07:41 | 000,035,328 | ---- | C] (Adobe Systems) -- C:\WINDOWS\System32\atmlib.dll
[2012/12/31 16:07:33 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dciman32.dll
[2012/12/31 16:07:31 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fontsub.dll
[2012/12/31 16:06:58 | 002,881,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\jscript9.dll
[2012/12/31 16:06:54 | 000,493,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeeds.dll
[2012/12/31 16:06:53 | 002,706,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshtml.tlb
[2012/12/31 16:06:53 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iesysprep.dll
[2012/12/31 16:06:53 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iesetup.dll
[2012/12/31 16:06:53 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\UXInit.dll
[2012/12/31 16:06:53 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ie4uinit.exe
[2012/12/31 16:06:53 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\jsproxy.dll
[2012/12/31 16:06:53 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iernonce.dll
[2012/12/31 16:06:45 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tzres.dll
[2012/12/31 16:06:29 | 000,846,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reseteng.dll
[2012/12/31 16:06:29 | 000,733,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\resetengmig.dll
[2012/12/31 16:06:29 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ReAgent.dll
[2012/12/31 16:06:29 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sysreset.exe
[2012/12/30 19:07:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SitemapX
[2012/12/30 19:07:42 | 000,000,000 | ---D | C] -- C:\Program Files\SitemapX
[2012/12/30 08:29:22 | 000,000,000 | ---D | C] -- C:\OSFIXES
[2012/12/30 07:41:06 | 000,000,000 | ---D | C] -- C:\Users\CHINABOY\Desktop\PDF Samples
[2012/12/30 03:27:59 | 000,000,000 | ---D | C] -- C:\Windows.old
[2012/12/30 03:23:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eltima Software
[2012/12/30 03:23:37 | 000,000,000 | ---D | C] -- C:\Program Files\Eltima Software
[2012/12/30 01:50:35 | 000,000,000 | ---D | C] -- C:\Program Files\AuthenTec
[2012/12/30 01:38:49 | 000,000,000 | ---D | C] -- C:\Users\CHINABOY\AppData\Local\Packages
[2012/12/30 01:38:48 | 000,000,000 | ---D | C] -- C:\ProgramData\PRICache
[2012/12/30 01:16:04 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favorites
[2012/12/30 00:40:43 | 000,000,000 | --SD | C] -- C:\Users\CHINABOY\AppData\Roaming\Microsoft
[2012/12/30 00:40:43 | 000,000,000 | R--D | C] -- C:\Users\CHINABOY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2012/12/30 00:40:43 | 000,000,000 | R--D | C] -- C:\Users\CHINABOY\Favorites
[2012/12/30 00:40:43 | 000,000,000 | R--D | C] -- C:\Users\CHINABOY\Desktop
[2012/12/30 00:40:43 | 000,000,000 | R--D | C] -- C:\Users\CHINABOY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012/12/30 00:40:43 | 000,000,000 | R--D | C] -- C:\Users\CHINABOY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2012/12/30 00:40:43 | 000,000,000 | -HSD | C] -- C:\Users\CHINABOY\AppData\Local\Temporary Internet Files
[2012/12/30 00:40:43 | 000,000,000 | -HSD | C] -- C:\Users\CHINABOY\Templates
[2012/12/30 00:40:43 | 000,000,000 | -HSD | C] -- C:\Users\CHINABOY\Start Menu
[2012/12/30 00:40:43 | 000,000,000 | -HSD | C] -- C:\Users\CHINABOY\SendTo
[2012/12/30 00:40:43 | 000,000,000 | -HSD | C] -- C:\Users\CHINABOY\Recent
[2012/12/30 00:40:43 | 000,000,000 | -HSD | C] -- C:\Users\CHINABOY\PrintHood
[2012/12/30 00:40:43 | 000,000,000 | -HSD | C] -- C:\Users\CHINABOY\NetHood
[2012/12/30 00:40:43 | 000,000,000 | -HSD | C] -- C:\Users\CHINABOY\Documents\My Videos
[2012/12/30 00:40:43 | 000,000,000 | -HSD | C] -- C:\Users\CHINABOY\Documents\My Pictures
[2012/12/30 00:40:43 | 000,000,000 | -HSD | C] -- C:\Users\CHINABOY\Documents\My Music
[2012/12/30 00:40:43 | 000,000,000 | -HSD | C] -- C:\Users\CHINABOY\Local Settings
[2012/12/30 00:40:43 | 000,000,000 | -HSD | C] -- C:\Users\CHINABOY\AppData\Local\History
[2012/12/30 00:40:43 | 000,000,000 | -HSD | C] -- C:\Users\CHINABOY\Cookies
[2012/12/30 00:40:43 | 000,000,000 | -HSD | C] -- C:\Users\CHINABOY\Application Data
[2012/12/30 00:40:43 | 000,000,000 | -HSD | C] -- C:\Users\CHINABOY\AppData\Local\Application Data
[2012/12/30 00:40:43 | 000,000,000 | -H-D | C] -- C:\Users\CHINABOY\AppData
[2012/12/30 00:40:43 | 000,000,000 | ---D | C] -- C:\Users\CHINABOY\AppData\Local\Temp
[2012/12/30 00:40:43 | 000,000,000 | ---D | C] -- C:\Users\CHINABOY\AppData\Local\Microsoft
[2012/12/30 00:40:43 | 000,000,000 | ---D | C] -- C:\Users\CHINABOY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/12/30 00:38:30 | 000,000,000 | ---D | C] -- C:\Program Files\Protector Suite
[2012/12/30 00:37:35 | 000,000,000 | ---D | C] -- C:\Program Files\CONEXANT
[2012/12/30 00:37:15 | 000,446,464 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvuninst.exe
[2012/12/30 00:31:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2012/12/30 00:23:02 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2012/12/30 00:23:02 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2012/12/30 00:21:33 | 000,035,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\TsWpfWrp.exe
[2012/12/30 00:21:32 | 000,102,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\PresentationCFFRasterizerNative_v0300.dll
[2012/12/30 00:21:29 | 000,778,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\PresentationNative_v0300.dll
[2012/12/30 00:14:06 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2012/12/29 22:51:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\Panther
[2012/12/29 16:48:57 | 000,000,000 | RH-D | C] -- C:\ESD
[2012/12/26 07:04:45 | 000,000,000 | --SD | C] -- C:\ComboFix
[2012/12/24 09:05:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Z3X
[2012/12/24 08:29:03 | 000,000,000 | ---D | C] -- C:\Program Files\Z3X
[2012/12/21 18:29:32 | 000,000,000 | ---D | C] -- C:\Users\CHINABOY\Documents\NAA
[2012/12/21 00:21:32 | 000,000,000 | ---D | C] -- C:\android-sdk
[2012/12/20 08:18:32 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump
[2012/12/20 06:42:12 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\NativeFus_Log
[2012/12/20 06:41:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec
[2012/12/20 06:18:44 | 000,172,032 | ---- | C] (Musiccity Co.Ltd.) -- C:\WINDOWS\System32\muzapp.exe
[2012/12/19 08:11:13 | 000,000,000 | ---D | C] -- C:\Users\CHINABOY\Desktop\Keemo phone
[2012/12/08 03:08:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Antivirus
