Jump to content

Kimberly13

Honorary Members
  • Posts

    41
  • Joined

  • Last visited

Everything posted by Kimberly13

  1. I'm trying to update my Java so I removed the older versions on my computer and now it will not let me download the latest versions. I did this because I have been unable to download anything else to my computer without getting the same error message. When I realized my Java was not up to date, I assumed it could have something to do with the error message I was seeing. Now the same problem is not allowing to me reinstall Java on my computer without getting that error message..
  2. I'm all caught up now. Sorry about the confusion. I have downloaded Avira again and its all set back up! I will attach the reports your requested: MBAM: Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Database version: 4649 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 9/18/2010 8:55:14 PM mbam-log-2010-09-18 (20-55-14).txt Scan type: Full scan (C:\|D:\|) Objects scanned: 254460 Time elapsed: 32 minute(s), 21 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) Log.txt: Logfile of random's system information tool 1.08 (written by random/random) Run by Kimberly at 2010-09-18 20:57:07 Microsoft Windows 7 Home Premium System drive C: has 70 GB (68%) free of 102 GB Total RAM: 3957 MB (58% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 8:57:19 PM, on 9/18/2010 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16385) Boot mode: Normal Running processes: C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe C:\Users\Kimberly\Desktop\RSIT.exe C:\Program Files (x86)\trend micro\Kimberly.exe C:\windows\SysWOW64\DllHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://jaguar1.usouthal.edu/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [updateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" O4 - HKLM\..\Run: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" O4 - HKLM\..\Run: [updatePDRShortCut] "C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "Software\CyberLink\PowerDirector\7.0" O4 - HKLM\..\Run: [RemoteControl8] "C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe" O4 - HKLM\..\Run: [PDVD8LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe" O4 - HKLM\..\Run: [updatePPShortCut] "C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerProducer" UpdateWithCreateOnce "Software\CyberLink\PowerProducer\5.0" O4 - HKLM\..\Run: [updatePSTShortCut] "C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - .DEFAULT User Startup: Best Buy Software Installer.lnk = C:\Program Files\Best Buy Software Installer\Best Buy Software Installer.exe (User 'Default user') O4 - Startup: OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing) O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing) O23 - Service: TurboBoost - Intel® Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 13063 bytes ======Scheduled tasks folder====== C:\windows\tasks\GoogleUpdateTaskMachineCore.job C:\windows\tasks\GoogleUpdateTaskMachineUA.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}] HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-09 278192] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll [2010-07-09 814648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-08-29 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}] HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-09 278192] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "UpdateLBPShortCut"=C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2009-05-19 222504] "CLMLServer"=C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2009-06-03 103720] "UpdateP2GoShortCut"=C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2009-05-19 222504] "UpdatePDRShortCut"=C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [2008-01-03 222504] "RemoteControl8"=C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe [2009-04-15 91432] "PDVD8LanguageShortcut"=C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe [2009-04-15 50472] "UpdatePPShortCut"=C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [2008-12-03 218408] "UpdatePSTShortCut"=C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [2009-07-20 210216] "UCam_Menu"=C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2009-05-19 222504] "HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2009-11-18 54576] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552] "Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-19 35760] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832] "QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2010-08-10 421888] "iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2010-09-01 421160] "Malwarebytes' Anti-Malware"=C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [2010-04-29 437584] "avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2010-09-18 282792] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-13 1475072] "swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-05-17 39408] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe C:\Users\Kimberly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup OneNote 2010 Screen Clipper and Launcher.lnk - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 3 months====== 2010-09-18 20:57:09 ----D---- C:\Program Files (x86)\trend micro 2010-09-18 20:57:07 ----D---- C:\rsit 2010-09-18 19:19:59 ----D---- C:\Users\Kimberly\AppData\Roaming\Avira 2010-09-18 19:17:15 ----A---- C:\windows\SysWOW64\drivers\avgntmgr.sys 2010-09-18 19:17:15 ----A---- C:\windows\SysWOW64\drivers\avgntdd.sys 2010-09-18 19:17:14 ----D---- C:\ProgramData\Avira 2010-09-15 21:52:06 ----A---- C:\windows\SysWOW64\iertutil.dll 2010-09-07 08:20:26 ----D---- C:\Program Files (x86)\iTunes 2010-09-07 08:19:12 ----D---- C:\Program Files (x86)\QuickTime 2010-09-03 22:58:45 ----D---- C:\Program Files (x86)\Common Files\Adobe 2010-09-03 22:58:45 ----D---- C:\Program Files (x86)\Adobe 2010-09-01 23:00:38 ----D---- C:\Sysclean 2010-08-31 21:06:59 ----A---- C:\windows\SysWOW64\MSSTDFMT.DLL 2010-08-31 21:06:58 ----D---- C:\Program Files (x86)\SpywareBlaster 2010-08-31 15:08:28 ----D---- C:\Program Files (x86)\Avira 2010-08-29 17:11:01 ----A---- C:\windows\SysWOW64\PerfStringBackup.INI 2010-08-29 15:30:44 ----D---- C:\Program Files (x86)\Common Files\Java 2010-08-29 15:30:30 ----A---- C:\windows\SysWOW64\deployJava1.dll 2010-08-29 15:20:56 ----D---- C:\windows\Sun 2010-08-25 14:29:51 ----D---- C:\windows\ERDNT 2010-08-25 14:28:57 ----D---- C:\Program Files (x86)\ERUNT 2010-08-25 08:41:37 ----A---- C:\windows\SysWOW64\oleaut32.dll 2010-08-12 11:41:51 ----A---- C:\windows\SysWOW64\schannel.dll 2010-08-12 11:41:30 ----A---- C:\windows\SysWOW64\ntkrnlpa.exe 2010-08-12 11:41:28 ----A---- C:\windows\SysWOW64\ntoskrnl.exe 2010-08-12 11:41:23 ----A---- C:\windows\SysWOW64\mshtml.dll 2010-08-12 11:41:22 ----A---- C:\windows\SysWOW64\ieframe.dll 2010-08-12 11:41:21 ----A---- C:\windows\SysWOW64\wininet.dll 2010-08-12 11:41:21 ----A---- C:\windows\SysWOW64\urlmon.dll 2010-08-12 11:41:20 ----A---- C:\windows\SysWOW64\mstime.dll 2010-08-12 11:41:20 ----A---- C:\windows\SysWOW64\msfeedsbs.dll 2010-08-12 11:41:20 ----A---- C:\windows\SysWOW64\ieui.dll 2010-08-12 11:41:20 ----A---- C:\windows\SysWOW64\iepeers.dll 2010-08-12 11:41:20 ----A---- C:\windows\SysWOW64\iedkcs32.dll 2010-08-12 11:41:19 ----A---- C:\windows\SysWOW64\msfeedssync.exe 2010-08-12 11:41:19 ----A---- C:\windows\SysWOW64\jsproxy.dll 2010-08-12 11:41:08 ----A---- C:\windows\SysWOW64\rtutils.dll 2010-08-12 11:41:07 ----A---- C:\windows\SysWOW64\iccvid.dll 2010-08-12 11:41:04 ----A---- C:\windows\SysWOW64\msxml3.dll 2010-08-12 00:49:55 ----D---- C:\Users\Kimberly\AppData\Roaming\Malwarebytes 2010-08-12 00:49:27 ----A---- C:\windows\SysWOW64\drivers\mbamswissarmy.sys 2010-08-12 00:49:26 ----D---- C:\ProgramData\Malwarebytes 2010-08-12 00:49:26 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2010-08-11 22:31:12 ----A---- C:\windows\ntbtlog.txt 2010-08-02 15:10:22 ----A---- C:\windows\SysWOW64\shell32.dll 2010-07-31 21:19:26 ----D---- C:\Program Files (x86)\SBC Yahoo! 2010-07-24 23:38:13 ----D---- C:\Users\Kimberly\AppData\Roaming\Apple Computer 2010-07-24 23:37:59 ----A---- C:\windows\SysWOW64\GEARAspi.dll 2010-07-24 23:37:28 ----D---- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001} 2010-07-24 23:36:21 ----D---- C:\ProgramData\Apple Computer 2010-07-24 23:36:13 ----D---- C:\Program Files (x86)\Apple Software Update 2010-07-24 23:35:55 ----D---- C:\Program Files (x86)\Bonjour 2010-07-24 23:35:50 ----D---- C:\ProgramData\Apple 2010-07-24 23:35:50 ----D---- C:\Program Files (x86)\Common Files\Apple 2010-07-24 21:02:24 ----D---- C:\Users\Kimberly\AppData\Roaming\Mozilla 2010-07-24 21:00:20 ----D---- C:\Program Files (x86)\Ask.com 2010-07-24 20:50:29 ----D---- C:\ProgramData\Sun 2010-07-24 20:50:21 ----A---- C:\windows\SysWOW64\javaws.exe 2010-07-24 20:50:21 ----A---- C:\windows\SysWOW64\javaw.exe 2010-07-24 20:50:21 ----A---- C:\windows\SysWOW64\java.exe 2010-07-24 20:50:07 ----D---- C:\Program Files (x86)\Java 2010-07-24 20:47:23 ----D---- C:\Program Files (x86)\LimeWire 2010-07-22 10:35:09 ----D---- C:\ProgramData\Visan 2010-07-22 09:09:24 ----D---- C:\Program Files (x86)\MSXML 4.0 2010-07-18 16:54:22 ----D---- C:\ProgramData\WEBREG 2010-07-18 16:53:06 ----D---- C:\Users\Kimberly\AppData\Roaming\HP 2010-07-18 16:50:19 ----D---- C:\Users\Kimberly\AppData\Roaming\Yahoo! 2010-07-18 16:50:18 ----D---- C:\Program Files (x86)\Yahoo! 2010-07-18 16:50:09 ----D---- C:\Program Files (x86)\Coupons 2010-07-18 16:49:51 ----D---- C:\ProgramData\HP Photo Creations 2010-07-18 16:49:51 ----D---- C:\Program Files (x86)\HP Photo Creations 2010-07-18 16:49:44 ----D---- C:\Users\Kimberly\AppData\Roaming\HpUpdate 2010-07-18 16:48:45 ----D---- C:\ProgramData\HP Product Assistant 2010-07-18 16:47:23 ----D---- C:\Program Files (x86)\Common Files\HP 2010-07-18 16:47:15 ----D---- C:\Program Files (x86)\Common Files\Hewlett-Packard 2010-07-18 16:44:51 ----D---- C:\Program Files (x86)\HP 2010-07-18 16:40:23 ----D---- C:\ProgramData\HP 2010-07-07 18:46:08 ----D---- C:\windows\SysWOW64\Wat 2010-07-07 13:39:34 ----A---- C:\windows\SysWOW64\PresentationHostProxy.dll 2010-07-07 13:39:34 ----A---- C:\windows\SysWOW64\PresentationHost.exe 2010-07-07 13:39:34 ----A---- C:\windows\SysWOW64\netfxperf.dll 2010-07-07 13:39:34 ----A---- C:\windows\SysWOW64\mscoree.dll 2010-07-07 13:39:34 ----A---- C:\windows\SysWOW64\dfshim.dll 2010-07-06 23:04:14 ----A---- C:\windows\SysWOW64\tzres.dll 2010-07-06 23:02:53 ----A---- C:\windows\SysWOW64\asycfilt.dll 2010-07-06 23:02:26 ----A---- C:\windows\SysWOW64\ntdll.dll 2010-07-06 23:01:56 ----A---- C:\windows\SysWOW64\vbscript.dll 2010-07-06 23:01:28 ----A---- C:\windows\SysWOW64\inetcomm.dll 2010-07-06 23:00:31 ----A---- C:\windows\SysWOW64\wow32.dll 2010-07-06 23:00:31 ----A---- C:\windows\SysWOW64\user.exe 2010-07-06 23:00:31 ----A---- C:\windows\SysWOW64\setup16.exe 2010-07-06 23:00:31 ----A---- C:\windows\SysWOW64\ntvdm64.dll 2010-07-06 23:00:31 ----A---- C:\windows\SysWOW64\instnm.exe 2010-07-06 22:57:03 ----A---- C:\windows\SysWOW64\CPFilters.dll 2010-07-06 22:57:02 ----A---- C:\windows\SysWOW64\psisdecd.dll 2010-07-06 22:55:45 ----A---- C:\windows\SysWOW64\jscript.dll 2010-07-06 22:55:17 ----A---- C:\windows\SysWOW64\sspicli.dll 2010-07-06 22:55:17 ----A---- C:\windows\SysWOW64\secur32.dll 2010-07-06 22:53:53 ----A---- C:\windows\SysWOW64\atmlib.dll 2010-07-06 22:53:53 ----A---- C:\windows\SysWOW64\atmfd.dll 2010-07-05 19:36:50 ----D---- C:\Program Files (x86)\Common Files\DESIGNER 2010-07-05 19:36:38 ----D---- C:\Program Files (x86)\Microsoft.NET 2010-07-05 19:34:51 ----D---- C:\Program Files (x86)\Microsoft Analysis Services 2010-07-05 19:34:21 ----D---- C:\ProgramData\Microsoft Help 2010-07-05 19:34:08 ----RHD---- C:\MSOCache 2010-07-05 19:02:03 ----D---- C:\Users\Kimberly\AppData\Roaming\Macromedia 2010-07-05 18:53:15 ----D---- C:\Users\Kimberly\AppData\Roaming\Adobe 2010-07-05 18:53:00 ----D---- C:\Users\Kimberly\AppData\Roaming\Google 2010-07-05 18:41:58 ----D---- C:\Users\Kimberly\AppData\Roaming\InstallShield 2010-07-05 18:35:46 ----D---- C:\Users\Kimberly\AppData\Roaming\Identities 2010-07-05 18:35:39 ----A---- C:\windows\SysWOW64\wintrust.dll 2010-07-05 18:35:38 ----A---- C:\windows\SysWOW64\cabview.dll 2010-07-05 18:32:56 ----SD---- C:\Users\Kimberly\AppData\Roaming\Microsoft 2010-07-05 18:32:56 ----D---- C:\Users\Kimberly\AppData\Roaming\Media Center Programs 2010-07-05 18:32:38 ----SHD---- C:\Recovery ======List of files/folders modified in the last 3 months====== 2010-09-18 20:57:09 ----RD---- C:\Program Files (x86) 2010-09-18 20:07:14 ----D---- C:\windows\Temp 2010-09-18 20:02:29 ----SHD---- C:\System Volume Information 2010-09-18 19:51:41 ----D---- C:\windows\Prefetch 2010-09-18 19:17:15 ----D---- C:\windows\SysWOW64\drivers 2010-09-18 19:17:14 ----HD---- C:\ProgramData 2010-09-16 10:02:55 ----D---- C:\windows\winsxs 2010-09-16 10:01:39 ----D---- C:\windows\SysWOW64 2010-09-16 10:01:39 ----D---- C:\windows\System32 2010-09-15 21:54:52 ----SHD---- C:\windows\Installer 2010-09-08 12:33:57 ----D---- C:\Windows 2010-09-08 08:33:30 ----D---- C:\Program Files (x86)\Microsoft Silverlight 2010-09-07 08:20:26 ----RD---- C:\Program Files 2010-09-07 08:18:43 ----D---- C:\windows\inf 2010-09-05 20:56:53 ----D---- C:\windows\Downloaded Program Files 2010-09-03 23:06:16 ----D---- C:\ProgramData\Adobe 2010-09-03 22:58:45 ----D---- C:\Program Files (x86)\Common Files 2010-08-31 22:10:50 ----RSD---- C:\windows\assembly 2010-08-31 22:10:50 ----D---- C:\windows\Microsoft.NET 2010-08-31 20:47:50 ----D---- C:\windows\SysWOW64\en-US 2010-08-31 20:46:19 ----D---- C:\windows\debug 2010-08-29 15:06:00 ----D---- C:\windows\Tasks 2010-08-26 16:00:22 ----D---- C:\windows\AppPatch 2010-08-22 21:53:57 ----D---- C:\windows\SysWOW64\migration 2010-08-22 21:53:57 ----D---- C:\Program Files (x86)\Internet Explorer 2010-08-22 21:45:39 ----SD---- C:\ProgramData\Microsoft 2010-08-11 23:29:53 ----SHD---- C:\$Recycle.Bin 2010-08-11 23:29:46 ----RD---- C:\Users 2010-07-31 19:49:02 ----D---- C:\ProgramData\Partner 2010-07-20 14:13:44 ----D---- C:\windows\LiveKernelReports 2010-07-18 16:53:04 ----A---- C:\windows\win.ini 2010-07-18 16:52:18 ----D---- C:\windows\twain_32 2010-07-18 16:49:00 ----RSD---- C:\windows\Fonts 2010-07-07 14:15:29 ----D---- C:\windows\rescache 2010-07-07 14:14:30 ----D---- C:\windows\Logs 2010-07-07 13:44:40 ----D---- C:\Program Files (x86)\Windows Mail 2010-07-07 13:44:36 ----D---- C:\windows\ehome 2010-07-05 23:29:47 ----D---- C:\ProgramData\CyberLink 2010-07-05 19:59:12 ----D---- C:\Program Files (x86)\Google 2010-07-05 19:40:11 ----D---- C:\Program Files (x86)\Microsoft Office 2010-07-05 19:37:22 ----D---- C:\windows\ShellNew 2010-07-05 19:37:21 ----D---- C:\Program Files (x86)\Common Files\microsoft shared 2010-07-05 19:34:55 ----D---- C:\Program Files (x86)\Common Files\System 2010-07-05 18:43:34 ----HD---- C:\Program Files (x86)\InstallShield Installation Information 2010-07-05 18:35:14 ----D---- C:\windows\MSetup 2010-07-05 18:33:56 ----D---- C:\Program Files (x86)\CyberLink 2010-07-05 18:33:39 ----D---- C:\ProgramData\Temp 2010-07-05 18:32:37 ----D---- C:\windows\SoftwareDistribution ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [] R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [] R1 avipbb;avipbb; C:\windows\system32\DRIVERS\avipbb.sys [] R1 SABI;SAMSUNG Kernel Driver For Windows 7; \??\C:\windows\system32\Drivers\SABI.sys [] R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [] R2 avgntflt;avgntflt; C:\windows\system32\DRIVERS\avgntflt.sys [] R2 TurboB;Turbo Boost UI Monitor driver; C:\windows\system32\DRIVERS\TurboB.sys [] R3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athrx.sys [] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\windows\system32\DRIVERS\GEARAspiWDM.sys [] R3 Impcd;Impcd; C:\windows\system32\DRIVERS\Impcd.sys [] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [] R3 MBAMProtector;MBAMProtector; \??\C:\windows\system32\drivers\mbam.sys [] R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\windows\system32\drivers\nvhda64v.sys [] R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [] S3 fssfltr;FssFltr; C:\windows\system32\DRIVERS\fssfltr.sys [] S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [] S3 pciide;pciide; C:\windows\system32\DRIVERS\pciide.sys [] S3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [] S3 rtport;rtport; \??\C:\windows\SysWOW64\drivers\rtport.sys [2010-06-09 15144] S3 StillCam;Still Serial Digital Camera Driver; C:\windows\system32\DRIVERS\serscan.sys [] S3 USBAAPL64;Apple Mobile USB Driver; C:\windows\System32\Drivers\usbaapl64.sys [] S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AntiVirMailService;Avira AntiVir MailGuard; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe [2010-09-18 337064] R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2010-09-18 135336] R2 AntiVirService;Avira AntiVir Guard; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2010-09-18 267432] R2 AntiVirWebService;Avira AntiVir WebGuard; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [2010-09-18 405672] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-08-13 144672] R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2010-05-18 345376] R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\windows\system32\svchost.exe [2009-07-13 20992] R2 HPSLPSVC;HP Network Devices Support; C:\windows\system32\svchost.exe [2009-07-13 20992] R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2010-04-29 304464] R2 Net Driver HPZ12;Net Driver HPZ12; C:\windows\System32\svchost.exe [2009-07-13 20992] R2 nvsvc;NVIDIA Display Driver Service; C:\windows\system32\nvvsvc.exe [] R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\System32\svchost.exe [2009-07-13 20992] R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2009-07-07 247152] R3 hpqcxs08;hpqcxs08; C:\windows\system32\svchost.exe [2009-07-13 20992] R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2010-09-01 932640] R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-07-05 135664] S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864] S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-05-17 182768] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352] S3 TurboBoost;TurboBoost; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-11-02 126352] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [] -----------------EOF----------------- Info.txt: info.txt logfile of random's system information tool 1.08 2010-09-18 20:57:21 ======Uninstall list====== -->C:\ProgramData\{249B9E04-F0FC-434D-B0D8-12D3EDFF3B77}\Best Buy Software Installer Setup.exe -->C:\windows\SysWOW64\Macromed\Flash\uninstall_plugin.exe Adobe AIR-->C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723} Adobe Flash Player 10 ActiveX-->C:\windows\SysWOW64\Macromed\Flash\FlashUtil10i_ActiveX.exe -maintain activex Adobe Flash Player 10 Plugin-->MsiExec.exe /X{AF36CE1D-FD2C-4BA0-93FA-1196785DD610} Adobe Reader 9.3.4-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A93000000001} Apple Application Support-->MsiExec.exe /I{DAEAFD68-BB4A-4507-A241-C8804D2EA66D} Apple Software Update-->MsiExec.exe /I{C41300B9-185D-475E-BFEC-39EF732F19B1} Atheros Client Installation Program-->"C:\Program Files (x86)\InstallShield Installation Information\{D1434266-0486-4469-B338-A60082CC04E1}\setup.exe" -runfromtemp -l0x0009 -removeonly Avira AntiVir Premium-->C:\Program Files (x86)\Avira\AntiVir Desktop\setup.exe /REMOVE BatteryLifeExtender-->MsiExec.exe /I{08B67A13-8501-48CB-B747-9D413BDC4594} Best Buy Software Installer-->"C:\ProgramData\{249B9E04-F0FC-434D-B0D8-12D3EDFF3B77}\Best Buy Software Installer Setup.exe" REMOVE=TRUE MODIFY=FALSE ChargeableUSB-->"C:\Program Files (x86)\InstallShield Installation Information\{92D50865-FC60-4EA8-BA7A-5581B0D13EFB}\setup.exe" -runfromtemp -l0x0009Remove -removeonly Coupon Printer for Windows-->"C:\Program Files (x86)\Coupons\uninstall.exe" "/U:C:\Program Files (x86)\Coupons\Uninstall\uninstall.xml" CyberLink DVD Suite-->"C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall CyberLink DVD Suite-->"C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall CyberLink LabelPrint-->"C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall CyberLink LabelPrint-->"C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall CyberLink Power2Go-->"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall CyberLink Power2Go-->"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall CyberLink PowerDirector-->"C:\Program Files (x86)\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\Setup.exe" /z-uninstall CyberLink PowerDirector-->"C:\Program Files (x86)\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\Setup.exe" /z-uninstall CyberLink PowerDVD 8-->"C:\Program Files (x86)\InstallShield Installation Information\{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}\Setup.exe" /z-uninstall CyberLink PowerDVD 8-->"C:\Program Files (x86)\InstallShield Installation Information\{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}\Setup.exe" /z-uninstall CyberLink PowerProducer-->"C:\Program Files (x86)\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\Setup.exe" /z-uninstall CyberLink PowerProducer-->"C:\Program Files (x86)\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\Setup.exe" /z-uninstall CyberLink YouCam-->"C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall CyberLink YouCam-->"C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall Definition update for Microsoft Office 2010 (KB982726)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{8A1600D2-B038-4F73-851E-946B0155810E}" "1033" "0" Easy Content Share-->MsiExec.exe /I{2DDC70C1-C77A-4D08-89D2-9AB648504533} Easy Display Manager-->"C:\Program Files (x86)\InstallShield Installation Information\{17283B95-21A8-4996-97DA-547A48DB266F}\setup.exe" -runfromtemp -l0x0009 -removeonly Easy Network Manager-->MsiExec.exe /I{F771F1D4-EDD4-4D68-82DC-811583C099CD} Easy SpeedUp Manager-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{EF367AA4-070B-493C-9575-85BE59D789C9}\setup.exe" -l0x9 Remove EasyBatteryManager-->"C:\Program Files (x86)\InstallShield Installation Information\{4A331D24-A9E8-484F-835E-1BA7B139689C}\setup.exe" -runfromtemp -l0x0009 -removeonly EasyFileShare-->MsiExec.exe /I{C4582EED-A3FB-4358-8F3F-8C994460DF28} ERUNT 1.1j-->"C:\Program Files (x86)\ERUNT\unins000.exe" Google Toolbar for Internet Explorer-->"C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarManager_223E2B8E7BAD9544.exe" /uninstall Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C} Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} HP Photo Creations-->C:\Program Files (x86)\HP Photo Creations\uninst.exe HP Update-->MsiExec.exe /X{74DC0593-6BC6-4001-AD5F-D810AFB68D86} Intel® Rapid Storage Technology-->C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\Uninstall\setup.exe -uninstall Intel® Turbo Boost Technology Driver-->C:\Program Files (x86)\Intel\Intel® Turbo Boost Technology Driver\Uninstall\setup.exe -uninstall -iips Java 6 Update 21-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216021FF} Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5} Malwarebytes' Anti-Malware-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe" Marvell Miniport Driver-->C:\Program Files (x86)\Marvell\Miniport Driver\Uninst.exe Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570} Microsoft Office Access MUI (English) 2010-->MsiExec.exe /X{90140000-0015-0409-0000-0000000FF1CE} Microsoft Office Access Setup Metadata MUI (English) 2010-->MsiExec.exe /X{90140000-0117-0409-0000-0000000FF1CE} Microsoft Office Excel MUI (English) 2010-->MsiExec.exe /X{90140000-0016-0409-0000-0000000FF1CE} Microsoft Office OneNote MUI (English) 2010-->MsiExec.exe /X{90140000-00A1-0409-0000-0000000FF1CE} Microsoft Office Outlook MUI (English) 2010-->MsiExec.exe /X{90140000-001A-0409-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (English) 2010-->MsiExec.exe /X{90140000-0018-0409-0000-0000000FF1CE} Microsoft Office Professional 2010-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe" /uninstall SINGLEIMAGE /dll OSETUP.DLL Microsoft Office Proof (English) 2010-->MsiExec.exe /X{90140000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (French) 2010-->MsiExec.exe /X{90140000-001F-040C-0000-0000000FF1CE} Microsoft Office Proof (Spanish) 2010-->MsiExec.exe /X{90140000-001F-0C0A-0000-0000000FF1CE} Microsoft Office Proofing (English) 2010-->MsiExec.exe /X{90140000-002C-0409-0000-0000000FF1CE} Microsoft Office Publisher MUI (English) 2010-->MsiExec.exe /X{90140000-0019-0409-0000-0000000FF1CE} Microsoft Office Shared MUI (English) 2010-->MsiExec.exe /X{90140000-006E-0409-0000-0000000FF1CE} Microsoft Office Shared Setup Metadata MUI (English) 2010-->MsiExec.exe /X{90140000-0115-0409-0000-0000000FF1CE} Microsoft Office Single Image 2010-->MsiExec.exe /X{90140000-003D-0000-0000-0000000FF1CE} Microsoft Office Word MUI (English) 2010-->MsiExec.exe /X{90140000-001B-0409-0000-0000000FF1CE} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} MultimediaPOP-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{B922DA9D-747A-4681-A730-D14326C6738F}\setup.exe" -l0x9 Remove QuickTime-->MsiExec.exe /I{EB900AF8-CC61-4E15-871B-98D1EA3E8025} Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -removeonly Samsung Recovery Solution 4-->"C:\Program Files (x86)\InstallShield Installation Information\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}\setup.exe" -runfromtemp -l0x0009 -removeonly Samsung Support Center-->MsiExec.exe /I{F687E657-F636-44DF-8125-9FEEA2C362F5} Samsung Update Plus-->"C:\Program Files (x86)\InstallShield Installation Information\{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}\setup.exe" -runfromtemp -l0x0009 -removeonly SpywareBlaster 4.4-->"C:\Program Files (x86)\SpywareBlaster\unins000.exe" Update for Microsoft Office 2010 (KB2202188)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{86B7A074-265D-420C-9E1E-7A920EF0ECA7}" "1033" "0" Update for Microsoft OneNote 2010 (KB2288640)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{521AB5E8-5FFF-45C8-B750-6967F8C0A2B9}" "1033" "0" Update for Microsoft Outlook Social Connector (KB2289116)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-0409-0000-0000000FF1CE}" "{E966C940-CC8C-4EC0-8D84-ED27AC20D53C}" "1033" "0" Update for Microsoft Outlook Social Connector (KB2289116)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{75F91382-920C-4AE1-B9E6-FFFCEDA797E8}" "1033" "0" User Guide-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}\setup.exe" -l0x9 Remove Windows Live Call-->MsiExec.exe /I{F6BD194C-4190-4D73-B1B1-C48C99921BFE} Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52} Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe Windows Live Essentials-->MsiExec.exe /I{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71} Windows Live Mail-->MsiExec.exe /I{6412CECE-8172-4BE5-935B-6CECACD2CA87} Windows Live Messenger-->MsiExec.exe /X{A85FD55B-891B-4314-97A5-EA96C0BD80B5} Windows Live Movie Maker-->MsiExec.exe /X{3D5044A5-97B8-45C0-B956-BB2376569188} Windows Live Photo Gallery-->MsiExec.exe /X{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA} Windows Live Sign-in Assistant-->MsiExec.exe /I{45338B07-A236-4270-9A77-EBB4115517B5} Windows Live Sync-->MsiExec.exe /X{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1} Windows Live Upload Tool-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} Windows Live Writer-->MsiExec.exe /X{178832DE-9DE0-4C87-9F82-9315A9B03985} ======Hosts File====== 127.0.0.1 localhost 127.0.0.1 fr.a2dfp.net 127.0.0.1 m.fr.a2dfp.net 127.0.0.1 ad.a8.net 127.0.0.1 asy.a8ww.net 127.0.0.1 abcstats.com 127.0.0.1 a.abv.bg 127.0.0.1 adserver.abv.bg 127.0.0.1 adv.abv.bg 127.0.0.1 bimg.abv.bg ======System event log====== Computer Name: Kimberly-PC Event Code: 16393 Message: BITS has encountered an error communicating with an Internet Gateway Device. Please check that the device is functioning properly. BITS will not attempt to use this device until the next system reboot. Error code: 0x80040501. Record Number: 2777 Source Name: Microsoft-Windows-Bits-Client Time Written: 20100705235732.592494-000 Event Type: Warning User: NT AUTHORITY\SYSTEM Computer Name: Kimberly-PC Event Code: 16393 Message: BITS has encountered an error communicating with an Internet Gateway Device. Please check that the device is functioning properly. BITS will not attempt to use this device until the next system reboot. Error code: 0x80040501. Record Number: 2776 Source Name: Microsoft-Windows-Bits-Client Time Written: 20100705235659.016035-000 Event Type: Warning User: NT AUTHORITY\SYSTEM Computer Name: Kimberly-PC Event Code: 16393 Message: BITS has encountered an error communicating with an Internet Gateway Device. Please check that the device is functioning properly. BITS will not attempt to use this device until the next system reboot. Error code: 0x80040501. Record Number: 2774 Source Name: Microsoft-Windows-Bits-Client Time Written: 20100705235524.233867-000 Event Type: Warning User: NT AUTHORITY\SYSTEM Computer Name: Kimberly-PC Event Code: 4001 Message: WLAN AutoConfig service has successfully stopped. Record Number: 2643 Source Name: Microsoft-Windows-WLAN-AutoConfig Time Written: 20100705233918.212572-000 Event Type: Warning User: NT AUTHORITY\SYSTEM Computer Name: Kimberly-PC Event Code: 4001 Message: WLAN AutoConfig service has successfully stopped. Record Number: 2396 Source Name: Microsoft-Windows-WLAN-AutoConfig Time Written: 20100609095816.829858-000 Event Type: Warning User: NT AUTHORITY\SYSTEM =====Application event log===== Computer Name: Kimberly-PC Event Code: 1533 Message: Windows cannot delete the profile directory C:\Users\Administrator. This error may be caused by files in this directory being used by another program. DETAIL - The directory is not empty. Record Number: 812 Source Name: Microsoft-Windows-User Profiles Service Time Written: 20100705233239.473804-000 Event Type: Error User: NT AUTHORITY\SYSTEM Computer Name: Kimberly-PC Event Code: 11 Message: Possible Memory Leak. Application (C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted) (PID: 288) has passed a non-NULL pointer to RPC for an [out] parameter marked [allocate(all_nodes)]. [allocate(all_nodes)] parameters are always reallocated; if the original pointer contained the address of valid memory, that memory will be leaked. The call originated on the interface with UUID ({3F31C91E-2545-4B7B-9311-9529E8BFFEF6}), Method number (20). User Action: Contact your application vendor for an updated version of the application. Record Number: 811 Source Name: Microsoft-Windows-RPC-Events Time Written: 20100705233236.868599-000 Event Type: Warning User: NT AUTHORITY\LOCAL SERVICE Computer Name: Kimberly-PC Event Code: 1008 Message: The Windows Search Service is starting up and attempting to remove the old search index {Reason: Full Index Reset}. Record Number: 794 Source Name: Microsoft-Windows-Search Time Written: 20100705223014.000000-000 Event Type: Warning User: Computer Name: WIN-K508ND8ETEK Event Code: 35 Message: Activation context generation failed for "C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.Exe".Error in manifest or policy file "C:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL" on line 8. Component identity found in manifest does not match the identity of the component requested. Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Please use sxstrace.exe for detailed diagnosis. Record Number: 782 Source Name: SideBySide Time Written: 20100609095811.000000-000 Event Type: Error User: Computer Name: WIN-K508ND8ETEK Event Code: 35 Message: Activation context generation failed for "C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.Exe".Error in manifest or policy file "C:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL" on line 8. Component identity found in manifest does not match the identity of the component requested. Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Please use sxstrace.exe for detailed diagnosis. Record Number: 781 Source Name: SideBySide Time Written: 20100609095811.000000-000 Event Type: Error User: =====Security event log===== Computer Name: WIN-K508ND8ETEK Event Code: 4738 Message: A user account was changed. Subject: Security ID: S-1-5-21-114453956-2636402065-546677835-500 Account Name: Administrator Account Domain: WIN-K508ND8ETEK Logon ID: 0x30c7f Target Account: Security ID: S-1-5-21-114453956-2636402065-546677835-500 Account Name: Administrator Account Domain: WIN-K508ND8ETEK Changed Attributes: SAM Account Name: - Display Name: - User Principal Name: - Home Directory: - Home Drive: - Script Path: - Profile Path: - User Workstations: - Password Last Set: - Account Expires: - Primary Group ID: - AllowedToDelegateTo: - Old UAC Value: 0x210 New UAC Value: 0x211 User Account Control: Account Disabled User Parameters: - SID History: - Logon Hours: - Additional Information: Privileges: - Record Number: 636 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20100609095811.751992-000 Event Type: Audit Success User: Computer Name: WIN-K508ND8ETEK Event Code: 4725 Message: A user account was disabled. Subject: Security ID: S-1-5-21-114453956-2636402065-546677835-500 Account Name: Administrator Account Domain: WIN-K508ND8ETEK Logon ID: 0x30c7f Target Account: Security ID: S-1-5-21-114453956-2636402065-546677835-500 Account Name: Administrator Account Domain: WIN-K508ND8ETEK Record Number: 635 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20100609095811.751992-000 Event Type: Audit Success User: Computer Name: WIN-K508ND8ETEK Event Code: 4672 Message: Special privileges assigned to new logon. Subject: Security ID: S-1-5-18 Account Name: SYSTEM Account Domain: NT AUTHORITY Logon ID: 0x3e7 Privileges: SeAssignPrimaryTokenPrivilege SeTcbPrivilege SeSecurityPrivilege SeTakeOwnershipPrivilege SeLoadDriverPrivilege SeBackupPrivilege SeRestorePrivilege SeDebugPrivilege SeAuditPrivilege SeSystemEnvironmentPrivilege SeImpersonatePrivilege Record Number: 634 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20100609095803.976547-000 Event Type: Audit Success User: Computer Name: WIN-K508ND8ETEK Event Code: 4624 Message: An account was successfully logged on. Subject: Security ID: S-1-5-18 Account Name: WIN-K508ND8ETEK$ Account Domain: WORKGROUP Logon ID: 0x3e7 Logon Type: 5 New Logon: Security ID: S-1-5-18 Account Name: SYSTEM Account Domain: NT AUTHORITY Logon ID: 0x3e7 Logon GUID: {00000000-0000-0000-0000-000000000000} Process Information: Process ID: 0x220 Process Name: C:\Windows\System32\services.exe Network Information: Workstation Name: Source Network Address: - Source Port: - Detailed Authentication Information: Logon Process: Advapi Authentication Package: Negotiate Transited Services: - Package Name (NTLM only): - Key Length: 0 This event is generated when a logon session is created. It is generated on the computer that was accessed. The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe. The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network). The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on. The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases. The authentication information fields provide detailed information about this specific logon request. - Logon GUID is a unique identifier that can be used to correlate this event with a KDC event. - Transited services indicate which intermediate services have participated in this logon request. - Package name indicates which sub-protocol was used among the NTLM protocols. - Key length indicates the length of the generated session key. This will be 0 if no session key was requested. Record Number: 633 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20100609095803.976547-000 Event Type: Audit Success User: Computer Name: WIN-K508ND8ETEK Event Code: 1102 Message: The audit log was cleared. Subject: Security ID: S-1-5-21-114453956-2636402065-546677835-500 Account Name: Administrator Domain Name: WIN-K508ND8ETEK Logon ID: 0x30c7f Record Number: 632 Source Name: Microsoft-Windows-Eventlog Time Written: 20100609095804.827596-000 Event Type: Audit Success User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\QuickTime\QTSystem\ "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PROCESSOR_ARCHITECTURE"=AMD64 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "USERNAME"=SYSTEM "windir"=%SystemRoot% "PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\ "NUMBER_OF_PROCESSORS"=4 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 37 Stepping 5, GenuineIntel "PROCESSOR_REVISION"=2505 "asl.log"=Destination=file;OnFirstLog=command,environment,parent "CLASSPATH"=.;C:\Program Files (x86)\Java\jre6\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files (x86)\Java\jre6\lib\ext\QTJava.zip -----------------EOF-----------------
  3. Sorry, I didn't realize we had gone to a 4th page and didn't see your response. I purchased MBAM just now, and removed Avira since you said not to have two antivirus programs on my computer at the same time. But now my computer is telling me that it cannot detect antivrus software on my computer. Should I be concerned?
  4. No Security Suite yet, I am still having issues with redirects from Google though. I ran a scan on MBAM a few days ago and it showed Security Suite still. Here is the log: Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Database version: 4563 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 9/7/2010 2:35:24 PM mbam-log-2010-09-07 (14-35-24).txt Scan type: Full scan (C:\|D:\|) Objects scanned: 247915 Time elapsed: 39 minute(s), 49 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 1 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CURRENT_USER\SOFTWARE\wnxmal (Rogue.SecuritySuite) -> Quarantined and deleted successfully. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected)
  5. I'm on my computer at work right now but I haven't been using my personal laptop for anything other than what you've asked so I haven't been on it too much to notice. Is it okay for me to use normally for a day or two and see if anything unusual happens?