[2012/12/08 03:08:09 | 000,000,000 | ---D | C] -- C:\Users\CHINABOY\AppData\Roaming\LavasoftStatistics
[2012/12/08 03:01:05 | 000,044,424 | ---- | C] (GFI Software) -- C:\WINDOWS\System32\sbbd.exe
[2012/12/08 03:01:05 | 000,013,560 | ---- | C] (GFI Software) -- C:\WINDOWS\System32\drivers\gfibto.sys
[2012/12/08 03:00:45 | 000,000,000 | ---D | C] -- C:\ProgramData\blekko toolbars
[2012/12/08 03:00:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Browsing Protection
[2012/12/08 03:00:38 | 000,000,000 | ---D | C] -- C:\Program Files\adawaretb
[2012/12/08 03:00:35 | 000,000,000 | ---D | C] -- C:\Program Files\Toolbar Cleaner
[2012/12/08 02:59:45 | 000,000,000 | ---D | C] -- C:\Users\CHINABOY\AppData\Roaming\Ad-Aware Antivirus
[2012/12/07 03:33:02 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\CHINABOY\Desktop\tdsskiller.exe
[1 C:\Users\CHINABOY\Documents\*.tmp files -> C:\Users\CHINABOY\Documents\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2013/01/01 11:33:05 | 000,000,920 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3624466487-223628867-935231893-1003UA.job
[2013/01/01 11:22:00 | 000,000,890 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/01/01 11:19:42 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\CHINABOY\Desktop\OTL.exe
[2013/01/01 11:02:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/01/01 10:22:49 | 000,769,030 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/01/01 10:22:49 | 000,151,114 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/01/01 10:17:45 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/01/01 10:17:36 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/01/01 10:15:55 | 000,000,466 | ---- | M] () -- C:\WINDOWS\tasks\SystemToolsDailyTest.job
[2013/01/01 10:15:41 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013/01/01 10:15:27 | 2415,353,856 | -HS- | M] () -- C:\hiberfil.sys
[2013/01/01 09:43:45 | 000,000,000 | ---- | M] () -- C:\END
[2013/01/01 09:08:00 | 000,000,940 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-3624466487-223628867-935231893-1003UA.job
[2013/01/01 08:15:29 | 000,001,240 | ---- | M] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2013/01/01 08:14:20 | 000,000,218 | ---- | M] () -- C:\Users\CHINABOY\.recently-used.xbel
[2013/01/01 08:04:04 | 004,071,392 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/01/01 07:55:32 | 000,000,146 | ---- | M] () -- C:\WINDOWS\launchpw.cmd
[2013/01/01 07:55:05 | 000,000,412 | ---- | M] () -- C:\WINDOWS\Delpw32.cmd
[2012/12/31 21:52:39 | 000,169,378 | ---- | M] () -- C:\Users\Public\Documents\Explorer.dmp
[2012/12/31 21:52:39 | 000,000,000 | ---- | M] () -- C:\Users\Public\Documents\AccConnAdvanced.dat
[2012/12/31 18:55:22 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2012/12/31 18:08:00 | 000,000,918 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-3624466487-223628867-935231893-1003Core.job
[2012/12/31 16:45:27 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3624466487-223628867-935231893-1003Core.job
[2012/12/30 03:23:39 | 000,001,440 | ---- | M] () -- C:\Users\CHINABOY\Desktop\Flash Decompiler Trillix.lnk
[2012/12/30 01:38:41 | 000,000,660 | RHS- | M] () -- C:\Users\CHINABOY\ntuser.pol
[2012/12/30 01:15:29 | 000,034,293 | ---- | M] () -- C:\WINDOWS\diagwrn.xml
[2012/12/30 01:15:29 | 000,034,293 | ---- | M] () -- C:\WINDOWS\diagerr.xml
[2012/12/30 01:15:04 | 000,021,412 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2012/12/30 00:38:54 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_WwanUsbMp_01009.Wdf
[2012/12/30 00:38:36 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_User_tcwbf_01_09_00.Wdf
[2012/12/30 00:38:36 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_WinUSB_01009.Wdf
[2012/12/30 00:38:09 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_SynTP_01009.Wdf
[2012/12/29 23:16:03 | 000,010,928 | ---- | M] () -- C:\WINDOWS\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/12/29 23:16:03 | 000,010,928 | ---- | M] () -- C:\WINDOWS\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/12/29 22:58:01 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2012/12/28 14:16:30 | 005,581,543 | ---- | M] () -- C:\Users\CHINABOY\Documents\Sparkle_Contract.pdf
[2012/12/28 11:45:55 | 000,001,456 | -H-- | M] () -- C:\Users\CHINABOY\AppData\Local\Adobe Save for Web 13.0 Prefs
[2012/12/24 09:05:23 | 000,001,223 | ---- | M] () -- C:\Users\Public\Desktop\Samsung Tool.lnk
[2012/12/23 17:10:35 | 000,001,071 | ---- | M] () -- C:\Users\CHINABOY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2012/12/23 17:04:42 | 000,001,188 | ---- | M] () -- C:\WINDOWS\System32\ServiceConfig.xml
[2012/12/16 03:20:01 | 000,035,328 | ---- | M] (Adobe Systems) -- C:\WINDOWS\System32\atmlib.dll
[2012/12/16 02:57:09 | 000,300,032 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\atmfd.dll
[2012/12/08 03:01:04 | 000,044,424 | ---- | M] (GFI Software) -- C:\WINDOWS\System32\sbbd.exe
[2012/12/08 03:01:04 | 000,013,560 | ---- | M] (GFI Software) -- C:\WINDOWS\System32\drivers\gfibto.sys
[2012/12/07 03:33:24 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\CHINABOY\Desktop\tdsskiller.exe
[2012/12/07 03:24:31 | 000,000,528 | ---- | M] () -- C:\WINDOWS\tasks\PCDoctorBackgroundMonitorTask.job
[2012/12/05 09:01:22 | 000,000,064 | ---- | M] () -- C:\WINDOWS\System32\rp_stats.dat
[2012/12/05 09:01:22 | 000,000,044 | ---- | M] () -- C:\WINDOWS\System32\rp_rules.dat
[1 C:\Users\CHINABOY\Documents\*.tmp files -> C:\Users\CHINABOY\Documents\*.tmp -> ]
========== Files Created - No Company Name ========== [2013/01/01 08:58:05 | 000,196,608 | ---- | C] () -- C:\Users\CHINABOY\AppData\Local\common_functions.dll
[2013/01/01 08:16:04 | 000,000,000 | ---- | C] () -- C:\END
[2013/01/01 08:15:29 | 000,001,240 | ---- | C] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2013/01/01 08:14:20 | 000,000,218 | ---- | C] () -- C:\Users\CHINABOY\.recently-used.xbel
[2013/01/01 08:03:36 | 004,071,392 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/01/01 07:55:32 | 000,000,146 | ---- | C] () -- C:\WINDOWS\launchpw.cmd
[2013/01/01 07:55:05 | 000,000,412 | ---- | C] () -- C:\WINDOWS\Delpw32.cmd
[2012/12/31 21:52:39 | 000,000,000 | ---- | C] () -- C:\Users\Public\Documents\AccConnAdvanced.dat
[2012/12/31 21:52:38 | 000,169,378 | ---- | C] () -- C:\Users\Public\Documents\Explorer.dmp
[2012/12/31 21:46:26 | 000,002,473 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serif PagePlus X5.lnk