  6. There are two more logs that I can tell (one long, one short) and I'm not sure which ones you need so I'm posting the others so you have as much information as you need to figure out the next step for your next post /--------------------------------------------------------------\ | Trend Micro System Cleaner | | Copyright 2009-2010, Trend Micro, Inc. | | http://www.trendmicro.com | \--------------------------------------------------------------/ 2010-09-01, 23:35:56, Auto-clean mode specified. 2010-09-01, 23:35:59, Failed to initialize Rootkit Driver. 2010-09-01, 23:35:59, Running scanner "C:\Sysclean\sysclean\TSC.BIN"... 2010-09-01, 23:36:21, Scanner "C:\Sysclean\sysclean\TSC.BIN" has finished running. 2010-09-01, 23:36:21, TSC Log:
  7. I will post the log below. I'm confused about what it found. When I rebooted my computer from safe mode my desktop background picture is no longer there and my homepage isn't set anymore. Thats all I've noticed for now, is that suppose to happen? There are alot of files in the folder I created now so I'm not positive what all you'll need me to post for you to see so just let me know if there's something else I need to copy and paste on here for you. Damage Cleanup Engine (DCE) 6.2(Build 1016) (RCM: Driver not ready!) Windows 7(Build 7600: ) Start time : Wed Sep 01 2010 23:48:19 Load Damage Cleanup Template (DCT) "C:\Sysclean\sysclean\TMRDCT.ptn" (version ) [fail] Load Damage Cleanup Template (DCT) "C:\Sysclean\sysclean\tsc.ptn" (version 1092) [success] Normal File Check for Detected File "C:\Users\Kimberly\AppData\Local\Temp\Temp1_tdsskiller.zip\TDSSKiller.exe" (Virus Name Cryp_Xed-16): Normal file check result 0x00000002, from "Kaspersky Lab [D]". TSC_GENCLEAN[virus found] -->delete file("C:\Users\Kimberly\AppData\Local\Temp\Temp1_tdsskiller.zip\TDSSKiller.exe","","") success -->add folder("C:\Sysclean\sysclean\TSC_Temp","","") success -->copy file("C:\Sysclean\sysclean\tsc.bin","C:\Sysclean\sysclean\TSC_Temp\tsc.exe","") success -->copy file("C:\Sysclean\sysclean\tsc.ini","C:\Sysclean\sysclean\TSC_Temp\tsc.ini","") success -->copy file("C:\Sysclean\sysclean\tsc.ptn","C:\Sysclean\sysclean\TSC_Temp\tsc.ptn","") success -->add file("C:\Sysclean\sysclean\TSC_Temp\DEADLINKS.INI","","") success -->modify file("C:\Sysclean\sysclean\TSC_Temp\DEADLINKS.INI","","") success -->modify file("C:\Sysclean\sysclean\TSC_Temp\DEADLINKS.INI","","") success -->modify registry data("HKEY_LOCAL_MACHINE","Software\Microsoft\Windows\CurrentVersion\RunOnce","TSC") success -->delete registry value("HKEY_LOCAL_MACHINE","Software\Microsoft\Windows\CurrentVersion\Policies\System","DisableTaskMgr") success -->delete registry value("HKEY_LOCAL_MACHINE","Software\Microsoft\Windows\CurrentVersion\Policies\System","DisableRegistryTools") success -->delete registry value("HKEY_LOCAL_MACHINE","Software\Microsoft\Windows\CurrentVersion\Policies\Explorer","NoFolderOptions") success -->delete registry value("HKEY_LOCAL_MACHINE","Software\Microsoft\Windows\CurrentVersion\Policies\Explorer","NoControlPanel") success -->modify registry data("n/a","Control Panel\Desktop","WallPaper") success -->modify registry data("HKEY_LOCAL_MACHINE","Software\Microsoft\Internet Explorer\Main","Start page") success -->modify registry data("n/a","Software\Microsoft\Internet Explorer\Main","Start page") success -->delete registry value("HKEY_LOCAL_MACHINE","SOFTWARE\Policies\Microsoft\Windows\System","DisableCMD") success -->modify registry data("n/a","Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced","ShowSuperHidden") success -->modify registry data("n/a","Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced","HideFileExt") success -->modify registry data("HKEY_LOCAL_MACHINE","SYSTEM\CurrentControlSet\Services\RemoteRegistry","Start") success GenericClean::Pattern:TSC_GENCLEAN,Virus Name:Cryp_Xed-16,Virus File Path:C:\Users\Kimberly\AppData\Local\Temp\Temp1_tdsskiller.zip\TDSSKiller.exe GenericClean::Pattern:WORM_DOWNAD,Virus Name:Cryp_Xed-16,Virus File Path:C:\Users\Kimberly\AppData\Local\Temp\Temp1_tdsskiller.zip\TDSSKiller.exe GenericClean::Pattern:PE_PATCHEP.A,Virus Name:Cryp_Xed-16,Virus File Path:C:\Users\Kimberly\AppData\Local\Temp\Temp1_tdsskiller.zip\TDSSKiller.exe GenericClean::Pattern:BKDR_TIDIES,Virus Name:Cryp_Xed-16,Virus File Path:C:\Users\Kimberly\AppData\Local\Temp\Temp1_tdsskiller.zip\TDSSKiller.exe Complete time : Wed Sep 01 2010 23:48:20 Execute pattern count(4), Virus found count(1), Virus clean count(1), Clean failed count(0) Damage Cleanup Engine (DCE) 6.2(Build 1016) (RCM: Driver not ready!) Windows 7(Build 7600: ) Start time : Wed Sep 01 2010 23:48:46 Load Damage Cleanup Template (DCT) "C:\Sysclean\sysclean\TMRDCT.ptn" (version ) [fail] Load Damage Cleanup Template (DCT) "C:\Sysclean\sysclean\tsc.ptn" (version 1092) [success] Normal File Check for Detected File "C:\Users\Kimberly\Desktop\tdsskiller\TDSSKiller.exe" (Virus Name Cryp_Xed-16): Normal file check result 0x00000002, from "Kaspersky Lab [D]". TSC_GENCLEAN[virus found] -->delete file("C:\Users\Kimberly\Desktop\tdsskiller\TDSSKiller.exe","","") success -->delete file("C:\Sysclean\sysclean\TSC_Temp\tsc.exe","","") success -->copy file("C:\Sysclean\sysclean\tsc.bin","C:\Sysclean\sysclean\TSC_Temp\tsc.exe","") success -->delete file("C:\Sysclean\sysclean\TSC_Temp\tsc.ini","","") success -->copy file("C:\Sysclean\sysclean\tsc.ini","C:\Sysclean\sysclean\TSC_Temp\tsc.ini","") success -->delete file("C:\Sysclean\sysclean\TSC_Temp\tsc.ptn","","") success -->copy file("C:\Sysclean\sysclean\tsc.ptn","C:\Sysclean\sysclean\TSC_Temp\tsc.ptn","") success -->modify file("C:\Sysclean\sysclean\TSC_Temp\DEADLINKS.INI","","") success GenericClean::Pattern:TSC_GENCLEAN,Virus Name:Cryp_Xed-16,Virus File Path:C:\Users\Kimberly\Desktop\tdsskiller\TDSSKiller.exe GenericClean::Pattern:WORM_DOWNAD,Virus Name:Cryp_Xed-16,Virus File Path:C:\Users\Kimberly\Desktop\tdsskiller\TDSSKiller.exe GenericClean::Pattern:PE_PATCHEP.A,Virus Name:Cryp_Xed-16,Virus File Path:C:\Users\Kimberly\Desktop\tdsskiller\TDSSKiller.exe GenericClean::Pattern:BKDR_TIDIES,Virus Name:Cryp_Xed-16,Virus File Path:C:\Users\Kimberly\Desktop\tdsskiller\TDSSKiller.exe Complete time : Wed Sep 01 2010 23:48:47 Execute pattern count(4), Virus found count(1), Virus clean count(1), Clean failed count(0) Damage Cleanup Engine (DCE) 6.2(Build 1016) (RCM: Driver not ready!) Windows 7(Build 7600: ) Start time : Wed Sep 01 2010 23:48:47 Load Damage Cleanup Template (DCT) "C:\Sysclean\sysclean\TMRDCT.ptn" (version ) [fail] Load Damage Cleanup Template (DCT) "C:\Sysclean\sysclean\tsc.ptn" (version 1092) [success] Normal File Check for Detected File "C:\Users\Kimberly\Desktop\TDSSKiller.exe" (Virus Name Cryp_Xed-16): Normal file check result 0x00000002, from "Kaspersky Lab [D]". TSC_GENCLEAN[virus found] -->delete file("C:\Users\Kimberly\Desktop\TDSSKiller.exe","","") success -->delete file("C:\Sysclean\sysclean\TSC_Temp\tsc.exe","","") success -->copy file("C:\Sysclean\sysclean\tsc.bin","C:\Sysclean\sysclean\TSC_Temp\tsc.exe","") success -->delete file("C:\Sysclean\sysclean\TSC_Temp\tsc.ini","","") success -->copy file("C:\Sysclean\sysclean\tsc.ini","C:\Sysclean\sysclean\TSC_Temp\tsc.ini","") success -->delete file("C:\Sysclean\sysclean\TSC_Temp\tsc.ptn","","") success -->copy file("C:\Sysclean\sysclean\tsc.ptn","C:\Sysclean\sysclean\TSC_Temp\tsc.ptn","") success -->modify file("C:\Sysclean\sysclean\TSC_Temp\DEADLINKS.INI","","") success GenericClean::Pattern:TSC_GENCLEAN,Virus Name:Cryp_Xed-16,Virus File Path:C:\Users\Kimberly\Desktop\TDSSKiller.exe GenericClean::Pattern:WORM_DOWNAD,Virus Name:Cryp_Xed-16,Virus File Path:C:\Users\Kimberly\Desktop\TDSSKiller.exe GenericClean::Pattern:PE_PATCHEP.A,Virus Name:Cryp_Xed-16,Virus File Path:C:\Users\Kimberly\Desktop\TDSSKiller.exe GenericClean::Pattern:BKDR_TIDIES,Virus Name:Cryp_Xed-16,Virus File Path:C:\Users\Kimberly\Desktop\TDSSKiller.exe Complete time : Wed Sep 01 2010 23:48:47 Execute pattern count(4), Virus found count(1), Virus clean count(1), Clean failed count(0) Damage Cleanup Engine (DCE) 6.2(Build 1016) (RCM: Driver not ready!) Windows 7(Build 7600: ) Start time : Wed Sep 01 2010 23:48:48 Load Damage Cleanup Template (DCT) "C:\Sysclean\sysclean\TMRDCT.ptn" (version ) [fail] Load Damage Cleanup Template (DCT) "C:\Sysclean\sysclean\tsc.ptn" (version 1092) [success] GenericClean::Pattern:TSC_GENCLEAN,Virus Name:Cryp_Xed-16,Virus File Path:C:\Users\Kimberly\Desktop\tdsskiller.zip GenericClean::Pattern:WORM_DOWNAD,Virus Name:Cryp_Xed-16,Virus File Path:C:\Users\Kimberly\Desktop\tdsskiller.zip GenericClean::Pattern:PE_PATCHEP.A,Virus Name:Cryp_Xed-16,Virus File Path:C:\Users\Kimberly\Desktop\tdsskiller.zip GenericClean::Pattern:BKDR_TIDIES,Virus Name:Cryp_Xed-16,Virus File Path:C:\Users\Kimberly\Desktop\tdsskiller.zip Complete time : Wed Sep 01 2010 23:48:48 Execute pattern count(4), Virus found count(0), Virus clean count(0), Clean failed count(0)
  8. Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Database version: 4524 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 9/1/2010 1:48:24 PM mbam-log-2010-09-01 (13-48-24).txt Scan type: Full scan (C:\|D:\|) Objects scanned: 245790 Time elapsed: 28 minute(s), 25 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected)
  9. 2010/09/01 12:08:14.0338 TDSS rootkit removing tool 2.4.1.4 Aug 31 2010 16:55:25 2010/09/01 12:08:14.0338 ================================================================================ 2010/09/01 12:08:14.0338 SystemInfo: 2010/09/01 12:08:14.0338 2010/09/01 12:08:14.0338 OS Version: 6.1.7600 ServicePack: 0.0 2010/09/01 12:08:14.0338 Product type: Workstation 2010/09/01 12:08:14.0338 ComputerName: KIMBERLY-PC 2010/09/01 12:08:14.0338 UserName: Kimberly 2010/09/01 12:08:14.0338 Windows directory: C:\windows 2010/09/01 12:08:14.0338 System windows directory: C:\windows 2010/09/01 12:08:14.0338 Running under WOW64 2010/09/01 12:08:14.0338 Processor architecture: Intel x64 2010/09/01 12:08:14.0338 Number of processors: 4 2010/09/01 12:08:14.0338 Page size: 0x1000 2010/09/01 12:08:14.0338 Boot type: Normal boot 2010/09/01 12:08:14.0338 ================================================================================ 2010/09/01 12:08:14.0338 Utility is running under WOW64, functionality is limited. 2010/09/01 12:08:15.0040 Initialize success 2010/09/01 12:08:16.0241 ================================================================================ 2010/09/01 12:08:16.0241 Scan started 2010/09/01 12:08:16.0241 Mode: Manual; 2010/09/01 12:08:16.0241 ================================================================================ 2010/09/01 12:08:16.0709 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\windows\system32\DRIVERS\1394ohci.sys 2010/09/01 12:08:16.0756 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\windows\system32\DRIVERS\ACPI.sys 2010/09/01 12:08:16.0819 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\windows\system32\DRIVERS\acpipmi.sys 2010/09/01 12:08:16.0865 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys 2010/09/01 12:08:16.0912 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys 2010/09/01 12:08:16.0959 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys 2010/09/01 12:08:17.0053 AFD (b9384e03479d2506bc924c16a3db87bc) C:\windows\system32\drivers\afd.sys 2010/09/01 12:08:17.0115 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\DRIVERS\agp440.sys 2010/09/01 12:08:17.0177 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\DRIVERS\aliide.sys 2010/09/01 12:08:17.0224 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\DRIVERS\amdide.sys 2010/09/01 12:08:17.0287 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys 2010/09/01 12:08:17.0318 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys 2010/09/01 12:08:17.0365 amdsata (7a4b413614c055935567cf88a9734d38) C:\windows\system32\DRIVERS\amdsata.sys 2010/09/01 12:08:17.0411 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys 2010/09/01 12:08:17.0458 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\windows\system32\DRIVERS\amdxata.sys 2010/09/01 12:08:17.0567 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\windows\system32\drivers\appid.sys 2010/09/01 12:08:17.0677 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys 2010/09/01 12:08:17.0723 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys 2010/09/01 12:08:17.0770 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys 2010/09/01 12:08:18.0878 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\DRIVERS\atapi.sys 2010/09/01 12:08:18.0972 athr (cca705cdf038d5bc243203ce4416b345) C:\windows\system32\DRIVERS\athrx.sys 2010/09/01 12:08:19.0174 avgntflt (ed2b23707f19ccc1b2a4382b05d31481) C:\windows\system32\DRIVERS\avgntflt.sys 2010/09/01 12:08:19.0221 avipbb (c98fa6e5ad0e857d22716bd2b8b1f399) C:\windows\system32\DRIVERS\avipbb.sys 2010/09/01 12:08:19.0330 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys 2010/09/01 12:08:19.0393 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys 2010/09/01 12:08:19.0471 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys 2010/09/01 12:08:19.0596 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys 2010/09/01 12:08:19.0658 bowser (91ce0d3dc57dd377e690a2d324022b08) C:\windows\system32\DRIVERS\bowser.sys 2010/09/01 12:08:19.0720 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys 2010/09/01 12:08:19.0783 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys 2010/09/01 12:08:19.0845 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys 2010/09/01 12:08:19.0892 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys 2010/09/01 12:08:19.0923 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys 2010/09/01 12:08:19.0954 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys 2010/09/01 12:08:20.0001 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys 2010/09/01 12:08:20.0095 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys 2010/09/01 12:08:20.0142 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\windows\system32\DRIVERS\cdrom.sys 2010/09/01 12:08:20.0220 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys 2010/09/01 12:08:20.0282 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys 2010/09/01 12:08:20.0407 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys 2010/09/01 12:08:20.0454 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\DRIVERS\cmdide.sys 2010/09/01 12:08:20.0500 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\windows\system32\Drivers\cng.sys 2010/09/01 12:08:20.0563 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys 2010/09/01 12:08:20.0625 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\windows\system32\DRIVERS\CompositeBus.sys 2010/09/01 12:08:20.0703 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys 2010/09/01 12:08:20.0828 DfsC (3f1dc527070acb87e40afe46ef6da749) C:\windows\system32\Drivers\dfsc.sys 2010/09/01 12:08:20.0906 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys 2010/09/01 12:08:20.0968 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys 2010/09/01 12:08:21.0249 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys 2010/09/01 12:08:21.0358 DXGKrnl (ebce0b0924835f635f620d19f0529dce) C:\windows\System32\drivers\dxgkrnl.sys 2010/09/01 12:08:21.0546 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys 2010/09/01 12:08:21.0795 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys 2010/09/01 12:08:21.0842 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\DRIVERS\errdev.sys 2010/09/01 12:08:21.0967 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys 2010/09/01 12:08:22.0014 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys 2010/09/01 12:08:22.0060 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys 2010/09/01 12:08:22.0170 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys 2010/09/01 12:08:22.0201 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys 2010/09/01 12:08:22.0263 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys 2010/09/01 12:08:22.0310 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\windows\system32\drivers\fltmgr.sys 2010/09/01 12:08:22.0404 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys 2010/09/01 12:08:22.0482 fssfltr (53dab1791917a72738539ad25c4eed7f) C:\windows\system32\DRIVERS\fssfltr.sys 2010/09/01 12:08:22.0575 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\windows\system32\drivers\Fs_Rec.sys 2010/09/01 12:08:22.0638 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\windows\system32\DRIVERS\fvevol.sys 2010/09/01 12:08:22.0700 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys 2010/09/01 12:08:22.0778 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\windows\system32\DRIVERS\GEARAspiWDM.sys 2010/09/01 12:08:22.0918 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys 2010/09/01 12:08:22.0981 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\windows\system32\drivers\HdAudio.sys 2010/09/01 12:08:23.0043 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\windows\system32\DRIVERS\HDAudBus.sys 2010/09/01 12:08:23.0106 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys 2010/09/01 12:08:23.0137 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys 2010/09/01 12:08:23.0199 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys 2010/09/01 12:08:23.0262 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\windows\system32\DRIVERS\hidusb.sys 2010/09/01 12:08:23.0386 HpSAMD (0886d440058f203eba0e1825e4355914) C:\windows\system32\DRIVERS\HpSAMD.sys 2010/09/01 12:08:23.0480 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\windows\system32\drivers\HTTP.sys 2010/09/01 12:08:23.0542 hwpolicy (f17766a19145f111856378df337a5d79) C:\windows\system32\drivers\hwpolicy.sys 2010/09/01 12:08:23.0589 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\DRIVERS\i8042prt.sys 2010/09/01 12:08:23.0667 iaStor (abbf174cb394f5c437410a788b7e404a) C:\windows\system32\DRIVERS\iaStor.sys 2010/09/01 12:08:23.0745 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\windows\system32\DRIVERS\iaStorV.sys 2010/09/01 12:08:23.0964 igfx (a87261ef1546325b559374f5689cf5bc) C:\windows\system32\DRIVERS\igdkmd64.sys 2010/09/01 12:08:24.0166 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys 2010/09/01 12:08:24.0369 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\windows\system32\DRIVERS\Impcd.sys 2010/09/01 12:08:24.0478 IntcAzAudAddService (0adf714079ae174a39d69036143e4c50) C:\windows\system32\drivers\RTKVHD64.sys 2010/09/01 12:08:24.0572 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\DRIVERS\intelide.sys 2010/09/01 12:08:24.0619 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys 2010/09/01 12:08:24.0712 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\windows\system32\DRIVERS\ipfltdrv.sys 2010/09/01 12:08:24.0837 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\windows\system32\DRIVERS\IPMIDrv.sys 2010/09/01 12:08:24.0946 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys 2010/09/01 12:08:25.0056 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys 2010/09/01 12:08:25.0134 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\DRIVERS\isapnp.sys 2010/09/01 12:08:25.0196 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\windows\system32\DRIVERS\msiscsi.sys 2010/09/01 12:08:25.0243 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\DRIVERS\kbdclass.sys 2010/09/01 12:08:25.0336 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\windows\system32\DRIVERS\kbdhid.sys 2010/09/01 12:08:25.0430 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\windows\system32\Drivers\ksecdd.sys 2010/09/01 12:08:25.0477 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\windows\system32\Drivers\ksecpkg.sys 2010/09/01 12:08:25.0524 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys 2010/09/01 12:08:25.0648 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys 2010/09/01 12:08:25.0758 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\DRIVERS\lsi_fc.sys 2010/09/01 12:08:25.0820 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\DRIVERS\lsi_sas.sys 2010/09/01 12:08:25.0867 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\DRIVERS\lsi_sas2.sys 2010/09/01 12:08:25.0914 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\DRIVERS\lsi_scsi.sys 2010/09/01 12:08:25.0992 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys 2010/09/01 12:08:26.0070 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\DRIVERS\megasas.sys 2010/09/01 12:08:26.0148 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\DRIVERS\MegaSR.sys 2010/09/01 12:08:26.0210 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys 2010/09/01 12:08:26.0272 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys 2010/09/01 12:08:26.0350 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys 2010/09/01 12:08:26.0397 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys 2010/09/01 12:08:26.0444 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\windows\system32\drivers\mountmgr.sys 2010/09/01 12:08:26.0491 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\windows\system32\DRIVERS\mpio.sys 2010/09/01 12:08:26.0553 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys 2010/09/01 12:08:26.0631 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\windows\system32\drivers\mrxdav.sys 2010/09/01 12:08:26.0725 mrxsmb (767a4c3bcf9410c286ced15a2db17108) C:\windows\system32\DRIVERS\mrxsmb.sys 2010/09/01 12:08:26.0772 mrxsmb10 (920ee0ff995fcfdeb08c41605a959e1c) C:\windows\system32\DRIVERS\mrxsmb10.sys 2010/09/01 12:08:26.0818 mrxsmb20 (740d7ea9d72c981510a5292cf6adc941) C:\windows\system32\DRIVERS\mrxsmb20.sys 2010/09/01 12:08:26.0896 msahci (5c37497276e3b3a5488b23a326a754b7) C:\windows\system32\DRIVERS\msahci.sys 2010/09/01 12:08:26.0959 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\windows\system32\DRIVERS\msdsm.sys 2010/09/01 12:08:27.0068 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys 2010/09/01 12:08:27.0099 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys 2010/09/01 12:08:27.0146 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\DRIVERS\msisadrv.sys 2010/09/01 12:08:27.0208 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys 2010/09/01 12:08:27.0255 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys 2010/09/01 12:08:27.0286 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys 2010/09/01 12:08:27.0364 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\windows\system32\drivers\MsRPC.sys 2010/09/01 12:08:27.0442 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\DRIVERS\mssmbios.sys 2010/09/01 12:08:27.0458 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys 2010/09/01 12:08:27.0505 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\DRIVERS\MTConfig.sys 2010/09/01 12:08:27.0552 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys 2010/09/01 12:08:27.0661 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys 2010/09/01 12:08:27.0739 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\windows\system32\drivers\ndis.sys 2010/09/01 12:08:27.0801 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys 2010/09/01 12:08:27.0879 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys 2010/09/01 12:08:27.0942 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\windows\system32\DRIVERS\ndisuio.sys 2010/09/01 12:08:28.0004 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\windows\system32\DRIVERS\ndiswan.sys 2010/09/01 12:08:28.0082 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\windows\system32\drivers\NDProxy.sys 2010/09/01 12:08:28.0160 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys 2010/09/01 12:08:28.0222 NetBT (9162b273a44ab9dce5b44362731d062a) C:\windows\system32\DRIVERS\netbt.sys 2010/09/01 12:08:28.0332 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\DRIVERS\nfrd960.sys 2010/09/01 12:08:28.0425 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys 2010/09/01 12:08:28.0472 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys 2010/09/01 12:08:28.0550 Ntfs (356698a13c4630d5b31c37378d469196) C:\windows\system32\drivers\Ntfs.sys 2010/09/01 12:08:28.0628 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys 2010/09/01 12:08:28.0690 NVHDA (181e7fe39211e04128a30708906627d8) C:\windows\system32\drivers\nvhda64v.sys 2010/09/01 12:08:28.0987 nvlddmkm (a518a34f345abf771e66ac48932ffea8) C:\windows\system32\DRIVERS\nvlddmkm.sys 2010/09/01 12:08:29.0236 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\windows\system32\DRIVERS\nvraid.sys 2010/09/01 12:08:29.0268 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\windows\system32\DRIVERS\nvstor.sys 2010/09/01 12:08:29.0330 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\DRIVERS\nv_agp.sys 2010/09/01 12:08:29.0361 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\DRIVERS\ohci1394.sys 2010/09/01 12:08:29.0517 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\DRIVERS\parport.sys 2010/09/01 12:08:29.0580 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\windows\system32\drivers\partmgr.sys 2010/09/01 12:08:29.0658 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\windows\system32\DRIVERS\pci.sys 2010/09/01 12:08:29.0689 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\DRIVERS\pciide.sys 2010/09/01 12:08:29.0736 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\DRIVERS\pcmcia.sys 2010/09/01 12:08:29.0798 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys 2010/09/01 12:08:29.0860 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys 2010/09/01 12:08:30.0157 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\windows\system32\DRIVERS\raspptp.sys 2010/09/01 12:08:30.0219 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\DRIVERS\processr.sys 2010/09/01 12:08:30.0328 Psched (ee992183bd8eaefd9973f352e587a299) C:\windows\system32\DRIVERS\pacer.sys 2010/09/01 12:08:30.0406 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\DRIVERS\ql2300.sys 2010/09/01 12:08:30.0469 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\DRIVERS\ql40xx.sys 2010/09/01 12:08:30.0547 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys 2010/09/01 12:08:30.0609 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys 2010/09/01 12:08:30.0672 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys 2010/09/01 12:08:30.0734 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\windows\system32\DRIVERS\rasl2tp.sys 2010/09/01 12:08:30.0796 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys 2010/09/01 12:08:30.0859 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys 2010/09/01 12:08:30.0952 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\windows\system32\DRIVERS\rdbss.sys 2010/09/01 12:08:31.0015 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\DRIVERS\rdpbus.sys 2010/09/01 12:08:31.0077 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys 2010/09/01 12:08:31.0140 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys 2010/09/01 12:08:31.0202 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys 2010/09/01 12:08:31.0327 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\windows\system32\drivers\RDPWD.sys 2010/09/01 12:08:31.0436 rdyboost (634b9a2181d98f15941236886164ec8b) C:\windows\system32\drivers\rdyboost.sys 2010/09/01 12:08:31.0654 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys 2010/09/01 12:08:31.0732 RTL8167 (baefee35d27a5440d35092ce10267bec) C:\windows\system32\DRIVERS\Rt64win7.sys 2010/09/01 12:08:32.0013 rtport (4ca0dba9e224473d664c25e411f5a3bd) C:\windows\SysWOW64\drivers\rtport.sys 2010/09/01 12:08:32.0169 SABI (62db6cc4b0818f1b5f3441241b098f12) C:\windows\system32\Drivers\SABI.sys 2010/09/01 12:08:32.0294 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\windows\system32\DRIVERS\sbp2port.sys 2010/09/01 12:08:32.0356 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\windows\system32\DRIVERS\scfilter.sys 2010/09/01 12:08:32.0481 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys 2010/09/01 12:08:32.0575 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\DRIVERS\serenum.sys 2010/09/01 12:08:32.0622 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\DRIVERS\serial.sys 2010/09/01 12:08:32.0700 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\DRIVERS\sermouse.sys 2010/09/01 12:08:32.0824 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\DRIVERS\sffdisk.sys 2010/09/01 12:08:32.0887 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\DRIVERS\sffp_mmc.sys 2010/09/01 12:08:32.0934 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\windows\system32\DRIVERS\sffp_sd.sys 2010/09/01 12:08:32.0980 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\DRIVERS\sfloppy.sys 2010/09/01 12:08:33.0090 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\DRIVERS\SiSRaid2.sys 2010/09/01 12:08:33.0136 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\DRIVERS\sisraid4.sys 2010/09/01 12:08:33.0199 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys 2010/09/01 12:08:33.0292 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys 2010/09/01 12:08:33.0433 srv (43067a65522eaec33d31a12d6fa8e3f4) C:\windows\system32\DRIVERS\srv.sys 2010/09/01 12:08:33.0480 srv2 (03715cf9c30b563da35fc5f2b8f7b8e0) C:\windows\system32\DRIVERS\srv2.sys 2010/09/01 12:08:33.0526 srvnet (fbd09635227a8026c0f7790f604343c6) C:\windows\system32\DRIVERS\srvnet.sys 2010/09/01 12:08:33.0620 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\DRIVERS\stexstor.sys 2010/09/01 12:08:33.0698 StillCam (decacb6921ded1a38642642685d77dac) C:\windows\system32\DRIVERS\serscan.sys 2010/09/01 12:08:33.0776 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\DRIVERS\swenum.sys 2010/09/01 12:08:33.0870 SynTP (3c80203c725c28cea5713d1ab242880a) C:\windows\system32\DRIVERS\SynTP.sys 2010/09/01 12:08:34.0072 Tcpip (90a2d722cf64d911879d6c4a4f802a4d) C:\windows\system32\drivers\tcpip.sys 2010/09/01 12:08:34.0150 TCPIP6 (90a2d722cf64d911879d6c4a4f802a4d) C:\windows\system32\DRIVERS\tcpip.sys 2010/09/01 12:08:34.0228 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\windows\system32\drivers\tcpipreg.sys 2010/09/01 12:08:34.0338 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys 2010/09/01 12:08:34.0369 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\windows\system32\drivers\tdtcp.sys 2010/09/01 12:08:34.0431 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\windows\system32\DRIVERS\tdx.sys 2010/09/01 12:08:34.0478 TermDD (c448651339196c0e869a355171875522) C:\windows\system32\DRIVERS\termdd.sys 2010/09/01 12:08:34.0650 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\windows\system32\DRIVERS\tssecsrv.sys 2010/09/01 12:08:34.0743 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\windows\system32\DRIVERS\tunnel.sys 2010/09/01 12:08:34.0837 TurboB (825e7a1f48fb8bcfba27c178aab4e275) C:\windows\system32\DRIVERS\TurboB.sys 2010/09/01 12:08:34.0946 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\DRIVERS\uagp35.sys 2010/09/01 12:08:35.0071 udfs (31ba4a33afab6a69ea092b18017f737f) C:\windows\system32\DRIVERS\udfs.sys 2010/09/01 12:08:35.0211 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\DRIVERS\uliagpkx.sys 2010/09/01 12:08:35.0289 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\windows\system32\DRIVERS\umbus.sys 2010/09/01 12:08:35.0352 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\DRIVERS\umpass.sys 2010/09/01 12:08:35.0445 USBAAPL64 (cd03479f2da26500b203ed075c146a7a) C:\windows\system32\Drivers\usbaapl64.sys 2010/09/01 12:08:35.0508 usbccgp (b26afb54a534d634523c4fb66765b026) C:\windows\system32\DRIVERS\usbccgp.sys 2010/09/01 12:08:35.0554 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\DRIVERS\usbcir.sys 2010/09/01 12:08:35.0617 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\windows\system32\DRIVERS\usbehci.sys 2010/09/01 12:08:35.0679 usbhub (4c9042b8df86c1e8e6240c218b99b39b) C:\windows\system32\DRIVERS\usbhub.sys 2010/09/01 12:08:35.0726 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\windows\system32\DRIVERS\usbohci.sys 2010/09/01 12:08:35.0788 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys 2010/09/01 12:08:35.0820 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\windows\system32\DRIVERS\USBSTOR.SYS 2010/09/01 12:08:35.0851 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\windows\system32\DRIVERS\usbuhci.sys 2010/09/01 12:08:35.0944 usbvideo (d501e12614b00a3252073101d6a1a74b) C:\windows\system32\Drivers\usbvideo.sys 2010/09/01 12:08:36.0085 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\DRIVERS\vdrvroot.sys 2010/09/01 12:08:36.0178 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys 2010/09/01 12:08:36.0256 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys 2010/09/01 12:08:36.0334 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\windows\system32\DRIVERS\vhdmp.sys 2010/09/01 12:08:36.0412 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\DRIVERS\viaide.sys 2010/09/01 12:08:36.0459 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\windows\system32\DRIVERS\volmgr.sys 2010/09/01 12:08:36.0537 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\windows\system32\drivers\volmgrx.sys 2010/09/01 12:08:36.0600 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\windows\system32\DRIVERS\volsnap.sys 2010/09/01 12:08:36.0678 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\DRIVERS\vsmraid.sys 2010/09/01 12:08:36.0787 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys 2010/09/01 12:08:36.0865 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys 2010/09/01 12:08:36.0974 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\DRIVERS\wacompen.sys 2010/09/01 12:08:37.0036 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\windows\system32\DRIVERS\wanarp.sys 2010/09/01 12:08:37.0052 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\windows\system32\DRIVERS\wanarp.sys 2010/09/01 12:08:37.0255 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\DRIVERS\wd.sys 2010/09/01 12:08:37.0317 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys 2010/09/01 12:08:37.0489 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys 2010/09/01 12:08:37.0551 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys 2010/09/01 12:08:37.0723 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\windows\system32\DRIVERS\WinUsb.sys 2010/09/01 12:08:37.0770 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\DRIVERS\wmiacpi.sys 2010/09/01 12:08:37.0941 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys 2010/09/01 12:08:38.0066 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\windows\system32\drivers\WudfPf.sys 2010/09/01 12:08:38.0113 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\windows\system32\DRIVERS\WUDFRd.sys 2010/09/01 12:08:38.0238 yukonw7 (64f88af327aa74e03658ae32b48ccb8b) C:\windows\system32\DRIVERS\yk62x64.sys 2010/09/01 12:08:38.0300 ================================================================================ 2010/09/01 12:08:38.0300 Scan finished 2010/09/01 12:08:38.0300 ================================================================================ Im starting the MBAM full scan now. Will post log when finished.
  10. It says "Windows cannot find 'TDSSKiller.exe'. Make sure you typed the name correctly, and then try again." Then the same message popped up except it said 'Logit.txt'. I checked and thats what my TDSSKiller is named.. When I ran the TDSSKiller scan it said no threats were found. Does that have anything to do with it? I saved the log if you need it.
  11. I got it now. Do I run the scan for TDSSKiller first then run the fix.bat?
  12. Sorry, I thought that had something to do with what was going on. I tried to save the notepad as "fix.bat" and save type as- all files but it showed up only as "fix" and won't run. Is there something I need to do differently?
  13. c:\Windows\System32\oobe [NOTE] The file is not visible. c:\windows\system32\oobe\info\default\1045\oobe.xml c:\Windows\System32\oobe [NOTE] The file is not visible. c:\windows\system32\oobe\info\default\1046\oobe.xml c:\Windows\System32\oobe [NOTE] The file is not visible. c:\windows\system32\oobe\info\default\1048\oobe.xml c:\Windows\System32\oobe [NOTE] The file is not visible. c:\windows\system32\oobe\info\default\1049\oobe.xml c:\Windows\System32\oobe [NOTE] The file is not visible. c:\windows\system32\oobe\info\default\1050\oobe.xml c:\Windows\System32\oobe [NOTE] The file is not visible. c:\windows\system32\oobe\info\default\1051\oobe.xml c:\Windows\System32\oobe [NOTE] The file is not visible. c:\windows\system32\oobe\info\default\1053\oobe.xml c:\Windows\System32\oobe [NOTE] The file is not visible. c:\windows\system32\oobe\info\default\1054\oobe.xml c:\Windows\System32\oobe [NOTE] The file is not visible. c:\windows\system32\oobe\info\default\1055\oobe.xml c:\Windows\System32\oobe [NOTE] The file is not visible. c:\windows\system32\oobe\info\default\1058\oobe.xml c:\Windows\System32\oobe [NOTE] The file is not visible. c:\windows\system32\oobe\info\default\1060\oobe.xml c:\Windows\System32\oobe [NOTE] The file is not visible. c:\windows\system32\oobe\info\default\2052\oobe.xml c:\Windows\System32\oobe [NOTE] The file is not visible. c:\windows\system32\oobe\info\default\2070\oobe.xml c:\Windows\System32\oobe [NOTE] The file is not visible. c:\windows\system32\oobe\info\default\2074\oobe.xml c:\Windows\System32\oobe [NOTE] The file is not visible. c:\windows\system32\oobe\info\default\3076\oobe.xml c:\Windows\System32\oobe [NOTE] The file is not visible. c:\windows\system32\oobe\info\default\3082\oobe.xml c:\Windows\System32\oobe [NOTE] The file is not visible. c:\windows\system32\restore\machineguid.txt c:\Windows\System32\restore [NOTE] The file is not visible. c:\windows\system32\spool\drivers\x64\mxdwdrv.dll c:\Windows\System32\drivers\x64\mxdwdrv.dll [NOTE] The file is not visible. c:\windows\system32\spool\drivers\x64\sendtoonenote-pipelineconfig.xml c:\Windows\System32\drivers\x64\SendToOneNote-PipelineConfig.xml [NOTE] The file is not visible. c:\windows\system32\spool\drivers\x64\sendtoonenote.gpd c:\Windows\System32\drivers\x64\SendToOneNote.gpd [NOTE] The file is not visible. c:\windows\system32\spool\drivers\x64\sendtoonenote.ini c:\Windows\System32\drivers\x64\SendToOneNote.ini [NOTE] The file is not visible. c:\windows\system32\spool\drivers\x64\sendtoonenotefilter.dll c:\Windows\System32\drivers\x64\SendToOneNoteFilter.dll [NOTE] The file is not visible. c:\windows\system32\spool\drivers\x64\sendtoonenotefilter.gpd c:\Windows\System32\drivers\x64\SendToOneNoteFilter.gpd [NOTE] The file is not visible. c:\windows\system32\spool\drivers\x64\sendtoonenotenames.gpd c:\Windows\System32\drivers\x64\SendToOneNoteNames.gpd [NOTE] The file is not visible. c:\windows\system32\spool\drivers\x64\sendtoonenoteui.dll c:\Windows\System32\drivers\x64\SendToOneNoteUI.dll [NOTE] The file is not visible. c:\windows\system32\spool\drivers\x64\stddtype.gdl c:\Windows\System32\drivers\x64\stddtype.gdl [NOTE] The file is not visible. c:\windows\system32\spool\drivers\x64\stdnames.gpd c:\Windows\System32\drivers\x64\stdnames.gpd [NOTE] The file is not visible. c:\windows\system32\spool\drivers\x64\stdschem.gdl c:\Windows\System32\drivers\x64\stdschem.gdl [NOTE] The file is not visible. c:\windows\system32\spool\drivers\x64\stdschmx.gdl c:\Windows\System32\drivers\x64\stdschmx.gdl [NOTE] The file is not visible. c:\windows\system32\spool\drivers\x64\unidrv.dll c:\Windows\System32\drivers\x64\unidrv.dll [NOTE] The file is not visible. c:\windows\system32\spool\drivers\x64\unidrv.hlp c:\Windows\System32\drivers\x64\unidrv.hlp [NOTE] The file is not visible. c:\windows\system32\spool\drivers\x64\unidrvui.dll c:\Windows\System32\drivers\x64\unidrvui.dll [NOTE] The file is not visible. c:\windows\system32\spool\drivers\x64\unires.dll c:\Windows\System32\drivers\x64\unires.dll [NOTE] The file is not visible. c:\windows\system32\spool\drivers\x64\xpssvcs.dll c:\Windows\System32\drivers\x64\XpsSvcs.dll [NOTE] The file is not visible. c:\windows\system32\spool\drivers\x64\3\fxsapi.dll c:\Windows\System32\drivers\x64\3\FXSAPI.DLL [NOTE] The file is not visible. c:\windows\system32\spool\drivers\x64\3\fxsdrv.dll c:\Windows\System32\drivers\x64\3\FXSDRV.DLL [NOTE] The file is not visible. c:\windows\system32\spool\drivers\x64\3\fxsres.dll c:\Windows\System32\drivers\x64\3\FXSRES.DLL [NOTE] The file is not visible. c:\windows\system32\spool\drivers\x64\3\fxstiff.dll c:\Windows\System32\drivers\x64\3\FXSTIFF.DLL [NOTE] The file is not visible. c:\windows\system32\spool\drivers\x64\3\fxsui.dll c:\Windows\System32\drivers\x64\3\FXSUI.DLL [NOTE] The file is not visible. c:\windows\system32\spool\drivers\x64\3\fxswzrd.dll c:\Windows\System32\drivers\x64\3\FXSWZRD.DLL [NOTE] The file is not visible. c:\windows\system32\spool\drivers\x64\3\hpf3m101.gpd c:\Windows\System32\drivers\x64\3\hpf3m101.gpd [NOTE] The file is not visible. c:\windows\system32\spool\drivers\x64\3\hpf3r101.dll c:\Windows\System32\drivers\x64\3\hpf3r101.dll [NOTE] The file is not visible. c:\windows\system32\spool\drivers\x64\3\hpfev101.dll c:\Windows\System32\drivers\x64\3\hpfev101.dll [NOTE] The file is not visible. c:\windows\system32\spool\drivers\x64\3\hpfhl101.cab c:\Windows\System32\drivers\x64\3\hpfhl101.cab [NOTE] The file is not visible. c:\windows\system32\spool\drivers\x64\3\hpfie101.dll c:\Windows\System32\drivers\x64\3\hpfie101.dll [NOTE] The file is not visible. c:\windows\system32\spool\drivers\x64\3\hpfpr101.dll c:\Windows\System32\drivers\x64\3\hpfpr101.dll [NOTE] The file is not visible. c:\windows\system32\spool\drivers\x64\3\hpfrs101.dll c:\Windows\System32\drivers\x64\3\hpfrs101.dll [NOTE] The file is not visible. c:\windows\system32\spool\drivers\x64\3\hpfsc101.dtd c:\Windows\System32\drivers\x64\3\hpfsc101.dtd [NOTE] The file is not visible. c:\windows\system32\spool\drivers\x64\3\hpfsm101.gpd c:\Windows\System32\drivers\x64\3\hpfsm101.gpd [NOTE] The file is not visible. c:\windows\system32\spool\drivers\x64\3\hpfst101.dll c:\Windows\System32\drivers\x64\3\hpfst101.dll [NOTE] The file is not visible. c:\windows\system32\spool\drivers\x64\3\hpfui101.dll c:\Windows\System32\drivers\x64\3\hpfui101.dll [NOTE] The file is not visible. c:\windows\system32\spool\drivers\x64\3\hpfvu101.dll c:\Windows\System32\drivers\x64\3\hpfvu101.dll [NOTE] The file is not visible. c:\windows\system32\spool\drivers\x64\3\hpod1103.bud c:\Windows\System32\drivers\x64\3\hpod1103.BUD [NOTE] The file is not visible. c:\windows\system32\spool\drivers\x64\3\hpod1103.dll c:\Windows\System32\drivers\x64\3\hpod1103.dll [NOTE] The file is not visible. c:\windows\system32\spool\drivers\x64\3\hpod1103.gpd c:\Windows\System32\drivers\x64\3\hpod1103.gpd [NOTE] The file is not visible. c:\windows\system32\spool\drivers\x64\3\hpod1103.vdf c:\Windows\System32\drivers\x64\3\hpod1103.vdf [NOTE] The file is not visible. c:\windows\system32\spool\drivers\x64\3\hpod1103.xml c:\Windows\System32\drivers\x64\3\hpod1103.xml [NOTE] The file is not visible. c:\windows\system32\spool\drivers\x64\3\hpod110s.ini c:\Windows\System32\drivers\x64\3\hpod110s.ini [NOTE] The file is not visible. c:\windows\system32\spool\drivers\x64\3\mxdwdrv.dll c:\Windows\System32\drivers\x64\3\mxdwdrv.dll [NOTE] The file is not visible. c:\windows\system32\spool\drivers\x64\3\mxdwdui.bud c:\Windows\System32\drivers\x64\3\mxdwdui.BUD [NOTE] The file is not visible. c:\windows\system32\spool\drivers\x64\3\mxdwdui.dll c:\Windows\System32\drivers\x64\3\mxdwdui.dll [NOTE] The file is not visible. c:\windows\system32\spool\drivers\x64\3\mxdwdui.gpd c:\Windows\System32\drivers\x64\3\mxdwdui.gpd [NOTE] The file is not visible. c:\windows\system32\spool\drivers\x64\3\mxdwdui.ini c:\Windows\System32\drivers\x64\3\mxdwdui.ini [NOTE] The file is not visible. c:\windows\system32\spool\drivers\x64\3\sendtoonenote-pipelineconfig.xml c:\Windows\System32\drivers\x64\3\SendToOneNote-PipelineConfig.xml [NOTE] The file is not visible. c:\windows\system32\spool\drivers\x64\3\sendtoonenote.bud c:\Windows\System32\drivers\x64\3\sendtoonenote.BUD [NOTE] The file is not visible. c:\windows\system32\spool\drivers\x64\3\sendtoonenote.gpd c:\Windows\System32\drivers\x64\3\sendtoonenote.gpd [NOTE] The file is not visible. c:\windows\system32\spool\drivers\x64\3\sendtoonenote.ini c:\Windows\System32\drivers\x64\3\SendToOneNote.ini [NOTE] The file is not visible. c:\windows\system32\spool\drivers\x64\3\sendtoonenotefilter.dll c:\Windows\System32\drivers\x64\3\SendToOneNoteFilter.dll [NOTE] The file is not visible. c:\windows\system32\spool\drivers\x64\3\sendtoonenotefilter.gpd c:\Windows\System32\drivers\x64\3\SendToOneNoteFilter.gpd [NOTE] The file is not visible. c:\windows\system32\spool\drivers\x64\3\sendtoonenotenames.gpd c:\Windows\System32\drivers\x64\3\SendToOneNoteNames.gpd [NOTE] The file is not visible. c:\windows\system32\spool\drivers\x64\3\sendtoonenoteui.dll