[2012/12/31 18:55:22 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2012/12/30 03:23:39 | 000,001,440 | ---- | C] () -- C:\Users\CHINABOY\Desktop\Flash Decompiler Trillix.lnk
[2012/12/30 01:40:18 | 000,001,440 | ---- | C] () -- C:\Users\CHINABOY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/12/30 01:38:41 | 000,000,660 | RHS- | C] () -- C:\Users\CHINABOY\ntuser.pol
[2012/12/30 00:43:59 | 000,034,293 | ---- | C] () -- C:\WINDOWS\diagwrn.xml
[2012/12/30 00:43:59 | 000,034,293 | ---- | C] () -- C:\WINDOWS\diagerr.xml
[2012/12/30 00:40:43 | 000,000,352 | ---- | C] () -- C:\Users\CHINABOY\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/12/30 00:40:43 | 000,000,334 | ---- | C] () -- C:\Users\CHINABOY\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2012/12/30 00:38:54 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_WwanUsbMp_01009.Wdf
[2012/12/30 00:38:36 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_User_tcwbf_01_09_00.Wdf
[2012/12/30 00:38:36 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_WinUSB_01009.Wdf
[2012/12/30 00:38:09 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_SynTP_01009.Wdf
[2012/12/30 00:29:54 | 268,435,456 | -HS- | C] () -- C:\swapfile.sys
[2012/12/28 14:16:30 | 005,581,543 | ---- | C] () -- C:\Users\CHINABOY\Documents\Sparkle_Contract.pdf
[2012/12/24 09:05:23 | 000,001,223 | ---- | C] () -- C:\Users\Public\Desktop\Samsung Tool.lnk
[2012/12/23 17:04:42 | 000,001,188 | ---- | C] () -- C:\WINDOWS\System32\ServiceConfig.xml
[2012/11/23 07:54:40 | 000,114,688 | ---- | C] () -- C:\Users\CHINABOY\AppData\Local\ie_runner_app.exe
[2012/11/22 18:58:48 | 000,001,041 | ---- | C] () -- C:\Users\CHINABOY\AppData\Roaming\vso_ts_preview.xml
[2012/11/12 12:28:29 | 000,001,456 | -H-- | C] () -- C:\Users\CHINABOY\AppData\Local\Adobe Save for Web 13.0 Prefs
[2012/10/27 10:00:29 | 000,000,132 | ---- | C] () -- C:\Users\CHINABOY\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2012/10/21 06:25:55 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2012/07/26 01:55:27 | 000,769,030 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2012/07/26 01:55:27 | 000,296,742 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2012/07/26 01:55:27 | 000,151,114 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2012/07/26 01:55:27 | 000,033,362 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2012/07/26 01:53:47 | 000,215,943 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2012/07/26 01:53:46 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\NOISE.DAT
[2012/07/26 01:03:55 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012/07/25 20:20:38 | 000,071,680 | ---- | C] () -- C:\WINDOWS\System32\BthpanContextHandler.dll
[2012/07/25 20:17:42 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\BWContextHandler.dll
[2012/07/25 19:48:53 | 000,083,968 | ---- | C] () -- C:\WINDOWS\System32\OEMLicense.dll
[2012/07/25 15:41:36 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2012/07/25 15:24:47 | 000,526,068 | ---- | C] () -- C:\WINDOWS\System32\staticurllist.bin
[2012/07/20 05:37:29 | 000,000,030 | ---- | C] () -- C:\WINDOWS\System32\brss01a.ini
[2012/07/20 05:37:21 | 000,000,578 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2012/07/20 05:37:21 | 000,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2012/07/20 05:35:30 | 000,000,228 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini
[2012/07/20 05:35:30 | 000,000,094 | ---- | C] () -- C:\WINDOWS\brpcfx.ini
[2012/07/20 05:35:30 | 000,000,050 | ---- | C] () -- C:\WINDOWS\System32\BRIDF04A.dat
[2012/07/20 05:29:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brdfxspd.dat
[2012/07/20 05:29:25 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\BrMuSNMP.dll
[2012/07/13 21:00:46 | 000,043,882 | ---- | C] () -- C:\WINDOWS\System32\srms.dat
[2012/06/11 20:51:28 | 000,000,132 | ---- | C] () -- C:\Users\CHINABOY\AppData\Roaming\Adobe GIF Format CS5 Prefs
[2012/06/02 15:25:24 | 000,008,192 | ---- | C] () -- C:\WINDOWS\System32\settings.dat
[2012/06/02 09:31:24 | 001,520,828 | ---- | C] () -- C:\WINDOWS\System32\WpcNBModel.bin
[2012/06/02 09:31:19 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2012/03/08 18:55:08 | 000,563,664 | -H-- | C] () -- C:\Users\CHINABOY\AppData\Local\wanancsp.dat
[2012/02/12 13:40:33 | 000,002,949 | ---- | C] () -- C:\Users\CHINABOY\.TransferManager.db
[2012/02/09 19:59:19 | 000,220,496 | ---- | C] () -- C:\WINDOWS\hpoins19.dat
[2012/02/09 19:59:19 | 000,013,898 | ---- | C] () -- C:\WINDOWS\hpomdl19.dat
[2012/02/09 11:47:24 | 000,034,336 | ---- | C] () -- C:\WINDOWS\Unwise.exe
[2012/02/04 00:28:13 | 000,000,000 | ---- | C] () -- C:\Users\CHINABOY\.gtk-bookmarks
[2012/01/26 09:40:35 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI
[2012/01/25 19:22:23 | 000,000,028 | ---- | C] () -- C:\WINDOWS\pdf995.ini
[2012/01/25 19:21:22 | 000,000,142 | ---- | C] () -- C:\WINDOWS\wpd99.drv
[2012/01/25 19:21:21 | 000,051,716 | ---- | C] () -- C:\WINDOWS\System32\pdf995mon.dll
[2011/12/29 07:13:48 | 000,007,611 | -H-- | C] () -- C:\Users\CHINABOY\AppData\Local\Resmon.ResmonCfg
[2011/12/14 22:19:10 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/12/14 22:19:09 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/12/14 22:19:09 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/12/14 22:19:09 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/12/14 22:19:09 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/11/29 16:38:18 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe
[2011/11/29 16:38:12 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2011/11/29 16:38:12 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2011/11/29 16:38:12 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2011/11/29 16:38:12 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2011/11/17 19:43:12 | 000,000,043 | ---- | C] () -- C:\WINDOWS\MezzmoMediaServer.INI
[2011/10/15 19:31:48 | 000,000,000 | -H-- | C] () -- C:\Users\CHINABOY\AppData\Local\{CB6F9CD2-4308-4154-B6C5-F3772D7D24AD}
[2011/07/22 14:19:20 | 000,036,575 | ---- | C] () -- C:\Users\CHINABOY\AppData\Roaming\Comma Separated Values (Windows).ADR
[2011/06/18 07:10:42 | 000,000,036 | ---- | C] () -- C:\WINDOWS\System32\f9t.dat
[2011/06/16 21:09:00 | 000,007,887 | ---- | C] () -- C:\Users\CHINABOY\AppData\Roaming\pcouffin.cat
[2011/06/16 21:09:00 | 000,001,144 | ---- | C] () -- C:\Users\CHINABOY\AppData\Roaming\pcouffin.inf
[2011/06/12 16:07:01 | 000,010,752 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2011/06/05 17:27:11 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2011/06/05 17:27:11 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
[2011/06/02 22:59:33 | 000,000,096 | -H-- | C] () -- C:\Users\CHINABOY\AppData\Local\fusioncache.dat
[2011/06/01 22:43:15 | 000,000,227 | ---- | C] () -- C:\ProgramData\tvt_userinfo.ini
[2011/06/01 18:12:41 | 000,000,090 | ---- | C] () -- C:\WINDOWS\QBChanUtil_Trigger.ini
[2011/06/01 17:58:20 | 000,000,120 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2011/05/30 18:36:44 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/05/30 17:46:46 | 000,013,312 | -H-- | C] () -- C:\Users\CHINABOY\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/30 15:26:00 | 000,014,344 | ---- | C] () -- C:\WINDOWS\System32\drivers\PuAcpi32.sys
[2011/05/30 15:07:15 | 000,035,265 | R--- | C] () -- C:\WINDOWS\ConnectionProfiles.dat
[2011/05/30 12:38:26 | 000,021,412 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
========== ZeroAccess Check ========== [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/07/25 22:19:59 | 017,559,552 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/07/25 22:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2012/07/25 22:20:13 | 000,354,304 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== Custom Scans ========== ========== Base Services ==========SRV - [2012/07/25 22:17:50 | 000,169,984 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\aelupsvc.dll -- (AeLookupSvc)
SRV - [2012/07/25 22:17:52 | 000,052,224 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\appinfo.dll -- (Appinfo)
SRV - [2012/07/25 22:20:42 | 000,071,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\alg.exe -- (ALG)
SRV - [2012/07/25 22:19:47 | 000,630,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\qmgr.dll -- (BITS)
SRV - [2012/07/25 22:18:01 | 000,473,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\BFE.DLL -- (BFE)
SRV - [2012/07/25 22:18:47 | 000,043,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\keyiso.dll -- (KeyIso)
SRV - [2012/07/25 22:18:26 | 000,394,240 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\es.dll -- (EventSystem)
SRV - [2012/07/25 22:18:02 | 000,105,472 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\browser.dll -- (Browser)
SRV - [2012/07/25 22:18:10 | 000,051,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\cryptsvc.dll -- (CryptSvc)
SRV - [2012/07/25 22:19:51 | 000,656,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\rpcss.dll -- (DcomLaunch)
SRV - [2012/07/25 22:18:18 | 000,270,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2012/07/25 22:18:20 | 000,160,768 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dnsrslvr.dll -- (Dnscache)
SRV - [2012/07/25 22:18:24 | 000,089,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\eapsvc.dll -- (EapHost)
SRV - [2012/07/25 22:18:34 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\hidserv.dll -- (hidserv)
SRV - [2012/07/25 22:18:44 | 000,392,192 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\ipnathlp.dll -- (SharedAccess)
SRV - [2012/07/25 22:18:44 | 000,370,176 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV - [2012/07/25 22:20:04 | 000,404,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\swprv.dll -- (swprv)
SRV - [2012/07/25 22:19:04 | 000,060,928 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\mmcss.dll -- (MMCSS)
SRV - [2012/07/25 22:19:22 | 000,199,680 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netman.dll -- (Netman)
SRV - [2012/07/25 22:19:22 | 000,364,032 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netprofmsvc.dll -- (netprofm)
SRV - [2012/07/25 22:19:24 | 000,286,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nlasvc.dll -- (NlaSvc)
SRV - [2012/07/25 23:17:16 | 000,018,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nsisvc.dll -- (nsi)
SRV - [2012/07/25 22:20:10 | 000,089,600 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\umpnpmgr.dll -- (PlugPlay)
SRV - [2012/07/25 22:20:58 | 000,496,640 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\spoolsv.exe -- (Spooler)
No service found with a name of ProtectedStorage
No service found with a name of EMDMgmt
SRV - [2012/07/25 22:19:48 | 000,087,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\rasauto.dll -- (RasAuto)
SRV - [2012/07/25 22:19:48 | 000,302,080 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\rasmans.dll -- (RasMan)
SRV - [2012/07/25 22:19:51 | 000,656,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\rpcss.dll -- (RpcSs)
SRV - [2012/07/25 22:19:53 | 000,020,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\seclogon.dll -- (seclogon)
SRV - [2012/07/25 23:17:16 | 000,023,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lsass.exe -- (SamSs)
SRV - [2012/07/25 22:20:38 | 000,077,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wscsvc.dll -- (wscsvc)
SRV - [2012/07/25 22:20:03 | 000,242,176 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\srvsvc.dll -- (LanmanServer)
SRV - [2012/07/25 22:19:59 | 000,506,368 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV - [2012/07/25 22:19:52 | 000,942,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\schedsvc.dll -- (Schedule)
SRV - [2012/07/25 22:20:06 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\tapisrv.dll -- (TapiSrv)
SRV - [2012/07/25 22:20:06 | 000,033,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2012/07/25 22:19:45 | 000,170,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\profsvc.dll -- (ProfSvc)
SRV - [2012/07/25 22:21:00 | 001,150,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\VSSVC.exe -- (VSS)
SRV - [2012/07/25 22:17:58 | 000,596,992 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\audiosrv.dll -- (Audiosrv)
SRV - [2012/07/25 22:17:58 | 000,136,704 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV - [2012/07/25 22:19:53 | 000,121,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sdrsvc.dll -- (SDRSVC)
SRV - [2012/07/25 22:30:33 | 000,013,864 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2012/07/25 22:20:18 | 001,372,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wevtsvc.dll -- (EventLog)
SRV - [2012/07/25 22:19:05 | 000,699,392 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\MPSSVC.dll -- (MpsSvc)
SRV - [2012/07/25 22:20:19 | 000,472,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wiaservc.dll -- (StiSvc)
SRV - [2012/07/25 22:20:50 | 000,062,976 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\msiexec.exe -- (msiserver)