c:\Windows\System32\drivers\x64\3\SendToOneNoteUI.dll [NOTE] The file is not visible. c:\windows\system32\spool\drivers\x64\3\stddtype.gdl c:\Windows\System32\drivers\x64\3\stddtype.gdl [NOTE] The file is not visible. c:\windows\system32\spool\drivers\x64\3\stdnames.gpd c:\Windows\System32\drivers\x64\3\STDNAMES.GPD [NOTE] The file is not visible. c:\windows\system32\spool\drivers\x64\3\stdschem.gdl c:\Windows\System32\drivers\x64\3\stdschem.gdl [NOTE] The file is not visible. c:\windows\system32\spool\drivers\x64\3\stdschmx.gdl c:\Windows\System32\drivers\x64\3\stdschmx.gdl [NOTE] The file is not visible. c:\windows\system32\spool\drivers\x64\3\unidrv.dll c:\Windows\System32\drivers\x64\3\UNIDRV.DLL [NOTE] The file is not visible. c:\windows\system32\spool\drivers\x64\3\unidrv.hlp c:\Windows\System32\drivers\x64\3\UNIDRV.HLP [NOTE] The file is not visible. c:\windows\system32\spool\drivers\x64\3\unidrvui.dll c:\Windows\System32\drivers\x64\3\UNIDRVUI.DLL [NOTE] The file is not visible. c:\windows\system32\spool\drivers\x64\3\unires.dll c:\Windows\System32\drivers\x64\3\UNIRES.DLL [NOTE] The file is not visible. c:\windows\system32\spool\drivers\x64\3\xpssvcs.dll c:\Windows\System32\drivers\x64\3\XpsSvcs.dll [NOTE] The file is not visible. c:\windows\system32\spool\drivers\x64\pcc\hpd110.inf_amd64_neutral_3a975a9f673ea3b4.cab c:\Windows\System32\drivers\x64\PCC\hpd110.inf_amd64_neutral_3a975a9f673ea3b4.cab [NOTE] The file is not visible. c:\windows\system32\spool\drivers\x64\pcc\ntprint.inf_amd64_neutral_02f0bd8e459ed8b3.cab c:\Windows\System32\drivers\x64\PCC\ntprint.inf_amd64_neutral_02f0bd8e459ed8b3.cab [NOTE] The file is not visible. c:\windows\system32\spool\drivers\x64\pcc\prnms001.inf_amd64_neutral_9b214cd9b78760aa.cab c:\Windows\System32\drivers\x64\PCC\prnms001.inf_amd64_neutral_9b214cd9b78760aa.cab [NOTE] The file is not visible. c:\windows\system32\spool\drivers\x64\pcc\prnms002.inf_amd64_neutral_d439051ec90eeda4.cab c:\Windows\System32\drivers\x64\PCC\prnms002.inf_amd64_neutral_d439051ec90eeda4.cab [NOTE] The file is not visible. c:\windows\system32\spool\prtprocs\x64\hpfpp101.dll c:\Windows\System32\prtprocs\x64\hpfpp101.dll [NOTE] The file is not visible. c:\windows\system32\sysprep\sysprep_succeeded.tag c:\Windows\System32\sysprep [NOTE] The file is not visible. c:\windows\system32\sysprep\panther\diagerr.xml c:\Windows\System32\sysprep [NOTE] The file is not visible. c:\windows\system32\sysprep\panther\diagwrn.xml c:\Windows\System32\sysprep [NOTE] The file is not visible. c:\windows\system32\sysprep\panther\setupact.log c:\Windows\System32\sysprep [NOTE] The file is not visible. c:\windows\system32\sysprep\panther\setuperr.log c:\Windows\System32\sysprep [NOTE] The file is not visible. c:\windows\system32\sysprep\panther\ie\diagerr.xml c:\Windows\System32\sysprep [NOTE] The file is not visible. c:\windows\system32\sysprep\panther\ie\diagwrn.xml c:\Windows\System32\sysprep [NOTE] The file is not visible. c:\windows\system32\sysprep\panther\ie\setupact.log c:\Windows\System32\sysprep [NOTE] The file is not visible. c:\windows\system32\sysprep\panther\ie\setuperr.log c:\Windows\System32\sysprep [NOTE] The file is not visible. c:\windows\system32\wbem\autorecover\14c5a2a3c41254184b007011e5565e5b.mof c:\Windows\System32\wbem\AutoRecover [NOTE] The file is not visible. c:\windows\system32\wbem\autorecover\6f8564a71977ae6b940705dcc4847a8d.mof c:\Windows\System32\wbem\AutoRecover [NOTE] The file is not visible. c:\windows\system32\wbem\autorecover\716fdc254e211f547a560e1a71d0e6ca.mof c:\Windows\System32\wbem\AutoRecover [NOTE] The file is not visible. c:\windows\system32\wbem\autorecover\d361f8b496fd6daf7beef497e09c0dc1.mof c:\Windows\System32\wbem\AutoRecover [NOTE] The file is not visible. c:\windows\system32\wbem\autorecover\e6195ba9e153534e5472835e2f29a5b0.mof c:\Windows\System32\wbem\AutoRecover [NOTE] The file is not visible. c:\windows\system32\wbem\performance\wmiaprpl.h c:\Windows\System32\wbem [NOTE] The file is not visible. c:\windows\system32\wbem\performance\wmiaprpl.ini c:\Windows\System32\wbem [NOTE] The file is not visible. c:\windows\system32\wbem\repository\index.btr c:\Windows\System32\wbem\Repository [NOTE] The file is not visible. c:\windows\system32\wbem\repository\mapping1.map c:\Windows\System32\wbem\Repository [NOTE] The file is not visible. c:\windows\system32\wbem\repository\mapping2.map c:\Windows\System32\wbem\Repository [NOTE] The file is not visible. c:\windows\system32\wbem\repository\mapping3.map c:\Windows\System32\wbem\Repository [NOTE] The file is not visible. c:\windows\system32\wbem\repository\objects.data c:\Windows\System32\wbem\Repository [NOTE] The file is not visible. c:\windows\system32\wdi\bootperformancediagnostics_systemdata.bin c:\Windows\System32\wdi [NOTE] The file is not visible. c:\windows\system32\wdi\ercqueuedresolutions.dat c:\Windows\System32\wdi [NOTE] The file is not visible. c:\windows\system32\wdi\shutdownperformancediagnostics_systemdata.bin c:\Windows\System32\wdi [NOTE] The file is not visible. c:\windows\system32\wdi\suspendperformancediagnostics_systemdata_s3.bin c:\Windows\System32\wdi [NOTE] The file is not visible. c:\windows\system32\wdi\suspendperformancediagnostics_systemdata_s4.bin c:\Windows\System32\wdi [NOTE] The file is not visible. c:\windows\system32\wdi\logfiles\bootckcl.etl c:\Windows\System32\wdi [NOTE] The file is not visible. c:\windows\system32\wdi\logfiles\shutdownckcl.etl c:\Windows\System32\wdi [NOTE] The file is not visible. c:\windows\system32\wdi\logfiles\wdicontextlog.etl.001 c:\Windows\System32\wdi [NOTE] The file is not visible. c:\windows\system32\wdi\logfiles\wdicontextlog.etl.002 c:\Windows\System32\wdi [NOTE] The file is not visible. c:\windows\system32\wdi\logfiles\wdicontextlog.etl.003 c:\Windows\System32\wdi [NOTE] The file is not visible. c:\windows\system32\wdi\{533a67eb-9fb5-473d-b884-958cf4b9c4a3}\{0deb82b3-4173-4847-9447-04bf4cdf2232}\snapshot.etl c:\Windows\System32\wdi [NOTE] The file is not visible. c:\windows\system32\wdi\{533a67eb-9fb5-473d-b884-958cf4b9c4a3}\{17073dc7-d1b8-40eb-8c56-50dc79c502fd}\snapshot.etl c:\Windows\System32\wdi [NOTE] The file is not visible. c:\windows\system32\wdi\{533a67eb-9fb5-473d-b884-958cf4b9c4a3}\{290eeb09-dae2-4349-a27a-2b2b2b94880c}\snapshot.etl c:\Windows\System32\wdi [NOTE] The file is not visible. c:\windows\system32\wdi\{533a67eb-9fb5-473d-b884-958cf4b9c4a3}\{4cd9b871-14d0-4a71-8d70-4f0e43baa118}\snapshot.etl c:\Windows\System32\wdi [NOTE] The file is not visible. c:\windows\system32\wdi\{533a67eb-9fb5-473d-b884-958cf4b9c4a3}\{6f0d462a-ed68-4194-a985-d6e2b76ce0c2}\snapshot.etl c:\Windows\System32\wdi [NOTE] The file is not visible. c:\windows\system32\wdi\{533a67eb-9fb5-473d-b884-958cf4b9c4a3}\{7449ec1e-37d1-4b07-a381-996d4bcc1b2b}\snapshot.etl c:\Windows\System32\wdi [NOTE] The file is not visible. c:\windows\system32\wdi\{533a67eb-9fb5-473d-b884-958cf4b9c4a3}\{755d5bb7-d2b0-4511-984b-0306694ce6a9}\snapshot.etl c:\Windows\System32\wdi [NOTE] The file is not visible. c:\windows\system32\wdi\{533a67eb-9fb5-473d-b884-958cf4b9c4a3}\{7a730e47-7cd7-494e-9923-10a790d7bb8a}\snapshot.etl c:\Windows\System32\wdi [NOTE] The file is not visible. c:\windows\system32\wdi\{533a67eb-9fb5-473d-b884-958cf4b9c4a3}\{9006f6f8-01e9-493f-8143-fce6da1191ea}\snapshot.etl c:\Windows\System32\wdi [NOTE] The file is not visible. c:\windows\system32\wdi\{533a67eb-9fb5-473d-b884-958cf4b9c4a3}\{909116d2-a0da-46ae-8309-ea9ff344e841}\snapshot.etl c:\Windows\System32\wdi [NOTE] The file is not visible. c:\windows\system32\wdi\{533a67eb-9fb5-473d-b884-958cf4b9c4a3}\{a048ae1d-3c3b-4d0f-86ff-733d132b7449}\snapshot.etl c:\Windows\System32\wdi [NOTE] The file is not visible. c:\windows\system32\wdi\{533a67eb-9fb5-473d-b884-958cf4b9c4a3}\{aca1c6b5-6cbc-45cf-b778-59215cb92fbb}\snapshot.etl c:\Windows\System32\wdi [NOTE] The file is not visible. c:\windows\system32\wdi\{533a67eb-9fb5-473d-b884-958cf4b9c4a3}\{c8088182-f3e0-4ad9-9989-511dcb904e07}\snapshot.etl c:\Windows\System32\wdi [NOTE] The file is not visible. c:\windows\system32\wdi\{533a67eb-9fb5-473d-b884-958cf4b9c4a3}\{c9841d35-11ec-44b5-9530-45c3580596a5}\snapshot.etl c:\Windows\System32\wdi [NOTE] The file is not visible. c:\windows\system32\wdi\{533a67eb-9fb5-473d-b884-958cf4b9c4a3}\{cc0d82f8-593d-4fa7-a650-29e240e4632b}\snapshot.etl c:\Windows\System32\wdi [NOTE] The file is not visible. c:\windows\system32\wdi\{533a67eb-9fb5-473d-b884-958cf4b9c4a3}\{e3a4df88-772b-4bee-8d6d-a40f0d89e1c0}\snapshot.etl c:\Windows\System32\wdi [NOTE] The file is not visible. c:\windows\system32\wdi\{533a67eb-9fb5-473d-b884-958cf4b9c4a3}\{e4b0bc98-105e-4faa-a793-750851b2ce37}\snapshot.etl c:\Windows\System32\wdi [NOTE] The file is not visible. c:\windows\system32\wdi\{533a67eb-9fb5-473d-b884-958cf4b9c4a3}\{e642907d-8190-4462-a6c6-64ea114e8a2f}\snapshot.etl c:\Windows\System32\wdi [NOTE] The file is not visible. c:\windows\system32\wdi\{67144949-5132-4859-8036-a737b43825d8}\{9ead6997-4c22-4961-a5df-b87abc764882}\snapshot.etl c:\Windows\System32\wdi [NOTE] The file is not visible. c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\s-1-5-21-114453956-2636402065-546677835-1001_userdata.bin c:\Windows\System32\wdi [NOTE] The file is not visible. c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\s-1-5-21-114453956-2636402065-546677835-1003_userdata.bin c:\Windows\System32\wdi [NOTE] The file is not visible. c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\s-1-5-21-114453956-2636402065-546677835-500_userdata.bin c:\Windows\System32\wdi [NOTE] The file is not visible. c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\s-1-5-21-788197960-1449434704-2311218030-500_userdata.bin c:\Windows\System32\wdi [NOTE] The file is not visible. c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{0b63f5b8-d4ff-4056-b7ae-9956da606625}\snapshot.etl c:\Windows\System32\wdi [NOTE] The file is not visible. c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{1f1d8353-e957-492d-b712-1b4dd6b2efe1}\snapshot.etl c:\Windows\System32\wdi [NOTE] The file is not visible. c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{1f74a365-31c3-46a2-a544-3e0ca076aaf7}\snapshot.etl c:\Windows\System32\wdi [NOTE] The file is not visible. c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{25fd79c8-42e4-4874-a50f-1048e33962c9}\snapshot.etl c:\Windows\System32\wdi [NOTE] The file is not visible. c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{4dd37878-c8b7-452d-9098-20125e4c72e7}\snapshot.etl c:\Windows\System32\wdi [NOTE] The file is not visible. c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{4e2dc50f-2e69-431c-864d-748f3bd5b714}\snapshot.etl c:\Windows\System32\wdi [NOTE] The file is not visible. c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{55efeb3a-9015-49f9-b967-6b30390bf286}\snapshot.etl c:\Windows\System32\wdi [NOTE] The file is not visible. c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{6f579149-7676-4794-8fcd-5e1a2fc16681}\snapshot.etl c:\Windows\System32\wdi [NOTE] The file is not visible. c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{7346552b-ec38-4adf-9dc2-a6ec8e716c54}\snapshot.etl c:\Windows\System32\wdi [NOTE] The file is not visible. c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{83118595-26b3-4c7c-a2c3-b54bdcf41771}\snapshot.etl c:\Windows\System32\wdi [NOTE] The file is not visible. c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{8bf5d759-5d52-4c6e-8543-e2ae67b0226d}\snapshot.etl c:\Windows\System32\wdi [NOTE] The file is not visible. c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{cfd4518e-1132-4dc6-9994-577c80fc8d09}\snapshot.etl c:\Windows\System32\wdi [NOTE] The file is not visible. c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{debbde9c-025d-478d-b54a-28c1c5cce0c9}\snapshot.etl c:\Windows\System32\wdi [NOTE] The file is not visible. c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{f6342e25-fee3-4dda-84b4-92949ea43ea9}\snapshot.etl c:\Windows\System32\wdi [NOTE] The file is not visible. c:\windows\system32\wdi\{ffc42108-4920-4acf-a4fc-8abdcc68ada4}\{07029ba1-f03f-4deb-bf95-f11cd13d3beb}\snapshot.etl c:\Windows\System32\wdi [NOTE] The file is not visible. c:\windows\system32\wdi\{ffc42108-4920-4acf-a4fc-8abdcc68ada4}\{0ec04fdb-e9a3-4305-9abd-22a3919fa8ec}\snapshot.etl c:\Windows\System32\wdi [NOTE] The file is not visible. c:\windows\system32\wdi\{ffc42108-4920-4acf-a4fc-8abdcc68ada4}\{1c685970-d91f-4944-b43a-20eb5448480e}\snapshot.etl c:\Windows\System32\wdi [NOTE] The file is not visible. c:\windows\system32\wdi\{ffc42108-4920-4acf-a4fc-8abdcc68ada4}\{2f32e314-6369-4c18-ae4f-c54b08404e13}\snapshot.etl c:\Windows\System32\wdi [NOTE] The file is not visible. c:\windows\system32\wdi\{ffc42108-4920-4acf-a4fc-8abdcc68ada4}\{5bea0927-df34-4c96-a2b9-a0e6030c2731}\snapshot.etl c:\Windows\System32\wdi [NOTE] The file is not visible. c:\windows\system32\wdi\{ffc42108-4920-4acf-a4fc-8abdcc68ada4}\{66711fe9-4643-46de-936c-a471099e86f3}\snapshot.etl c:\Windows\System32\wdi [NOTE] The file is not visible. c:\windows\system32\wdi\{ffc42108-4920-4acf-a4fc-8abdcc68ada4}\{6d340820-f111-493a-973d-c68cced8b6ae}\snapshot.etl c:\Windows\System32\wdi [NOTE] The file is not visible. c:\windows\system32\wdi\{ffc42108-4920-4acf-a4fc-8abdcc68ada4}\{7862f79f-ffca-4314-ab8b-6d050b053fe7}\snapshot.etl c:\Windows\System32\wdi [NOTE] The file is not visible. c:\windows\system32\wdi\{ffc42108-4920-4acf-a4fc-8abdcc68ada4}\{861de327-fffa-4e34-845e-bd85fe5ad017}\snapshot.etl c:\Windows\System32\wdi [NOTE] The file is not visible. c:\windows\system32\wdi\{ffc42108-4920-4acf-a4fc-8abdcc68ada4}\{90cf8a73-39c4-4762-a652-83b0c5a03fc6}\snapshot.etl c:\Windows\System32\wdi [NOTE] The file is not visible. c:\windows\system32\wdi\{ffc42108-4920-4acf-a4fc-8abdcc68ada4}\{91bea303-4d10-40c0-883e-3c0866766a1f}\snapshot.etl c:\Windows\System32\wdi [NOTE] The file is not visible. c:\windows\system32\wdi\{ffc42108-4920-4acf-a4fc-8abdcc68ada4}\{9daaea30-b6f8-4f7d-867e-3d534409e61c}\snapshot.etl c:\Windows\System32\wdi [NOTE] The file is not visible. c:\windows\system32\wdi\{ffc42108-4920-4acf-a4fc-8abdcc68ada4}\{a8f1f61e-bc6c-40cc-b775-9b0536fb1d72}\snapshot.etl c:\Windows\System32\wdi [NOTE] The file is not visible. c:\windows\system32\wdi\{ffc42108-4920-4acf-a4fc-8abdcc68ada4}\{bbb066e9-95ba-4184-81a7-d96a5516dbd8}\snapshot.etl c:\Windows\System32\wdi [NOTE] The file is not visible. c:\windows\system32\wfp\wfpdiag.etl c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\application.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\hardwareevents.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\internet explorer.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\key management service.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\media center.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-api-tracing%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-appid%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-application-experience%4problem-steps-recorder.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-application-experience%4program-compatibility-assistant.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-application-experience%4program-compatibility-troubleshooter.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-application-experience%4program-inventory.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-application-experience%4program-telemetry.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-applocker%4exe and dll.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-applocker%4msi and script.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-audio%4capturemonitor.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-audio%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-authentication user interface%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-backup.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-bits-client%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-bluetooth-mtpenum%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-codeintegrity%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-corruptedfilerecovery-client%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-corruptedfilerecovery-server%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-datetimecontrolpanel%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-devicesync%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-dhcp-client%4admin.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-dhcpnap%4admin.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-dhcpv6-client%4admin.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-diagnosis-dps%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-diagnosis-pcw%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-diagnosis-pla%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-diagnosis-scheduled%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-diagnosis-scripted%4admin.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-diagnosis-scripted%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-diagnosis-scripteddiagnosticsprovider%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-diagnostics-networking%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-diagnostics-performance%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-diskdiagnostic%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-diskdiagnosticdatacollector%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-diskdiagnosticresolver%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-driverframeworks-usermode%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-eaphost%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-eventcollector%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-fault-tolerant-heap%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-fms%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-folder redirection%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-forwarding%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-grouppolicy%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-help%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-homegroup control panel%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-homegroup listener service%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-homegroup provider service%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-ike%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-international%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-international-regionaloptionscontrolpanel%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-iphlpsvc%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-kernel-eventtracing%4admin.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-kernel-power%4thermal-operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-kernel-storemgr%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-kernel-wdi%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-kernel-whea%4errors.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-kernel-whea%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-known folders api service.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-languagepacksetup%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-mct%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-memorydiagnostics-results%4debug.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-mui%4admin.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-mui%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-ncsi%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-networkaccessprotection%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-networkaccessprotection%4whc.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-networklocationwizard%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-networkprofile%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-nlasvc%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-ntlm%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-parentalcontrols%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-peoplenearme%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-powershell%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-printservice%4admin.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-readyboost%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-readyboostdriver%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-recovery%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-reliabilityanalysiscomponent%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-remoteapp and desktop connections%4admin.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-remoteassistance%4admin.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-remoteassistance%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-resource-exhaustion-detector%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-resource-exhaustion-resolver%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-resource-leak-diagnostic%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-restartmanager%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-security-audit-configuration-client%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-terminalservices-localsessionmanager%4admin.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-terminalservices-localsessionmanager%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-terminalservices-rdpclient%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-terminalservices-remoteconnectionmanager%4admin.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-terminalservices-remoteconnectionmanager%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-tzutil%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-uac%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-uac-filevirtualization%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-user profile service%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-vdrvroot%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-vhdmp%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-wer-diag%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-wfp%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-windows defender%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-windows defender%4whc.