SRV - [2012/07/25 22:20:32 | 000,166,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wbem\WMIsvc.dll -- (winmgmt)
SRV - [2012/07/25 22:20:40 | 002,704,896 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\wuaueng.dll -- (wuauserv)
SRV - [2012/07/25 22:18:21 | 000,211,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\dot3svc.dll -- (dot3svc)
SRV - [2012/07/25 22:20:30 | 001,203,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wlansvc.dll -- (WlanSvc)
SRV - [2012/07/25 22:20:28 | 000,143,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wkssvc.dll -- (LanmanWorkstation)
< %SYSTEMDRIVE%\*.exe > < MD5 for: EXPLORER.EXE >[2011/02/26 00:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009/07/13 20:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011/02/26 00:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009/10/31 00:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011/02/26 00:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010/11/20 07:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2012/07/25 22:50:01 | 002,114,936 | ---- | M] (Microsoft Corporation) MD5=5B6ED1B57DBFF18D405A0260559B571E -- C:\Windows\explorer.exe
[2012/07/25 22:50:01 | 002,114,936 | ---- | M] (Microsoft Corporation) MD5=5B6ED1B57DBFF18D405A0260559B571E -- C:\Windows\WinSxS\x86_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16384_none_4e5fb2f34b233380\explorer.exe
[2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows.old\Windows\explorer.exe
[2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\ERDNT\cache\explorer.exe
[2009/08/03 00:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009/08/03 00:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009/10/31 01:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
< MD5 for: SERVICES >[2006/09/18 16:41:30 | 000,017,244 | ---- | M] () MD5=9F534244B7F8F55D5C0BB498D8D481E7 -- C:\$INPLACE.~TR\Machine\DATA\Windows\System32\drivers\etc\services
[2012/07/25 23:17:20 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\$WINDOWS.~BT\Windows\System32\Drivers\etc\services
[2012/07/25 23:17:16 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\$WINDOWS.~BT\Windows\WinSxS\x86_microsoft-windows-w..ucture-other-minwin_31bf3856ad364e35_6.2.9200.16384_none_31eaa9573678b6f3\services
[2009/06/10 16:39:37 | 000,017,463 | R--- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows.old\Windows\System32\drivers\etc\services
[2009/06/10 16:39:37 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_045b589158ae90da\services
[2012/07/25 23:17:20 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\System32\Drivers\etc\services
[2012/07/25 23:17:16 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\WinSxS\x86_microsoft-windows-w..ucture-other-minwin_31bf3856ad364e35_6.2.9200.16384_none_31eaa9573678b6f3\services
< MD5 for: SERVICES.AIP >[2012/03/29 19:35:50 | 000,375,952 | ---- | M] (Adobe Systems Incorporated) MD5=5965DFD83E10938A579952EB58C10298 -- C:\Program Files\Adobe\Adobe Illustrator CS6\Plug-ins\Extensions\Services.aip
< MD5 for: SERVICES.ASFX >[2012/09/23 20:44:02 | 000,002,648 | ---- | M] () MD5=0865ABFC40AE2C730EF33F0E29C2C780 -- C:\Program Files\Adobe\Reader 11.0\Reader\Locale\ro_RO\Services\Services.asfx
[2012/09/23 20:43:52 | 000,002,588 | ---- | M] () MD5=0D18AE3100D7B9D49DCB1CE1EABA21F7 -- C:\Program Files\Adobe\Reader 11.0\Reader\Locale\pt_BR\Services\Services.asfx
[2012/09/23 20:43:44 | 000,002,677 | ---- | M] () MD5=22FEEF662B7E813F8547E1446EBC706B -- C:\Program Files\Adobe\Reader 11.0\Reader\Locale\de_DE\Services\Services.asfx
[2012/09/23 20:43:54 | 000,002,619 | ---- | M] () MD5=2468CEF75419234DCA72F892392DFB6C -- C:\Program Files\Adobe\Reader 11.0\Reader\Locale\cs_CZ\Services\Services.asfx
[2012/09/23 20:43:50 | 000,002,525 | ---- | M] () MD5=34EB1E120DAE2C8346BA3747D562355B -- C:\Program Files\Adobe\Reader 11.0\Reader\Locale\da_DK\Services\Services.asfx
[2012/09/23 20:43:44 | 000,002,851 | ---- | M] () MD5=364469E5C8724EB95F2E142438C8CECF -- C:\Program Files\Adobe\Reader 11.0\Reader\Locale\ja_JP\Services\Services.asfx
[2012/09/23 20:43:48 | 000,002,556 | ---- | M] () MD5=3BE849A0D8DEEF6E14BEC19D565A965D -- C:\Program Files\Adobe\Reader 11.0\Reader\Locale\sv_SE\Services\Services.asfx
[2012/09/23 20:43:50 | 000,002,577 | ---- | M] () MD5=4160D76537EB300F681419BEA7589192 -- C:\Program Files\Adobe\Reader 11.0\Reader\Locale\fi_FI\Services\Services.asfx
[2012/09/23 20:43:58 | 000,002,601 | ---- | M] () MD5=4E7A75C5564D7E08200E3B7F656BF227 -- C:\Program Files\Adobe\Reader 11.0\Reader\Locale\tr_TR\Services\Services.asfx
[2012/09/23 20:43:56 | 000,002,760 | ---- | M] () MD5=69BCCC8BA799AD320C723B14DAE327EB -- C:\Program Files\Adobe\Reader 11.0\Reader\Locale\hu_HU\Services\Services.asfx
[2012/09/23 20:44:02 | 000,003,264 | ---- | M] () MD5=6A3669AC3D692776A76DB4C513B73718 -- C:\Program Files\Adobe\Reader 11.0\Reader\Locale\uk_UA\Services\Services.asfx
[2012/09/23 20:44:06 | 000,002,497 | ---- | M] () MD5=6ECF361623A3B738642C61790DF3BF73 -- C:\Program Files\Adobe\Reader 11.0\Reader\Locale\eu_ES\Services\Services.asfx
[2012/09/23 20:43:46 | 000,002,533 | ---- | M] () MD5=72E505C96C0A40BE1DFD0F5FB982F527 -- C:\Program Files\Adobe\Reader 11.0\Reader\Locale\it_IT\Services\Services.asfx
[2012/09/23 20:43:58 | 000,003,374 | ---- | M] () MD5=7DE29C93BAEEB470EE77CF5C1B1C03A1 -- C:\Program Files\Adobe\Reader 11.0\Reader\Locale\ru_RU\Services\Services.asfx
[2012/07/27 15:51:52 | 000,002,626 | ---- | M] () MD5=8073B18DC740B965256CE0957E363AC5 -- C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Locale\fr_FR\Services\Services.asfx
[2012/09/23 20:43:52 | 000,002,653 | ---- | M] () MD5=881E2DDB014FD5D09B84AA45F2E86077 -- C:\Program Files\Adobe\Reader 11.0\Reader\Locale\ko_KR\Services\Services.asfx
[2012/09/23 20:43:48 | 000,002,628 | ---- | M] () MD5=8A84C89E1D2A0916D4464D5AD46FB8AC -- C:\Program Files\Adobe\Reader 11.0\Reader\Locale\nl_NL\Services\Services.asfx
[2012/09/23 20:44:02 | 000,002,539 | ---- | M] () MD5=8DEA878E25C893461D45C8974160B559 -- C:\Program Files\Adobe\Reader 11.0\Reader\Locale\sl_SI\Services\Services.asfx
[2012/09/23 20:43:42 | 000,002,616 | ---- | M] () MD5=939A97CCEC5E78C7D41262B21158D749 -- C:\Program Files\Adobe\Reader 11.0\Reader\Locale\fr_FR\Services\Services.asfx
[2012/09/23 20:44:00 | 000,002,516 | ---- | M] () MD5=9B850C525959D9F53CD576DEF11F6ED4 -- C:\Program Files\Adobe\Reader 11.0\Reader\Locale\hr_HR\Services\Services.asfx
[2012/09/23 20:44:04 | 000,002,640 | ---- | M] () MD5=A86B5BD2B198C0870542D6478C3CC6BC -- C:\Program Files\Adobe\Reader 11.0\Reader\Locale\sk_SK\Services\Services.asfx
[2012/09/23 20:43:50 | 000,002,493 | ---- | M] () MD5=A8C9725DBFAA9DB585F9691060B1FFA3 -- C:\Program Files\Adobe\Reader 11.0\Reader\Locale\nb_NO\Services\Services.asfx
[2012/07/27 15:51:54 | 000,002,655 | ---- | M] () MD5=ABFBB9D0398492D849690C344C1316BB -- C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Locale\de_DE\Services\Services.asfx
[2012/09/23 20:43:54 | 000,002,488 | ---- | M] () MD5=B1468F053A250799FCE421BEC8AA9A57 -- C:\Program Files\Adobe\Reader 11.0\Reader\Locale\zh_TW\Services\Services.asfx
[2012/09/23 20:43:54 | 000,002,457 | ---- | M] () MD5=BE0958E015FED942FAD670540F2BCEC1 -- C:\Program Files\Adobe\Reader 11.0\Reader\Locale\zh_CN\Services\Services.asfx
[2012/09/23 20:44:04 | 000,002,543 | ---- | M] () MD5=C2EDC3B5BB19B6F41226433A889EFE48 -- C:\Program Files\Adobe\Reader 11.0\Reader\Locale\ca_ES\Services\Services.asfx
[2012/09/23 20:43:56 | 000,002,543 | ---- | M] () MD5=C66A95C06294259E63522BBB0E8B3ED8 -- C:\Program Files\Adobe\Reader 11.0\Reader\Locale\pl_PL\Services\Services.asfx
[2012/09/23 20:43:46 | 000,002,546 | ---- | M] () MD5=DE20C36CDD3208B4E8544397E551C40B -- C:\Program Files\Adobe\Reader 11.0\Reader\Locale\es_ES\Services\Services.asfx
< MD5 for: SERVICES.CFG >[2012/07/27 15:51:52 | 000,586,083 | ---- | M] () MD5=6DE4EA437EC1FE6DB27CADB0A7EA8DC2 -- C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Services\Services.cfg
[2012/09/23 20:43:36 | 000,603,848 | ---- | M] () MD5=81B120EAEE296F0E54F66C16C5A21367 -- C:\Program Files\Adobe\Reader 11.0\Reader\Services\Services.cfg
< MD5 for: SERVICES.CFSERVICE.JAR >[2012/03/16 02:33:04 | 000,142,226 | ---- | M] () MD5=18D9FCB12CE658BA4D24D8DC2D641BA6 -- C:\Program Files\Adobe\Adobe Flash Builder 4.6\eclipse\plugins\com.adobe.flexbuilder.services.CFService_4.6.1.335153\services.CFService.jar
< MD5 for: SERVICES.CSS >[2005/06/29 13:48:58 | 000,014,339 | ---- | M] () MD5=9D415BDEF74ADF7B0CD791E40A911A38 -- C:\Program Files\Intuit\QuickBooks 2009\Components\Services\services.css
[2011/10/18 22:04:44 | 000,000,093 | ---- | M] () MD5=F15FB82C578490B209442B8C1D5076CC -- C:\ProgramData\Intuit\Quicken\Inet\Common\Localweb\Services\Services.css
[2011/10/18 22:04:44 | 000,000,093 | ---- | M] () MD5=F15FB82C578490B209442B8C1D5076CC -- C:\Users\All Users\Intuit\Quicken\Inet\Common\Localweb\Services\Services.css
[2011/10/18 22:04:44 | 000,000,093 | ---- | M] () MD5=F15FB82C578490B209442B8C1D5076CC -- C:\Windows.old\Documents and Settings\All Users\Intuit\Quicken\Inet\Common\Localweb\Services\Services.css
[2011/10/18 22:04:44 | 000,000,093 | ---- | M] () MD5=F15FB82C578490B209442B8C1D5076CC -- C:\Windows.old\ProgramData\Application Data\Intuit\Quicken\Inet\Common\Localweb\Services\Services.css
[2011/10/18 22:04:44 | 000,000,093 | ---- | M] () MD5=F15FB82C578490B209442B8C1D5076CC -- C:\Windows.old\Users\All Users\Intuit\Quicken\Inet\Common\Localweb\Services\Services.css
< MD5 for: SERVICES.DLL >[2007/06/15 04:42:34 | 000,020,480 | ---- | M] ( ) MD5=17AD4A8A51AECE2EC20D8CF7994BC9F4 -- C:\Program Files\Common Files\Lenovo\InvAgent\local\collect\services.dll
[2012/11/13 18:38:36 | 000,008,704 | ---- | M] () MD5=E41D70348B1B51C0C76B617EA572B105 -- C:\Program Files\Lenovo\System Update\egather\local\collect\services.dll
< MD5 for: SERVICES.DLL.CONFIG >[2012/11/01 18:05:50 | 000,000,305 | ---- | M] () MD5=126EB374FFE77DAA27113E5AD6307C0B -- C:\Program Files\Lenovo\System Update\egather\local\collect\services.dll.config
< MD5 for: SERVICES.EXE >[2012/07/25 23:17:18 | 000,333,312 | ---- | M] (Microsoft Corporation) MD5=575FB4211BB07DB7D2179B1B05FE7EFD -- C:\$WINDOWS.~BT\Windows\System32\services.exe
[2012/07/25 23:17:18 | 000,333,312 | ---- | M] (Microsoft Corporation) MD5=575FB4211BB07DB7D2179B1B05FE7EFD -- C:\$WINDOWS.~BT\Windows\WinSxS\x86_microsoft-windows-s..cecontroller-minwin_31bf3856ad364e35_6.2.9200.16384_none_3bc3d14fce0a0436\services.exe
[2012/07/25 23:17:18 | 000,333,312 | ---- | M] (Microsoft Corporation) MD5=575FB4211BB07DB7D2179B1B05FE7EFD -- C:\Windows\System32\services.exe
[2012/07/25 23:17:18 | 000,333,312 | ---- | M] (Microsoft Corporation) MD5=575FB4211BB07DB7D2179B1B05FE7EFD -- C:\Windows\WinSxS\x86_microsoft-windows-s..cecontroller-minwin_31bf3856ad364e35_6.2.9200.16384_none_3bc3d14fce0a0436\services.exe
[2009/07/13 20:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows.old\Windows\System32\services.exe
[2009/07/13 20:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe
[2009/07/13 20:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\ERDNT\cache\services.exe
< MD5 for: SERVICES.EXE.MUI >[2009/07/13 21:03:06 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=0DA5F221169DEB5AC3A22465CD6F0281 -- C:\Windows.old\Windows\System32\en-US\services.exe.mui
[2009/07/13 21:03:06 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=0DA5F221169DEB5AC3A22465CD6F0281 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_en-us_69d39d3a8748c332\services.exe.mui
[2012/07/26 00:12:24 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=8BCB19134E995FA62587DCE26E13B36C -- C:\$WINDOWS.~BT\Windows\System32\en-US\services.exe.mui
[2012/07/26 00:12:24 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=8BCB19134E995FA62587DCE26E13B36C -- C:\$WINDOWS.~BT\Windows\WinSxS\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.2.9200.16384_en-us_66a852f7f75bf282\services.exe.mui
[2012/07/26 01:46:01 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=8BCB19134E995FA62587DCE26E13B36C -- C:\Windows\System32\en-US\services.exe.mui
[2012/07/26 01:46:01 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=8BCB19134E995FA62587DCE26E13B36C -- C:\Windows\WinSxS\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.2.9200.16384_en-us_66a852f7f75bf282\services.exe.mui
< MD5 for: SERVICES.HTML >[2010/11/24 23:00:00 | 000,004,861 | ---- | M] () MD5=DC8FE975A43E35EB80E5862AFD6639E4 -- C:\xampp\htdocs\KLM\services.html
< MD5 for: SERVICES.INI >[2011/10/18 22:04:44 | 000,000,012 | ---- | M] () MD5=810C4D394B59FF7116A0CD6052286C41 -- C:\ProgramData\Intuit\Quicken\Inet\Common\Localweb\Services\Services.ini
[2011/10/18 22:04:44 | 000,000,012 | ---- | M] () MD5=810C4D394B59FF7116A0CD6052286C41 -- C:\Users\All Users\Intuit\Quicken\Inet\Common\Localweb\Services\Services.ini
[2011/10/18 22:04:44 | 000,000,012 | ---- | M] () MD5=810C4D394B59FF7116A0CD6052286C41 -- C:\Windows.old\Documents and Settings\All Users\Intuit\Quicken\Inet\Common\Localweb\Services\Services.ini