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-windows firewall with advanced security%4connectionsecurity.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-windows firewall with advanced security%4firewall.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-windowsbackup%4actioncenter.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-windowssystemassessmenttool%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-windowsupdateclient%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-winlogon%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-winrm%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-winsock-ws2help%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-wired-autoconfig%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-wlan-autoconfig%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-wpd-classinstaller%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-wpd-compositeclassdriver%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\microsoft-windows-wpd-mtpclassdriver%4operational.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\oalerts.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\security.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\setup.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\system.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\winevt\logs\windows powershell.evtx c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\boot c:\Windows\System32 [NOTE] The directory is not visible. c:\windows\system32\codeintegrity c:\Windows\System32 [NOTE] The directory is not visible. c:\windows\system32\drvstore c:\Windows\System32 [NOTE] The directory is not visible. c:\windows\system32\ias c:\Windows\System32 [NOTE] The directory is not visible. c:\windows\system32\microsoft c:\Windows\System32 [NOTE] The directory is not visible. c:\windows\system32\oem c:\Windows\System32 [NOTE] The directory is not visible. c:\windows\system32\smi c:\Windows\System32 [NOTE] The directory is not visible. c:\windows\system32\spool c:\Windows\System32 [NOTE] The directory is not visible. c:\windows\system32\srslabs c:\Windows\System32 [NOTE] The directory is not visible. c:\windows\system32\wfp c:\Windows\System32 [NOTE] The directory is not visible. c:\windows\system32\winbiodatabase c:\Windows\System32 [NOTE] The directory is not visible. c:\windows\system32\winbioplugins c:\Windows\System32 [NOTE] The directory is not visible. c:\windows\system32\winevt c:\Windows\System32 [NOTE] The directory is not visible. c:\windows\system32\boot\en-us c:\Windows\System32 [NOTE] The directory is not visible. c:\windows\system32\drvstore\fssfltr_39590300fcd4a02369636207ada5b49f15d02abb c:\Windows\System32 [NOTE] The directory is not visible. c:\windows\system32\drvstore\gearaspiwd_b60a2da9f47e0a7f3329b57aa751f1789961a8be c:\Windows\System32 [NOTE] The directory is not visible. c:\windows\system32\drvstore\gearaspiwd_b60a2da9f47e0a7f3329b57aa751f1789961a8be\x64 c:\Windows\System32 [NOTE] The directory is not visible. c:\windows\system32\microsoft\protect c:\Windows\System32 [NOTE] The directory is not visible. c:\windows\system32\microsoft\protect\recovery c:\Windows\System32 [NOTE] The directory is not visible. c:\windows\system32\microsoft\protect\s-1-5-18 c:\Windows\System32 [NOTE] The directory is not visible. c:\windows\system32\microsoft\protect\s-1-5-19 c:\Windows\System32 [NOTE] The directory is not visible. c:\windows\system32\microsoft\protect\s-1-5-20 c:\Windows\System32 [NOTE] The directory is not visible. c:\windows\system32\microsoft\protect\s-1-5-18\user c:\Windows\System32 [NOTE] The directory is not visible. c:\windows\system32\smi\manifests c:\Windows\System32 [NOTE] The directory is not visible. c:\windows\system32\smi\schema c:\Windows\System32 [NOTE] The directory is not visible. c:\windows\system32\smi\store c:\Windows\System32 [NOTE] The directory is not visible. c:\windows\system32\smi\store\machine c:\Windows\System32 [NOTE] The directory is not visible. c:\windows\system32\srslabs\{176f4e15-8f7c-4833-aded-81fae8ccd186} c:\Windows\System32 [NOTE] The directory is not visible. c:\windows\system32\speech\speechux\en-gb c:\Windows\System32\Speech\SpeechUX [NOTE] The directory is not visible. c:\windows\system32\winbioplugins\en-us c:\Windows\System32 [NOTE] The directory is not visible. c:\windows\system32\drivers\etc c:\Windows\System32\drivers [NOTE] The directory is not visible. c:\windows\system32\oobe\info c:\Windows\System32\oobe [NOTE] The directory is not visible. c:\windows\system32\oobe\samsung c:\Windows\System32\oobe [NOTE] The directory is not visible. c:\windows\system32\oobe\samsung\wallpapers c:\Windows\System32\oobe [NOTE] The directory is not visible. c:\windows\system32\oobe\info\default c:\Windows\System32\oobe [NOTE] The directory is not visible. c:\windows\system32\oobe\info\default\1025 c:\Windows\System32\oobe [NOTE] The directory is not visible. c:\windows\system32\oobe\info\default\1026 c:\Windows\System32\oobe [NOTE] The directory is not visible. c:\windows\system32\oobe\info\default\1028 c:\Windows\System32\oobe [NOTE] The directory is not visible. c:\windows\system32\oobe\info\default\1029 c:\Windows\System32\oobe [NOTE] The directory is not visible. c:\windows\system32\oobe\info\default\1030 c:\Windows\System32\oobe [NOTE] The directory is not visible. c:\windows\system32\oobe\info\default\1031 c:\Windows\System32\oobe [NOTE] The directory is not visible. c:\windows\system32\oobe\info\default\1032 c:\Windows\System32\oobe [NOTE] The directory is not visible. c:\windows\system32\oobe\info\default\1033 c:\Windows\System32\oobe [NOTE] The directory is not visible. c:\windows\system32\oobe\info\default\1035 c:\Windows\System32\oobe [NOTE] The directory is not visible. c:\windows\system32\oobe\info\default\1036 c:\Windows\System32\oobe [NOTE] The directory is not visible. c:\windows\system32\oobe\info\default\1037 c:\Windows\System32\oobe [NOTE] The directory is not visible. c:\windows\system32\oobe\info\default\1038 c:\Windows\System32\oobe [NOTE] The directory is not visible. c:\windows\system32\oobe\info\default\1040 c:\Windows\System32\oobe [NOTE] The directory is not visible. c:\windows\system32\oobe\info\default\1042 c:\Windows\System32\oobe [NOTE] The directory is not visible. c:\windows\system32\oobe\info\default\1043 c:\Windows\System32\oobe [NOTE] The directory is not visible. c:\windows\system32\oobe\info\default\1044 c:\Windows\System32\oobe [NOTE] The directory is not visible. c:\windows\system32\oobe\info\default\1045 c:\Windows\System32\oobe [NOTE] The directory is not visible. c:\windows\system32\oobe\info\default\1046 c:\Windows\System32\oobe [NOTE] The directory is not visible. c:\windows\system32\oobe\info\default\1048 c:\Windows\System32\oobe [NOTE] The directory is not visible. c:\windows\system32\oobe\info\default\1049 c:\Windows\System32\oobe [NOTE] The directory is not visible. c:\windows\system32\oobe\info\default\1050 c:\Windows\System32\oobe [NOTE] The directory is not visible. c:\windows\system32\oobe\info\default\1051 c:\Windows\System32\oobe [NOTE] The directory is not visible. c:\windows\system32\oobe\info\default\1053 c:\Windows\System32\oobe [NOTE] The directory is not visible. c:\windows\system32\oobe\info\default\1054 c:\Windows\System32\oobe [NOTE] The directory is not visible. c:\windows\system32\oobe\info\default\1055 c:\Windows\System32\oobe [NOTE] The directory is not visible. c:\windows\system32\oobe\info\default\1058 c:\Windows\System32\oobe [NOTE] The directory is not visible. c:\windows\system32\oobe\info\default\1060 c:\Windows\System32\oobe [NOTE] The directory is not visible. c:\windows\system32\oobe\info\default\2052 c:\Windows\System32\oobe [NOTE] The directory is not visible. c:\windows\system32\oobe\info\default\2070 c:\Windows\System32\oobe [NOTE] The directory is not visible. c:\windows\system32\oobe\info\default\2074 c:\Windows\System32\oobe [NOTE] The directory is not visible. c:\windows\system32\oobe\info\default\3076 c:\Windows\System32\oobe [NOTE] The directory is not visible. c:\windows\system32\oobe\info\default\3082 c:\Windows\System32\oobe [NOTE] The directory is not visible. c:\windows\system32\spool\drivers c:\Windows\System32\drivers [NOTE] The directory is not visible. c:\windows\system32\spool\printers c:\Windows\System32\PRINTERS [NOTE] The directory is not visible. c:\windows\system32\spool\prtprocs c:\Windows\System32\prtprocs [NOTE] The directory is not visible. c:\windows\system32\spool\servers c:\Windows\System32\SERVERS [NOTE] The directory is not visible. c:\windows\system32\spool\tools c:\Windows\System32\tools [NOTE] The directory is not visible. c:\windows\system32\spool\drivers\color c:\Windows\System32\drivers\color [NOTE] The directory is not visible. c:\windows\system32\spool\drivers\ia64 c:\Windows\System32\drivers\IA64 [NOTE] The directory is not visible. c:\windows\system32\spool\drivers\w32x86 c:\Windows\System32\drivers\W32X86 [NOTE] The directory is not visible. c:\windows\system32\spool\drivers\x64 c:\Windows\System32\drivers\x64 [NOTE] The directory is not visible. c:\windows\system32\spool\drivers\x64\3 c:\Windows\System32\drivers\x64\3 [NOTE] The directory is not visible. c:\windows\system32\spool\drivers\x64\pcc c:\Windows\System32\drivers\x64\PCC [NOTE] The directory is not visible. c:\windows\system32\spool\drivers\x64\3\en-us c:\Windows\System32\drivers\x64\3\en-US [NOTE] The directory is not visible. c:\windows\system32\spool\drivers\x64\3\mui c:\Windows\System32\drivers\x64\3\mui [NOTE] The directory is not visible. c:\windows\system32\spool\drivers\x64\3\mui\0409 c:\Windows\System32\drivers\x64\3\mui\0409 [NOTE] The directory is not visible. c:\windows\system32\spool\prtprocs\x64 c:\Windows\System32\prtprocs\x64 [NOTE] The directory is not visible. c:\windows\system32\spool\prtprocs\x64\en-us c:\Windows\System32\prtprocs\x64\en-US [NOTE] The directory is not visible. c:\windows\system32\spool\tools\microsoft xps document writer c:\Windows\System32\tools\Microsoft XPS Document Writer [NOTE] The directory is not visible. c:\windows\system32\spp\plugin-manifests-signed c:\Windows\System32\spp [NOTE] The directory is not visible. c:\windows\system32\spp\tokens\identity c:\Windows\System32\spp\tokens [NOTE] The directory is not visible. c:\windows\system32\spp\tokens\issuance c:\Windows\System32\spp\tokens [NOTE] The directory is not visible. c:\windows\system32\spp\tokens\skus c:\Windows\System32\spp\tokens [NOTE] The directory is not visible. c:\windows\system32\spp\tokens\skus\security-spp-component-sku-homepremium c:\Windows\System32\spp\tokens [NOTE] The directory is not visible. c:\windows\system32\sysprep\panther c:\Windows\System32\sysprep [NOTE] The directory is not visible. c:\windows\system32\sysprep\panther\ie c:\Windows\System32\sysprep [NOTE] The directory is not visible. c:\windows\system32\wbem\mof c:\Windows\System32\wbem [NOTE] The directory is not visible. c:\windows\system32\wbem\performance c:\Windows\System32\wbem [NOTE] The directory is not visible. c:\windows\system32\wbem\mof\bad c:\Windows\System32\wbem [NOTE] The directory is not visible. c:\windows\system32\wbem\mof\good c:\Windows\System32\wbem [NOTE] The directory is not visible. c:\windows\system32\wdi\logfiles c:\Windows\System32\wdi [NOTE] The directory is not visible. c:\windows\system32\wdi\{533a67eb-9fb5-473d-b884-958cf4b9c4a3} c:\Windows\System32\wdi [NOTE] The directory is not visible. c:\windows\system32\wdi\{67144949-5132-4859-8036-a737b43825d8} c:\Windows\System32\wdi [NOTE] The directory is not visible. c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d} c:\Windows\System32\wdi [NOTE] The directory is not visible. c:\windows\system32\wdi\{ffc42108-4920-4acf-a4fc-8abdcc68ada4} c:\Windows\System32\wdi [NOTE] The directory is not visible. c:\windows\system32\wdi\perftrack\traces c:\Windows\System32\wdi\perftrack [NOTE] The directory is not visible. c:\windows\system32\wdi\{533a67eb-9fb5-473d-b884-958cf4b9c4a3}\{0deb82b3-4173-4847-9447-04bf4cdf2232} c:\Windows\System32\wdi [NOTE] The directory is not visible. c:\windows\system32\wdi\{533a67eb-9fb5-473d-b884-958cf4b9c4a3}\{17073dc7-d1b8-40eb-8c56-50dc79c502fd} c:\Windows\System32\wdi [NOTE] The directory is not visible. c:\windows\system32\wdi\{533a67eb-9fb5-473d-b884-958cf4b9c4a3}\{290eeb09-dae2-4349-a27a-2b2b2b94880c} c:\Windows\System32\wdi [NOTE] The directory is not visible. c:\windows\system32\wdi\{533a67eb-9fb5-473d-b884-958cf4b9c4a3}\{4cd9b871-14d0-4a71-8d70-4f0e43baa118} c:\Windows\System32\wdi [NOTE] The directory is not visible. c:\windows\system32\wdi\{533a67eb-9fb5-473d-b884-958cf4b9c4a3}\{6f0d462a-ed68-4194-a985-d6e2b76ce0c2} c:\Windows\System32\wdi [NOTE] The directory is not visible. c:\windows\system32\wdi\{533a67eb-9fb5-473d-b884-958cf4b9c4a3}\{7449ec1e-37d1-4b07-a381-996d4bcc1b2b} c:\Windows\System32\wdi [NOTE] The directory is not visible. c:\windows\system32\wdi\{533a67eb-9fb5-473d-b884-958cf4b9c4a3}\{755d5bb7-d2b0-4511-984b-0306694ce6a9} c:\Windows\System32\wdi [NOTE] The directory is not visible. c:\windows\system32\wdi\{533a67eb-9fb5-473d-b884-958cf4b9c4a3}\{7a730e47-7cd7-494e-9923-10a790d7bb8a} c:\Windows\System32\wdi [NOTE] The directory is not visible. c:\windows\system32\wdi\{533a67eb-9fb5-473d-b884-958cf4b9c4a3}\{9006f6f8-01e9-493f-8143-fce6da1191ea} c:\Windows\System32\wdi [NOTE] The directory is not visible. c:\windows\system32\wdi\{533a67eb-9fb5-473d-b884-958cf4b9c4a3}\{909116d2-a0da-46ae-8309-ea9ff344e841} c:\Windows\System32\wdi [NOTE] The directory is not visible. c:\windows\system32\wdi\{533a67eb-9fb5-473d-b884-958cf4b9c4a3}\{a048ae1d-3c3b-4d0f-86ff-733d132b7449} c:\Windows\System32\wdi [NOTE] The directory is not visible. c:\windows\system32\wdi\{533a67eb-9fb5-473d-b884-958cf4b9c4a3}\{aca1c6b5-6cbc-45cf-b778-59215cb92fbb} c:\Windows\System32\wdi [NOTE] The directory is not visible. c:\windows\system32\wdi\{533a67eb-9fb5-473d-b884-958cf4b9c4a3}\{c8088182-f3e0-4ad9-9989-511dcb904e07} c:\Windows\System32\wdi [NOTE] The directory is not visible. c:\windows\system32\wdi\{533a67eb-9fb5-473d-b884-958cf4b9c4a3}\{c9841d35-11ec-44b5-9530-45c3580596a5} c:\Windows\System32\wdi [NOTE] The directory is not visible. c:\windows\system32\wdi\{533a67eb-9fb5-473d-b884-958cf4b9c4a3}\{cc0d82f8-593d-4fa7-a650-29e240e4632b} c:\Windows\System32\wdi [NOTE] The directory is not visible. c:\windows\system32\wdi\{533a67eb-9fb5-473d-b884-958cf4b9c4a3}\{e3a4df88-772b-4bee-8d6d-a40f0d89e1c0} c:\Windows\System32\wdi [NOTE] The directory is not visible. c:\windows\system32\wdi\{533a67eb-9fb5-473d-b884-958cf4b9c4a3}\{e4b0bc98-105e-4faa-a793-750851b2ce37} c:\Windows\System32\wdi [NOTE] The directory is not visible. c:\windows\system32\wdi\{533a67eb-9fb5-473d-b884-958cf4b9c4a3}\{e642907d-8190-4462-a6c6-64ea114e8a2f} c:\Windows\System32\wdi [NOTE] The directory is not visible. c:\windows\system32\wdi\{67144949-5132-4859-8036-a737b43825d8}\{9ead6997-4c22-4961-a5df-b87abc764882} c:\Windows\System32\wdi [NOTE] The directory is not visible. c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{0b63f5b8-d4ff-4056-b7ae-9956da606625} c:\Windows\System32\wdi [NOTE] The directory is not visible. c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{1f1d8353-e957-492d-b712-1b4dd6b2efe1} c:\Windows\System32\wdi [NOTE] The directory is not visible. c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{1f74a365-31c3-46a2-a544-3e0ca076aaf7} c:\Windows\System32\wdi [NOTE] The directory is not visible. c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{25fd79c8-42e4-4874-a50f-1048e33962c9} c:\Windows\System32\wdi [NOTE] The directory is not visible. c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{4dd37878-c8b7-452d-9098-20125e4c72e7} c:\Windows\System32\wdi [NOTE] The directory is not visible. c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{4e2dc50f-2e69-431c-864d-748f3bd5b714} c:\Windows\System32\wdi [NOTE] The directory is not visible. c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{55efeb3a-9015-49f9-b967-6b30390bf286} c:\Windows\System32\wdi [NOTE] The directory is not visible. c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{6f579149-7676-4794-8fcd-5e1a2fc16681} c:\Windows\System32\wdi [NOTE] The directory is not visible. c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{7346552b-ec38-4adf-9dc2-a6ec8e716c54} c:\Windows\System32\wdi [NOTE] The directory is not visible. c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{83118595-26b3-4c7c-a2c3-b54bdcf41771} c:\Windows\System32\wdi [NOTE] The directory is not visible. c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{8bf5d759-5d52-4c6e-8543-e2ae67b0226d} c:\Windows\System32\wdi [NOTE] The directory is not visible. c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{cfd4518e-1132-4dc6-9994-577c80fc8d09} c:\Windows\System32\wdi [NOTE] The directory is not visible. c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{debbde9c-025d-478d-b54a-28c1c5cce0c9} c:\Windows\System32\wdi [NOTE] The directory is not visible. c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{f6342e25-fee3-4dda-84b4-92949ea43ea9} c:\Windows\System32\wdi [NOTE] The directory is not visible. c:\windows\system32\wdi\{ffc42108-4920-4acf-a4fc-8abdcc68ada4}\{07029ba1-f03f-4deb-bf95-f11cd13d3beb} c:\Windows\System32\wdi [NOTE] The directory is not visible. c:\windows\system32\wdi\{ffc42108-4920-4acf-a4fc-8abdcc68ada4}\{0ec04fdb-e9a3-4305-9abd-22a3919fa8ec} c:\Windows\System32\wdi [NOTE] The directory is not visible. c:\windows\system32\wdi\{ffc42108-4920-4acf-a4fc-8abdcc68ada4}\{1c685970-d91f-4944-b43a-20eb5448480e} c:\Windows\System32\wdi [NOTE] The directory is not visible. c:\windows\system32\wdi\{ffc42108-4920-4acf-a4fc-8abdcc68ada4}\{2f32e314-6369-4c18-ae4f-c54b08404e13} c:\Windows\System32\wdi [NOTE] The directory is not visible. c:\windows\system32\wdi\{ffc42108-4920-4acf-a4fc-8abdcc68ada4}\{5bea0927-df34-4c96-a2b9-a0e6030c2731} c:\Windows\System32\wdi [NOTE] The directory is not visible. c:\windows\system32\wdi\{ffc42108-4920-4acf-a4fc-8abdcc68ada4}\{66711fe9-4643-46de-936c-a471099e86f3} c:\Windows\System32\wdi [NOTE] The directory is not visible. c:\windows\system32\wdi\{ffc42108-4920-4acf-a4fc-8abdcc68ada4}\{6d340820-f111-493a-973d-c68cced8b6ae} c:\Windows\System32\wdi [NOTE] The directory is not visible. c:\windows\system32\wdi\{ffc42108-4920-4acf-a4fc-8abdcc68ada4}\{7862f79f-ffca-4314-ab8b-6d050b053fe7} c:\Windows\System32\wdi [NOTE] The directory is not visible. c:\windows\system32\wdi\{ffc42108-4920-4acf-a4fc-8abdcc68ada4}\{861de327-fffa-4e34-845e-bd85fe5ad017} c:\Windows\System32\wdi [NOTE] The directory is not visible. c:\windows\system32\wdi\{ffc42108-4920-4acf-a4fc-8abdcc68ada4}\{90cf8a73-39c4-4762-a652-83b0c5a03fc6} c:\Windows\System32\wdi [NOTE] The directory is not visible. c:\windows\system32\wdi\{ffc42108-4920-4acf-a4fc-8abdcc68ada4}\{91bea303-4d10-40c0-883e-3c0866766a1f} c:\Windows\System32\wdi [NOTE] The directory is not visible. c:\windows\system32\wdi\{ffc42108-4920-4acf-a4fc-8abdcc68ada4}\{9daaea30-b6f8-4f7d-867e-3d534409e61c} c:\Windows\System32\wdi [NOTE] The directory is not visible. c:\windows\system32\wdi\{ffc42108-4920-4acf-a4fc-8abdcc68ada4}\{a8f1f61e-bc6c-40cc-b775-9b0536fb1d72} c:\Windows\System32\wdi [NOTE] The directory is not visible. c:\windows\system32\wdi\{ffc42108-4920-4acf-a4fc-8abdcc68ada4}\{bbb066e9-95ba-4184-81a7-d96a5516dbd8} c:\Windows\System32\wdi [NOTE] The directory is not visible. c:\windows\system32\winevt\logs c:\Windows\System32 [NOTE] The directory is not visible. c:\windows\system32\winevt\traceformat c:\Windows\System32 [NOTE] The directory is not visible. HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{00020D75-0000-0000-C000-000000000046}\ShellFolder\attributes [NOTE] The registry entry is invisible. c:\program files (x86)\google\google toolbar\googletoolbaruser_32.exe c:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe [NOTE] The process is not visible. The scan of running processes will be started Scan process 'GoogleToolbarUser_32.exe' - '75' Module(s) have been scanned Scan process 'avscan.exe' - '87' Module(s) have been scanned Scan process 'avscan.exe' - '30' Module(s) have been scanned Scan process 'avcenter.exe' - '77' Module(s) have been scanned Scan process 'hpqgpc01.exe' - '58' Module(s) have been scanned Scan process 'hpqbam08.exe' - '30' Module(s) have been scanned Scan process 'hpqSTE08.exe' - '58' Module(s) have been scanned Scan process 'EasySpeedUpManager.exe' - '34' Module(s) have been scanned Scan process 'avgnt.exe' - '56' Module(s) have been scanned Scan process 'jusched.exe' - '27' Module(s) have been scanned Scan process 'iTunesHelper.exe' - '75' Module(s) have been scanned Scan process 'hpwuschd2.exe' - '20' Module(s) have been scanned Scan process 'PDVD8Serv.exe' - '27' Module(s) have been scanned Scan process 'CLMLSvc.exe' - '36' Module(s) have been scanned Scan process 'ONENOTEM.EXE' - '22' Module(s) have been scanned Scan process 'hpqtra08.exe' - '91' Module(s) have been scanned Scan process 'SSCKbdHk.exe' - '29' Module(s) have been scanned Scan process 'WCScheduler.exe' - '52' Module(s) have been scanned Scan process 'dmhkcore.exe' - '55' Module(s) have been scanned Scan process 'RichVideo.exe' - '24' Module(s) have been scanned Scan process 'svchost.exe' - '46' Module(s) have been scanned Scan process 'mDNSResponder.exe' - '41' Module(s) have been scanned Scan process 'AppleMobileDeviceService.exe' - '35' Module(s) have been scanned Scan process 'avguard.exe' - '67' Module(s) have been scanned Scan process 'sched.exe' - '50' Module(s) have been scanned Starting master boot sector scan: Master boot sector HD0 [iNFO] No virus was found! Start scanning boot sectors: Boot sector 'C:\' [iNFO] No virus was found! Boot sector 'D:\' [iNFO] No virus was found! Starting to scan executable files (registry). The registry was scanned ( '734' files ). Starting the file scan: Begin scan in 'C:\' Begin scan in 'D:\' End of the scan: Wednesday, September 01, 2010 11:11 Used time: 44:12 Minute(s) The scan has been done completely. 21554 Scanned directories 428656 Files were scanned 0 Viruses and/or unwanted programs were found 0 Files were classified as suspicious 0 files were deleted 0 Viruses and unwanted programs were repaired 0 Files were moved to quarantine 0 Files were renamed 0 Files cannot be scanned 428656 Files not concerned 1528 Archives were scanned 0 Warnings 0 Notes 724224 Objects were scanned with rootkit scan 821 Hidden objects were found