[2011/10/18 22:04:44 | 000,000,012 | ---- | M] () MD5=810C4D394B59FF7116A0CD6052286C41 -- C:\Windows.old\ProgramData\Application Data\Intuit\Quicken\Inet\Common\Localweb\Services\Services.ini
[2011/10/18 22:04:44 | 000,000,012 | ---- | M] () MD5=810C4D394B59FF7116A0CD6052286C41 -- C:\Windows.old\Users\All Users\Intuit\Quicken\Inet\Common\Localweb\Services\Services.ini
< MD5 for: SERVICES.JS >[2012/07/26 01:52:29 | 000,056,775 | ---- | M] () MD5=33C1E65B760A9589F6DE37F64941E449 -- C:\Program Files\WindowsApps\Microsoft.BingFinance_1.2.0.135_x86__8wekyb3d8bbwe\platform\js\services.js
[2012/07/26 01:52:15 | 000,056,775 | ---- | M] () MD5=33C1E65B760A9589F6DE37F64941E449 -- C:\Program Files\WindowsApps\Microsoft.BingNews_1.2.0.135_x86__8wekyb3d8bbwe\platform\js\services.js
[2012/07/26 01:52:09 | 000,056,775 | ---- | M] () MD5=33C1E65B760A9589F6DE37F64941E449 -- C:\Program Files\WindowsApps\Microsoft.BingSports_1.2.0.135_x86__8wekyb3d8bbwe\platform\js\services.js
[2012/07/26 01:53:00 | 000,056,775 | ---- | M] () MD5=33C1E65B760A9589F6DE37F64941E449 -- C:\Program Files\WindowsApps\Microsoft.BingTravel_1.2.0.145_x86__8wekyb3d8bbwe\platform\js\services.js
[2012/07/26 01:52:18 | 000,056,775 | ---- | M] () MD5=33C1E65B760A9589F6DE37F64941E449 -- C:\Program Files\WindowsApps\Microsoft.BingWeather_1.2.0.135_x86__8wekyb3d8bbwe\platform\js\services.js
< MD5 for: SERVICES.LNK >[2009/07/13 23:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Windows.old\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2012/07/25 15:22:12 | 000,001,158 | ---- | M] () MD5=5C11B0E362D426FD6E99B07705BA4A48 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2012/07/25 15:22:12 | 000,001,158 | ---- | M] () MD5=5C11B0E362D426FD6E99B07705BA4A48 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2012/07/25 15:22:12 | 000,001,158 | ---- | M] () MD5=5C11B0E362D426FD6E99B07705BA4A48 -- C:\Windows.old\Documents and Settings\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2012/07/25 15:22:12 | 000,001,158 | ---- | M] () MD5=5C11B0E362D426FD6E99B07705BA4A48 -- C:\Windows.old\ProgramData\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2012/07/25 15:22:12 | 000,001,158 | ---- | M] () MD5=5C11B0E362D426FD6E99B07705BA4A48 -- C:\Windows.old\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2012/07/25 15:22:12 | 000,001,158 | ---- | M] () MD5=5C11B0E362D426FD6E99B07705BA4A48 -- C:\Windows\WinSxS\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.2.9200.16384_none_cc0eee851721a9a4\services.lnk
< MD5 for: SERVICES.LOG >[2012/02/09 20:37:46 | 000,079,213 | ---- | M] () MD5=5EC588D8ABB99832A48450EA2F7B30C8 -- C:\ProgramData\HP\Installer\Temp\services.log
[2012/02/09 20:37:46 | 000,079,213 | ---- | M] () MD5=5EC588D8ABB99832A48450EA2F7B30C8 -- C:\Users\All Users\HP\Installer\Temp\services.log
[2012/02/09 20:37:46 | 000,079,213 | ---- | M] () MD5=5EC588D8ABB99832A48450EA2F7B30C8 -- C:\Windows.old\Documents and Settings\All Users\HP\Installer\Temp\services.log
[2012/02/09 20:37:46 | 000,079,213 | ---- | M] () MD5=5EC588D8ABB99832A48450EA2F7B30C8 -- C:\Windows.old\ProgramData\Application Data\HP\Installer\Temp\services.log
[2012/02/09 20:37:46 | 000,079,213 | ---- | M] () MD5=5EC588D8ABB99832A48450EA2F7B30C8 -- C:\Windows.old\Users\All Users\HP\Installer\Temp\services.log
< MD5 for: SERVICES.MOF >[2012/07/26 00:10:16 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\$WINDOWS.~BT\Windows\System32\wbem\services.mof
[2012/07/26 00:10:16 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\$WINDOWS.~BT\Windows\WinSxS\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.2.9200.16384_none_cc0acc489eafc5cb\services.mof
[2009/06/10 16:26:14 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows.old\Windows\System32\wbem\services.mof
[2009/06/10 16:26:14 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.mof
[2012/06/02 09:33:56 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\System32\wbem\services.mof
[2012/06/02 09:33:56 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\WinSxS\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.2.9200.16384_none_cc0acc489eafc5cb\services.mof
< MD5 for: SERVICES.MSC >[2012/07/26 01:46:30 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\System32\en-US\services.msc
[2012/06/02 09:31:13 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\System32\services.msc
[2012/07/26 01:46:30 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\WinSxS\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.2.9200.16384_en-us_a0ea22e3cdc58c75\services.msc
[2012/06/02 09:31:13 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\WinSxS\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.2.9200.16384_none_cc0eee851721a9a4\services.msc
[2009/07/13 21:08:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows.old\Windows\System32\en-US\services.msc
[2009/06/10 16:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows.old\Windows\System32\services.msc
[2009/07/13 21:08:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_a4156d265db25d25\services.msc
[2009/06/10 16:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_cf3a38c7a70e7a54\services.msc
< MD5 for: SERVICES.PHPSERVICE.JAR >[2012/03/16 02:33:06 | 000,149,053 | ---- | M] () MD5=EDDA59974541208844A9FE430268D469 -- C:\Program Files\Adobe\Adobe Flash Builder 4.6\eclipse\plugins\com.adobe.flexbuilder.services.PHPService_4.6.1.335153\services.PHPService.jar
< MD5 for: SERVICES.PTXML >[2012/07/26 00:10:16 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\$WINDOWS.~BT\Windows\System32\wdi\perftrack\Services.ptxml
[2012/07/26 00:10:16 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\$WINDOWS.~BT\Windows\WinSxS\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.2.9200.16384_none_cc0acc489eafc5cb\Services.ptxml
[2009/07/13 15:20:01 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows.old\Windows\System32\wdi\perftrack\Services.ptxml
[2009/07/13 15:20:01 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\Services.ptxml
[2012/07/25 15:34:53 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\System32\wdi\perftrack\Services.ptxml
[2012/07/25 15:34:53 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\WinSxS\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.2.9200.16384_none_cc0acc489eafc5cb\Services.ptxml
< MD5 for: SERVICES.STATICCONTENTSERVICE.JAR >[2012/03/16 02:33:06 | 000,072,917 | ---- | M] () MD5=15E17BFD2088059A73A22119D0D1613A -- C:\Program Files\Adobe\Adobe Flash Builder 4.6\eclipse\plugins\com.adobe.flexbuilder.services.StaticContentService_4.6.1.335153\services.StaticContentService.jar
< MD5 for: SERVICES.WEBSERVICE.DERIVED.JAR >[2012/03/16 02:33:06 | 000,183,653 | ---- | M] () MD5=1BEE56EAF2A85F3662291392C8804E1E -- C:\Program Files\Adobe\Adobe Flash Builder 4.6\eclipse\plugins\com.adobe.flexbuilder.services.WEBService.derived_4.6.1.335153\services.WEBService.derived.jar
< MD5 for: SVCHOST.EXE >[2012/07/26 00:10:14 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=0A175AF8B65797BD22C11903A8BFEB2D -- C:\$WINDOWS.~BT\Windows\System32\svchost.exe
[2012/07/26 00:10:14 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=0A175AF8B65797BD22C11903A8BFEB2D -- C:\$WINDOWS.~BT\Windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.16384_none_b2666581d6b482a6\svchost.exe
[2012/07/25 22:20:58 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=0A175AF8B65797BD22C11903A8BFEB2D -- C:\Windows\System32\svchost.exe
[2012/07/25 22:20:58 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=0A175AF8B65797BD22C11903A8BFEB2D -- C:\Windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.16384_none_b2666581d6b482a6\svchost.exe
[2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows.old\Windows\System32\svchost.exe
[2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\ERDNT\cache\svchost.exe
< MD5 for: USERINIT.EXE >[2010/11/20 07:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows.old\Windows\System32\userinit.exe
[2010/11/20 07:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/20 07:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\ERDNT\cache\userinit.exe
[2009/07/13 20:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2012/07/26 00:10:14 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=9F6289D194A04A09671FEED4B6CB6EF7 -- C:\$WINDOWS.~BT\Windows\System32\userinit.exe
[2012/07/26 00:10:14 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=9F6289D194A04A09671FEED4B6CB6EF7 -- C:\$WINDOWS.~BT\Windows\WinSxS\x86_microsoft-windows-userinit_31bf3856ad364e35_6.2.9200.16384_none_d8d3c5f6a316bccc\userinit.exe
[2012/07/25 22:21:00 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=9F6289D194A04A09671FEED4B6CB6EF7 -- C:\Windows\System32\userinit.exe
[2012/07/25 22:21:00 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=9F6289D194A04A09671FEED4B6CB6EF7 -- C:\Windows\WinSxS\x86_microsoft-windows-userinit_31bf3856ad364e35_6.2.9200.16384_none_d8d3c5f6a316bccc\userinit.exe
< MD5 for: WINLOGON.EXE >[2009/10/28 01:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009/10/28 00:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010/11/20 07:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows.old\Windows\System32\winlogon.exe
[2010/11/20 07:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2010/11/20 07:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\ERDNT\cache\winlogon.exe
[2009/07/13 20:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
[2012/07/26 00:10:16 | 000,411,648 | ---- | M] (Microsoft Corporation) MD5=C06BA1F360CEF6AB51F41B3D0D5FE92D -- C:\$WINDOWS.~BT\Windows\System32\winlogon.exe
[2012/07/26 00:10:16 | 000,411,648 | ---- | M] (Microsoft Corporation) MD5=C06BA1F360CEF6AB51F41B3D0D5FE92D -- C:\$WINDOWS.~BT\Windows\WinSxS\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.16384_none_6c6e0cf7a65840b6\winlogon.exe
[2012/07/25 22:21:01 | 000,411,648 | ---- | M] (Microsoft Corporation) MD5=C06BA1F360CEF6AB51F41B3D0D5FE92D -- C:\Windows\System32\winlogon.exe
[2012/07/25 22:21:01 | 000,411,648 | ---- | M] (Microsoft Corporation) MD5=C06BA1F360CEF6AB51F41B3D0D5FE92D -- C:\Windows\WinSxS\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.16384_none_6c6e0cf7a65840b6\winlogon.exe
< MD5 for: WINSOCK.DLL >[2009/07/13 16:41:34 | 000,002,864 | ---- | M] (Microsoft Corporation) MD5=68485C5EF0E2EFCEBF21BBB1042B823B -- C:\Windows.old\Windows\System32\WINSOCK.DLL
[2009/07/13 16:41:34 | 000,002,864 | ---- | M] (Microsoft Corporation) MD5=68485C5EF0E2EFCEBF21BBB1042B823B -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7600.16385_none_fde3cf3dd3e16d0d\WINSOCK.DLL
[2009/07/13 16:41:34 | 000,002,864 | ---- | M] (Microsoft Corporation) MD5=68485C5EF0E2EFCEBF21BBB1042B823B -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7\WINSOCK.DLL
[2012/07/25 17:52:36 | 000,002,864 | ---- | M] (Microsoft Corporation) MD5=68485C5EF0E2EFCEBF21BBB1042B823B -- C:\Windows\System32\WINSOCK.DLL
[2012/07/25 17:52:36 | 000,002,864 | ---- | M] (Microsoft Corporation) MD5=68485C5EF0E2EFCEBF21BBB1042B823B -- C:\Windows\WinSxS\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.2.9200.16384_none_fab884fb43f49c5d\WINSOCK.DLL
< End of report >
aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-01-01 11:59:16
-----------------------------
11:59:16.843 OS Version: Windows 6.2.9200
11:59:16.843 Number of processors: 2 586 0x1706
11:59:16.843 ComputerName: CHINABOY-LENOVO UserName: CHINABOY
12:00:32.078 Initialize success
12:01:15.354 Disk 0 \Device\Harddisk0\DR0 -> \Device\RobsonImd-0
12:01:15.354 Disk 0 Vendor: Size: 1405MB BusType: 0
12:01:15.359 Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-1
12:01:15.359 Disk 1 Vendor: Size: 1405MB BusType: 0
12:01:15.374 Disk 1 MBR read successfully
12:01:15.379 Disk 1 MBR scan
12:01:15.384 Disk 1 Windows 7 default MBR code
12:01:15.384 Disk 1 MBR hidden
12:01:15.389 Disk 1 Partition 1 80 (A) 07 HPFS/NTFS NTFS 1499 MB offset 2048
12:01:15.389 Disk 1 Partition 2 00 07 HPFS/NTFS NTFS 293744 MB offset 3072000
12:01:15.394 Disk 1 Partition 3 00 07 HPFS/NTFS NTFS 10000 MB offset 604659712
12:01:15.399 Disk 1 scanning C:\WINDOWS\system32\drivers
12:01:21.961 Service scanning
12:01:26.332 Service MpKslc16c67cd C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Default\MpKslc16c67cd.sys **LOCKED** 32
12:01:33.182 Modules scanning
12:01:36.982 Disk 1 trace - called modules:
12:01:37.009 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll iaStor.sys iaNvStor.sys
12:01:37.014 1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0x8655f800]
12:01:37.019 3 CLASSPNP.SYS[8bdb70c3] -> nt!IofCallDriver -> [0x85ffa3d8]
12:01:37.024 5 ACPI.sys[8b8db49a] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x8557e028]
12:01:37.029 Scan finished successfully
12:03:18.117 Disk 1 MBR has been saved successfully to "C:\Users\CHINABOY\Desktop\MBR.dat"
12:03:18.192 The log file has been saved successfully to "C:\Users\CHINABOY\Desktop\aswMBR.txt"