  14. I will uninstall limewire right now, I was just about to post my latest avira scan.. It showed hidden objects.. Is that bad? Avira AntiVir Personal Report file date: Wednesday, September 01, 2010 10:26 Scanning for 2768657 virus strains and unwanted programs. The program is running as an unrestricted full version. Online services are available: Licensee : Avira AntiVir Personal - FREE Antivirus Serial number : 0000149996-ADJIE-0000001 Platform : Windows 7 x64 Windows version : (plain) [6.1.7600] Boot mode : Normally booted Username : SYSTEM Computer name : KIMBERLY-PC Version information: BUILD.DAT : 10.0.0.567 32097 Bytes 4/19/2010 15:07:00 AVSCAN.EXE : 10.0.3.0 433832 Bytes 4/1/2010 18:37:38 AVSCAN.DLL : 10.0.3.0 46440 Bytes 4/1/2010 18:57:04 LUKE.DLL : 10.0.2.3 104296 Bytes 3/8/2010 00:33:04 LUKERES.DLL : 10.0.0.1 12648 Bytes 2/11/2010 05:40:49 VBASE000.VDF : 7.10.0.0 19875328 Bytes 11/6/2009 15:05:36 VBASE001.VDF : 7.10.1.0 1372672 Bytes 11/19/2009 01:27:49 VBASE002.VDF : 7.10.3.1 3143680 Bytes 1/20/2010 23:37:42 VBASE003.VDF : 7.10.3.75 996864 Bytes 1/26/2010 22:37:42 VBASE004.VDF : 7.10.4.203 1579008 Bytes 3/5/2010 17:29:03 VBASE005.VDF : 7.10.6.82 2494464 Bytes 4/15/2010 20:13:42 VBASE006.VDF : 7.10.7.218 2294784 Bytes 6/2/2010 20:14:39 VBASE007.VDF : 7.10.9.165 4840960 Bytes 7/23/2010 20:17:36 VBASE008.VDF : 7.10.9.166 2048 Bytes 7/23/2010 20:17:37 VBASE009.VDF : 7.10.9.167 2048 Bytes 7/23/2010 20:17:38 VBASE010.VDF : 7.10.9.168 2048 Bytes 7/23/2010 20:17:38 VBASE011.VDF : 7.10.9.169 2048 Bytes 7/23/2010 20:17:38 VBASE012.VDF : 7.10.9.170 2048 Bytes 7/23/2010 20:17:38 VBASE013.VDF : 7.10.9.198 157696 Bytes 7/26/2010 20:17:47 VBASE014.VDF : 7.10.9.255 997888 Bytes 7/29/2010 20:18:36 VBASE015.VDF : 7.10.10.28 139264 Bytes 8/2/2010 20:18:44 VBASE016.VDF : 7.10.10.52 127488 Bytes 8/3/2010 20:18:50 VBASE017.VDF : 7.10.10.84 137728 Bytes 8/6/2010 20:18:54 VBASE018.VDF : 7.10.10.107 176640 Bytes 8/9/2010 20:19:00 VBASE019.VDF : 7.10.10.130 132608 Bytes 8/10/2010 20:19:11 VBASE020.VDF : 7.10.10.158 131072 Bytes 8/12/2010 20:19:16 VBASE021.VDF : 7.10.10.190 136704 Bytes 8/16/2010 20:19:22 VBASE022.VDF : 7.10.10.217 118272 Bytes 8/19/2010 20:19:26 VBASE023.VDF : 7.10.10.246 130048 Bytes 8/23/2010 20:19:30 VBASE024.VDF : 7.10.11.11 144896 Bytes 8/25/2010 20:19:38 VBASE025.VDF : 7.10.11.33 135168 Bytes 8/27/2010 20:19:42 VBASE026.VDF : 7.10.11.52 148992 Bytes 8/31/2010 20:19:54 VBASE027.VDF : 7.10.11.53 2048 Bytes 8/31/2010 20:19:54 VBASE028.VDF : 7.10.11.54 2048 Bytes 8/31/2010 20:19:54 VBASE029.VDF : 7.10.11.55 2048 Bytes 8/31/2010 20:19:54 VBASE030.VDF : 7.10.11.56 2048 Bytes 8/31/2010 20:19:55 VBASE031.VDF : 7.10.11.62 49664 Bytes 8/31/2010 20:19:58 Engineversion : 8.2.4.46 AEVDF.DLL : 8.1.2.1 106868 Bytes 8/31/2010 20:22:22 AESCRIPT.DLL : 8.1.3.44 1364346 Bytes 8/31/2010 20:22:19 AESCN.DLL : 8.1.6.1 127347 Bytes 8/31/2010 20:22:02 AESBX.DLL : 8.1.3.1 254324 Bytes 8/31/2010 20:22:25 AERDL.DLL : 8.1.8.2 614772 Bytes 8/31/2010 20:21:59 AEPACK.DLL : 8.2.3.5 471412 Bytes 8/31/2010 20:21:39 AEOFFICE.DLL : 8.1.1.8 201081 Bytes 8/31/2010 20:21:33 AEHEUR.DLL : 8.1.2.19 2867574 Bytes 8/31/2010 20:21:31 AEHELP.DLL : 8.1.13.3 242038 Bytes 8/31/2010 20:20:38 AEGEN.DLL : 8.1.3.20 397684 Bytes 8/31/2010 20:20:33 AEEMU.DLL : 8.1.2.0 393588 Bytes 8/31/2010 20:20:19 AECORE.DLL : 8.1.16.2 192887 Bytes 8/31/2010 20:20:14 AEBB.DLL : 8.1.1.0 53618 Bytes 8/31/2010 20:20:11 AVWINLL.DLL : 10.0.0.0 19304 Bytes 1/14/2010 18:03:38 AVPREF.DLL : 10.0.0.0 44904 Bytes 1/14/2010 18:03:35 AVREP.DLL : 10.0.0.8 62209 Bytes 2/18/2010 22:47:40 AVREG.DLL : 10.0.3.0 53096 Bytes 4/1/2010 18:35:46 AVSCPLR.DLL : 10.0.3.0 83816 Bytes 4/1/2010 18:39:51 AVARKT.DLL : 10.0.0.14 227176 Bytes 4/1/2010 18:22:13 AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 1/26/2010 15:53:30 SQLITE3.DLL : 3.6.19.0 355688 Bytes 1/28/2010 18:57:58 AVSMTP.DLL : 10.0.0.17 63848 Bytes 3/16/2010 21:38:56 NETNT.DLL : 10.0.0.0 11624 Bytes 2/19/2010 20:41:00 RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 1/28/2010 19:10:20 RCTEXT.DLL : 10.0.53.0 97128 Bytes 4/9/2010 20:14:29 Configuration settings for the scan: Jobname.............................: Complete system scan Configuration file..................: C:\Program Files (x86)\Avira\AntiVir Desktop\sysscan.avp Logging.............................: low Primary action......................: interactive Secondary action....................: ignore Scan master boot sector.............: on Scan boot sector....................: on Boot sectors........................: C:, D:, Process scan........................: on Extended process scan...............: on Scan registry.......................: on Search for rootkits.................: on Integrity checking of system files..: off Scan all files......................: All files Scan archives.......................: on Recursion depth.....................: 20 Smart extensions....................: on Macro heuristic.....................: on File heuristic......................: medium Start of the scan: Wednesday, September 01, 2010 10:26 Starting search for hidden objects. c:\windows\system32\7b296fb0-376b-497e-b012-9c450e1b7327-5p-0.c7483456-a289-439d-8115-601632d005a0 c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\7b296fb0-376b-497e-b012-9c450e1b7327-5p-1.c7483456-a289-439d-8115-601632d005a0 c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\aertac64.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\aertar64.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\brcoinst.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\circoinst.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\desktop.ini c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\dpinst.exe c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\fmapo64.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\fntcache.dat c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\gearaspi64.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\hpbmiapi.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\hpboid.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\hpboidps.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\hpbpro.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\hpbprops.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\hpf3l101.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\hplbdchn.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\hposc_p04a.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\hpost_p04a.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\hposwia_p04a.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\hpzids40.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\hpzinw12.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\hpzipm12.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\hpzipt12.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\hpzisn12.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\igd10umd64.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\igdumd64.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\iglhxa64.cpa c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\iglhxa64.vp c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\iglhxc64.vp c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\iglhxg64.vp c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\iglhxo64.vp c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\iglhxs64.vp c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\iscsilog.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\maxxaudioapo20.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\maxxaudioeq.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\migwiz.lnk c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\mpsigstub.exe c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\mrt.exe c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\nv3dappshext.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\nv3dappshextr.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\nvapi64.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\nvapps.xml c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\nvcod.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\nvcod193.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\nvcohda6.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\nvcoproc.bin c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\nvcpl.cpl c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\nvcpl.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\nvcplui.exe c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\nvcpluir.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\nvd3dumx.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\nvdisp.nvu c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\nvdisps.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\nvdispsr.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\nvgames.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\nvgamesr.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\nvhdap64.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\nvinitx.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\nvmccss.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\nvmccssr.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\nvmctray.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\nvmobls.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\nvmoblsr.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\nvoglv64.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\nvshext.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\nvsvc64.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\nvsvcr.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\nvsvs.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\nvsvsr.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\nvudisp.exe c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\nvumdshimx.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\nvuninst.exe c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\nvvitvs.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\nvvitvsr.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\nvvsvc.exe c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\nvwgf2umx.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\nvwsapps.xml c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\nvwss.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\nvwssr.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\perfc009.dat c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\perfd009.dat c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\perfh009.dat c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\perfi009.dat c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\rcoinst64.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\rp3daa64.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\rp3dht64.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\rtcom64.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\rteed64a.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\rteeg64a.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\rteel64a.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\rteep64a.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\rtkapi64.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\rtkapo64.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\rtkcfg64.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\rtlcpapi64.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\rtpgex64.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\rtsnmg64.cpl c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\sn123490en400015.xml c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\srshp64.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\srstsh64.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\srstsx64.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\srswow64.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\streamci.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\syntpapi.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\syntpco4.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\sysfxui.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\umstartup.etl c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\umstartup000.etl c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\usbaaplrc.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\wavesguilib.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\wdfcoinstaller01009.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\wmalfxgfxdsp.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\wpdmtp.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\wpdmtpus.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\yk62x64.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\codeintegrity\bootcat.cache c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\drvstore\gearaspiwd_b60a2da9f47e0a7f3329b57aa751f1789961a8be\gearaspiwdm.inf c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\drvstore\gearaspiwd_b60a2da9f47e0a7f3329b57aa751f1789961a8be\gearaspiwdmx64.cat c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\drvstore\gearaspiwd_b60a2da9f47e0a7f3329b57aa751f1789961a8be\x64\gearaspi.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\drvstore\gearaspiwd_b60a2da9f47e0a7f3329b57aa751f1789961a8be\x64\gearaspi64.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\drvstore\gearaspiwd_b60a2da9f47e0a7f3329b57aa751f1789961a8be\x64\gearaspiwdm.sys c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\drvstore\fssfltr_39590300fcd4a02369636207ada5b49f15d02abb\fssfltr.inf c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\drvstore\fssfltr_39590300fcd4a02369636207ada5b49f15d02abb\fssfltr.sys c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\microsoft\protect\recovery\recovery.dat c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\microsoft\protect\recovery\recovery.dat.log1 c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\microsoft\protect\recovery\recovery.dat.log2 c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\microsoft\protect\recovery\recovery.dat{f67f2199-a630-11df-9f6b-002454a2f31e}.tm.blf c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\microsoft\protect\recovery\recovery.dat{f67f2199-a630-11df-9f6b-002454a2f31e}.tmcontainer00000000000000000001.regtrans-ms c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\microsoft\protect\recovery\recovery.dat{f67f2199-a630-11df-9f6b-002454a2f31e}.tmcontainer00000000000000000002.regtrans-ms c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\microsoft\protect\s-1-5-18\1037f29e-7cbf-42a2-83f6-f642a1156ce5 c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\microsoft\protect\s-1-5-18\b67738a6-93b5-4060-9732-0347304ae507 c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\microsoft\protect\s-1-5-18\preferred c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\microsoft\protect\s-1-5-18\user\390c6ef8-c885-4682-a259-e50b36a09762 c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\microsoft\protect\s-1-5-18\user\988046e2-0c16-4831-b874-94b7036c09ba c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\microsoft\protect\s-1-5-18\user\b582613f-0ed7-4a4b-b113-a8fc4ae78b29 c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\microsoft\protect\s-1-5-18\user\b7b81bd6-8e2e-48ee-909e-540a494e78ea c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\microsoft\protect\s-1-5-18\user\f22e410f-f947-4e08-8f2a-8f65df603f8d c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\microsoft\protect\s-1-5-18\user\preferred c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\microsoft\protect\s-1-5-19\8c0c8636-08cc-4cbe-b290-37e10fd1388e c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\microsoft\protect\s-1-5-19\97dd80c1-edb5-44ca-bba3-de32297ea9eb c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\microsoft\protect\s-1-5-19\preferred c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\microsoft\protect\s-1-5-20\71809cb6-a0e3-41db-9368-8bfbc987ee02 c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\microsoft\protect\s-1-5-20\preferred c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\ndf\eventlog.etl c:\Windows\System32\NDF [NOTE] The file is not visible. c:\windows\system32\oem\seccsd-cert.xrm-ms c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\smi\store\machine\schema.dat c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\smi\store\machine\schema.dat.log c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\smi\store\machine\schema.dat.log1 c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\smi\store\machine\schema.dat.log2 c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\smi\store\machine\schema.dat{01b90872-9143-11df-ae24-002454a2f31e}.tm.blf c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\smi\store\machine\schema.dat{01b90872-9143-11df-ae24-002454a2f31e}.tmcontainer00000000000000000001.regtrans-ms c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\smi\store\machine\schema.dat{01b90872-9143-11df-ae24-002454a2f31e}.tmcontainer00000000000000000002.regtrans-ms c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\smi\store\machine\schema.dat{34262d7d-6238-11df-8f82-00245471cf11}.tm.blf c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\smi\store\machine\schema.dat{34262d7d-6238-11df-8f82-00245471cf11}.tmcontainer00000000000000000001.regtrans-ms c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\smi\store\machine\schema.dat{34262d7d-6238-11df-8f82-00245471cf11}.tmcontainer00000000000000000002.regtrans-ms c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\smi\store\machine\schema.dat{726e5829-623f-11df-b3a5-00245471cf11}.tm.blf c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\smi\store\machine\schema.dat{726e5829-623f-11df-b3a5-00245471cf11}.tmcontainer00000000000000000001.regtrans-ms c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\smi\store\machine\schema.dat{726e5829-623f-11df-b3a5-00245471cf11}.tmcontainer00000000000000000002.regtrans-ms c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\smi\store\machine\schema.dat{846ee3d3-7039-11de-9d20-001d09fa5a1c}.tm.blf c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\smi\store\machine\schema.dat{846ee3d3-7039-11de-9d20-001d09fa5a1c}.tmcontainer00000000000000000001.regtrans-ms c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\smi\store\machine\schema.dat{846ee3d3-7039-11de-9d20-001d09fa5a1c}.tmcontainer00000000000000000002.regtrans-ms c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\smi\store\machine\schema.dat{92b4c080-888e-11df-9aa4-002454a2f31e}.tm.blf c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\smi\store\machine\schema.dat{92b4c080-888e-11df-9aa4-002454a2f31e}.tmcontainer00000000000000000001.regtrans-ms c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\smi\store\machine\schema.dat{92b4c080-888e-11df-9aa4-002454a2f31e}.tmcontainer00000000000000000002.regtrans-ms c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\smi\store\machine\schema.dat{ad9e102e-b1f1-11df-996a-002454a2f31e}.tm.blf c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\smi\store\machine\schema.dat{ad9e102e-b1f1-11df-996a-002454a2f31e}.tmcontainer00000000000000000001.regtrans-ms c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\smi\store\machine\schema.dat{ad9e102e-b1f1-11df-996a-002454a2f31e}.tmcontainer00000000000000000002.regtrans-ms c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\srslabs\{176f4e15-8f7c-4833-aded-81fae8ccd186}\slcshp64.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\srslabs\{176f4e15-8f7c-4833-aded-81fae8ccd186}\slgeq64.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\srslabs\{176f4e15-8f7c-4833-aded-81fae8ccd186}\slh36064.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\srslabs\{176f4e15-8f7c-4833-aded-81fae8ccd186}\slinit64.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\srslabs\{176f4e15-8f7c-4833-aded-81fae8ccd186}\sltshd64.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\srslabs\{176f4e15-8f7c-4833-aded-81fae8ccd186}\sluapo64.dll c:\Windows\System32 [NOTE] The file is not visible. c:\windows\system32\wat\watadminsvc.exe c:\Windows\System32\Wat [NOTE] The file is not visible. c:\windows\system32\wat\watux.exe c:\Windows\System32\Wat [NOTE] The file is not visible. c:\windows\system32\drivers\1394bus.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\1394ohci.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\144d_samsung_n_q430_02kf.mrk c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\acpi.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\acpipmi.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\adp94xx.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\adpahci.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\adpu320.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\agp440.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\aliide.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\amdide.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\amdk8.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\amdppm.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\amdsata.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\amdsbs.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\amdxata.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\arc.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\arcsas.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\atapi.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\ataport.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\athrx.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\avgntflt.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\avipbb.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\b57nd60a.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\battc.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\blbdrive.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\brfiltlo.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\brfiltup.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\brserid.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\brserwdm.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\brusbmdm.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\brusbser.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\bthmodem.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\bxvbda.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\cdrom.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\circlass.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\cmbatt.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\cmdide.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\compbatt.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\compositebus.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\crcdisk.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\disk.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\drmk.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\drmkaud.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\elxstor.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\errdev.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\evbda.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\fdc.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\flpydisk.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\fssfltr.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\gagp30kx.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\gearaspiwdm.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\hcw85cir.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\hdaudbus.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\hdaudio.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\hidbatt.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\hidbth.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\hidclass.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\hidir.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\hidparse.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\hidusb.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\hpsamd.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\i8042prt.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\iastor.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\iastorv.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\igdkmd64.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\iirsp.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\impcd.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\intelide.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\intelppm.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\ipmidrv.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\isapnp.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\kbdclass.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\kbdhid.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\lsi_fc.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\lsi_sas.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\lsi_sas2.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\lsi_scsi.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\makemarkerfile.exe c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\makemarkerfile.xml c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\mbam.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\megasas.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\megasr.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\monitor.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\mouclass.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\mouhid.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\mpio.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\msahci.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\msdsm.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\msft_kernel_sabi_01009.wdf c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\msft_kernel_syntp_01009.wdf c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\msft_user_wpdfs_01_09_00.wdf c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\msft_user_wpdmtpdr_01_09_00.wdf c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\msisadrv.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\msiscsi.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\mssmbios.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\msvcr90.dll c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\mtconfig.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\nfrd960.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\nvbridge.kmd c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\nvhda64v.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\nvlddmkm.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\nvraid.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\nvstor.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\nv_agp.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\ohci1394.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\parport.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\pci.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\pciide.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\pciidex.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\pcmcia.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\portcls.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\processr.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\ql2300.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\ql40xx.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\rdpbus.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\rt64win7.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\rtkvhd64.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\sabi.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\sabi3.dll c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\sbp2port.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\secdrv.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\serenum.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\serial.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\sermouse.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\serscan.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\sffdisk.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\sffp_mmc.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\sffp_sd.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\sfloppy.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\sisraid2.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\sisraid4.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\stexstor.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\swenum.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\syntp.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\termdd.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\turbob.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\uagp35.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\uliagpkx.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\umbus.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\umpass.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\usbaapl64.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\usbccgp.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\usbcir.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\usbd.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\usbehci.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\usbhub.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\usbohci.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\usbport.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\usbprint.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\usbstor.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\usbuhci.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\usbvideo.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\vdrvroot.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\vgapnp.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\vhdmp.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\viaide.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\volmgr.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\volsnap.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\vsmraid.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\wacompen.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\wd.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\winusb.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\wmiacpi.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\yk62x64.sys c:\Windows\System32\drivers [NOTE] The file is not visible. c:\windows\system32\drivers\umdf\wpdfs.dll c:\Windows\System32\drivers\UMDF [NOTE] The file is not visible. c:\windows\system32\drivers\umdf\wpdmtpdr.dll c:\Windows\System32\drivers\UMDF [NOTE] The file is not visible. c:\windows\system32\drivers\etc\hosts c:\Windows\System32\drivers\HOSTS [NOTE] The file is not visible. c:\windows\system32\drivers\etc\hosts.mvp c:\Windows\System32\drivers\HOSTS.MVP [NOTE] The file is not visible. c:\windows\system32\drivers\etc\lmhosts.sam c:\Windows\System32\drivers\lmhosts.sam [NOTE] The file is not visible. c:\windows\system32\drivers\etc\networks c:\Windows\System32\drivers\networks [NOTE] The file is not visible. c:\windows\system32\drivers\etc\protocol c:\Windows\System32\drivers\protocol [NOTE] The file is not visible. c:\windows\system32\drivers\etc\services c:\Windows\System32\drivers\services [NOTE] The file is not visible. c:\windows\system32\oobe\samsung\samsung.png c:\Windows\System32\oobe [NOTE] The file is not visible. c:\windows\system32\oobe\samsung\thumbs.db c:\Windows\System32\oobe [NOTE] The file is not visible. c:\windows\system32\oobe\samsung\wallpapers\thumbs.db c:\Windows\System32\oobe [NOTE] The file is not visible. c:\windows\system32\oobe\samsung\wallpapers\wallpaper1.jpg c:\Windows\System32\oobe [NOTE] The file is not visible. c:\windows\system32\oobe\samsung\wallpapers\wallpaper2.jpg c:\Windows\System32\oobe [NOTE] The file is not visible. c:\windows\system32\oobe\samsung\wallpapers\wallpaper3.jpg c:\Windows\System32\oobe [NOTE] The file is not visible. c:\windows\system32\oobe\info\oobe.xml c:\Windows\System32\oobe [NOTE] The file is not visible. c:\windows\system32\oobe\info\thumbs.db c:\Windows\System32\oobe [NOTE] The file is not visible. c:\windows\system32\oobe\info\wcback.png c:\Windows\System32\oobe [NOTE] The file is not visible. c:\windows\system32\oobe\info\wclogo.png c:\Windows\System32\oobe [NOTE] The file is not visible. c:\windows\system32\oobe\info\wcpic.png c:\Windows\System32\oobe [NOTE] The file is not visible. c:\windows\system32\oobe\info\default\1025\oobe.xml c:\Windows\System32\oobe [NOTE] The file is not visible. c:\windows\system32\oobe\info\default\1026\oobe.xml c:\Windows\System32\oobe [NOTE] The file is not visible. c:\windows\system32\oobe\info\default\1028\oobe.xml c:\Windows\System32\oobe [NOTE] The file is not visible. c:\windows\system32\oobe\info\default\1029\oobe.xml c:\Windows\System32\oobe [NOTE] The file is not visible. c:\windows\system32\oobe\info\default\1030\oobe.xml c:\Windows\System32\oobe [NOTE] The file is not visible. c:\windows\system32\oobe\info\default\1031\oobe.xml c:\Windows\System32\oobe [NOTE] The file is not visible. c:\windows\system32\oobe\info\default\1032\oobe.xml c:\Windows\System32\oobe [NOTE] The file is not visible. c:\windows\system32\oobe\info\default\1033\oobe.xml c:\Windows\System32\oobe [NOTE] The file is not visible. c:\windows\system32\oobe\info\default\1035\oobe.xml c:\Windows\System32\oobe [NOTE] The file is not visible. c:\windows\system32\oobe\info\default\1036\oobe.xml c:\Windows\System32\oobe [NOTE] The file is not visible. c:\windows\system32\oobe\info\default\1037\oobe.xml c:\Windows\System32\oobe [NOTE] The file is not visible. c:\windows\system32\oobe\info\default\1038\oobe.xml c:\Windows\System32\oobe [NOTE] The file is not visible. c:\windows\system32\oobe\info\default\1040\oobe.xml c:\Windows\System32\oobe [NOTE] The file is not visible. c:\windows\system32\oobe\info\default\1042\oobe.xml c:\Windows\System32\oobe [NOTE] The file is not visible. c:\windows\system32\oobe\info\default\1043\oobe.xml c:\Windows\System32\oobe [NOTE] The file is not visible. c:\windows\system32\oobe\info\default\1044\oobe.xml
  15. DDS: DDS (Ver_10-03-17.01) - NTFSX64 Run by Kimberly at 8:20:48.10 on Wed 09/01/2010 Internet Explorer: 8.0.7600.16385 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3957.2738 [GMT -5:00] ============== Running Processes =============== C:\windows\system32\wininit.exe C:\windows\system32\lsm.exe C:\windows\system32\svchost.exe -k DcomLaunch C:\windows\system32\nvvsvc.exe C:\windows\system32\svchost.exe -k RPCSS C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\windows\system32\svchost.exe -k netsvcs C:\windows\system32\svchost.exe -k LocalService C:\windows\system32\nvvsvc.exe C:\windows\system32\svchost.exe -k NetworkService C:\windows\System32\spoolsv.exe C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe C:\windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\Bonjour\mDNSResponder.exe C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\windows\SysWOW64\svchost.exe -k hpdevmgmt C:\windows\System32\svchost.exe -k HPZ12 C:\windows\System32\svchost.exe -k HPZ12 C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe C:\windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe C:\windows\system32\conhost.exe C:\windows\system32\taskhost.exe C:\windows\system32\taskeng.exe C:\windows\system32\Dwm.exe C:\windows\Explorer.EXE C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe C:\windows\system32\svchost.exe -k HPService C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\windows\system32\SearchIndexer.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Program Files\Internet Explorer\iexplore.exe C:\windows\system32\SearchProtocolHost.exe C:\windows\system32\SearchFilterHost.exe C:\windows\system32\DllHost.exe C:\windows\system32\DllHost.exe C:\windows\system32\DllHost.exe C:\Users\Kimberly\Desktop\dds.scr C:\windows\system32\conhost.exe C:\windows\system32\wbem\wmiprvse.exe ============== Pseudo HJT Report =============== uStart Page = hxxp://jaguar1.usouthal.edu/ uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn mLocal Page = c:\windows\syswow64\blank.htm uURLSearchHooks: UrlSearchHook Class: {00000000-6e41-4fd3-8538-502f5495e5fc} - c:\program files (x86)\ask.com\GenericAskToolbar.dll BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_printenhancer.dll BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files (x86)\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files (x86)\google\google toolbar\GoogleToolbar_32.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files (x86)\google\googletoolbarnotifier\5.5.5126.1836\swg.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~2\micros~1\office14\URLREDIR.DLL BHO: LimeWire Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files (x86)\ask.com\GenericAskToolbar.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files (x86)\java\jre6\bin\jp2ssv.dll BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_BHO.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files (x86)\google\google toolbar\GoogleToolbar_32.dll TB: LimeWire Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files (x86)\ask.com\GenericAskToolbar.dll EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_bho.dll uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun uRun: [swg] "c:\program files (x86)\google\googletoolbarnotifier\GoogleToolbarNotifier.exe" mRun: [updateLBPShortCut] "c:\program files (x86)\cyberlink\labelprint\muitransfer\muistartmenu.exe" "c:\program files (x86)\cyberlink\labelprint" updatewithcreateonce "software\cyberlink\labelprint\2.5" mRun: [CLMLServer] "c:\program files (x86)\cyberlink\power2go\CLMLSvc.exe" mRun: [updateP2GoShortCut] "c:\program files (x86)\cyberlink\power2go\muitransfer\muistartmenu.exe" "c:\program files (x86)\cyberlink\power2go" updatewithcreateonce "software\cyberlink\power2go\6.0" mRun: [updatePDRShortCut] "c:\program files (x86)\cyberlink\powerdirector\muitransfer\muistartmenu.exe" "c:\program files (x86)\cyberlink\powerdirector" updatewithcreateonce "software\cyberlink\powerdirector\7.0" mRun: [RemoteControl8] "c:\program files (x86)\cyberlink\powerdvd8\PDVD8Serv.exe" mRun: [PDVD8LanguageShortcut] "c:\program files (x86)\cyberlink\powerdvd8\language\Language.exe" mRun: [updatePPShortCut] "c:\program files (x86)\cyberlink\powerproducer\muitransfer\muistartmenu.exe" "c:\program files (x86)\cyberlink\powerproducer" updatewithcreateonce "software\cyberlink\powerproducer\5.0" mRun: [updatePSTShortCut] "c:\program files (x86)\cyberlink\dvd suite\muitransfer\muistartmenu.exe" "c:\program files (x86)\cyberlink\dvd suite" updatewithcreateonce "software\cyberlink\PowerStarter" mRun: [uCam_Menu] "c:\program files (x86)\cyberlink\youcam\muitransfer\muistartmenu.exe" "c:\program files (x86)\cyberlink\youcam" updatewithcreateonce "software\cyberlink\youcam\2.0" mRun: [HP Software Update] c:\program files (x86)\hp\hp software update\HPWuSchd2.exe mRun: [QuickTime Task] "c:\program files (x86)\quicktime\QTTask.exe" -atboottime mRun: [iTunesHelper] "c:\program files (x86)\itunes\iTunesHelper.exe" mRun: [sunJavaUpdateSched] "c:\program files (x86)\common files\java\java update\jusched.exe" mRun: [avgnt] "c:\program files (x86)\avira\antivir desktop\avgnt.exe" /min StartupFolder: c:\users\kimberly\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files (x86)\microsoft office\office14\ONENOTEM.EXE StartupFolder: c:\progra~3\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: ForceActiveDesktopOn = 0 (0x0) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: E&xport to Microsoft Excel - c:\progra~2\micros~1\office14\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files (x86)\google\google toolbar\component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html IE: Se&nd to OneNote - c:\progra~2\micros~1\office14\ONBttnIE.dll/105 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files (x86)\windows live\writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files (x86)\microsoft office\office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files (x86)\microsoft office\office14\ONBttnIELinkedNotes.dll IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_BHO.dll DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\common files\microsoft shared\office14\MSOXMLMF.DLL BHO-X64: Windows Live Family Safety Browser Helper Class: {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - c:\program files\windows live\family safety\fssbho.dll BHO-X64: Windows Live Family Safety Browser Helper - No File BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files (x86)\google\google toolbar\GoogleToolbar_64.dll BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.5.5126.1836\swg64.dll BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\progra~1\micros~2\office14\URLREDIR.DLL BHO-X64: URLRedirectionBHO - No File BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files (x86)\google\google toolbar\GoogleToolbar_64.dll TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File mRun-x64: [RtHDVCpl] c:\program files\realtek\audio\hda\RAVCpl64.exe -s mRun-x64: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe mRun-x64: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup ============= SERVICES / DRIVERS =============== R1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\drivers\SABI.sys [2010-5-17 13824] R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 59904] R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files (x86)\avira\antivir desktop\sched.exe [2010-8-31 135336] R2 AntiVirService;Avira AntiVir Guard;c:\program files (x86)\avira\antivir desktop\avguard.exe [2010-8-31 267432] R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2010-8-31 81072] R2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\drivers\TurboB.sys [2009-11-2 13784] R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2010-5-18 158976] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2010-5-18 84584] R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x64.sys [2009-9-28 395264] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\microsoft.net\framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 gupdate;Google Update Service (gupdate);c:\program files (x86)\google\update\GoogleUpdate.exe [2010-7-5 135664] S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2010-5-18 61280] S3 fsssvc;Windows Live Family Safety Service;c:\program files (x86)\windows live\family safety\fsssvc.exe [2009-8-5 704864] S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4925184] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt64win7.sys [2009-6-10 187392] S3 TurboBoost;TurboBoost;c:\program files\intel\turboboost\TurboBoost.exe [2009-11-2 126352] S3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\drivers\usbaapl64.sys [2010-4-19 50688] S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-7-7 1255736] =============== Created Last 30 ================ 2010-09-01 02:06:59 118784 ----a-w- c:\windows\syswow64\MSSTDFMT.DLL 2010-09-01 02:06:58 0 d-----w- c:\program files (x86)\SpywareBlaster 2010-08-31 20:33:42 270208 ------w- c:\windows\system32\MpSigStub.exe 2010-08-31 20:12:02 0 d-----w- c:\users\kimberly\appdata\roaming\Avira 2010-08-31 20:08:29 81072 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2010-08-31 20:08:28 0 d-----w- c:\programdata\Avira 2010-08-31 20:08:28 0 d-----w- c:\program files (x86)\Avira 2010-08-29 22:11:01 731106 ----a-w- c:\windows\syswow64\PerfStringBackup.INI 2010-08-29 20:30:30 423656 ----a-w- c:\windows\syswow64\deployJava1.dll 2010-08-28 02:56:08 0 d-----w- c:\program files\Java 2010-08-28 02:10:02 468480 ----a-w- c:\windows\system32\deployJava1.dll 2010-08-25 17:01:11 0 ----a-w- c:\users\kimberly\defogger_reenable 2010-08-25 13:41:37 861184 ----a-w- c:\windows\system32\oleaut32.dll 2010-08-25 13:41:37 571904 ----a-w- c:\windows\syswow64\oleaut32.dll 2010-08-18 18:26:12 618540 ----a-w- c:\users\kimberly\HOSTS 2010-08-12 05:49:55 0 d-----w- c:\users\kimberly\appdata\roaming\Malwarebytes 2010-08-12 05:49:26 24664 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-08-12 05:49:26 0 d-----w- c:\programdata\Malwarebytes 2010-08-12 05:49:26 0 d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2010-08-11 00:14:10 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf 2010-08-02 20:10:22 12867584 ----a-w- c:\windows\syswow64\shell32.dll ==================== Find3M ==================== 2010-09-01 02:32:38 1615 ----a-w- c:\users\kimberly\mvps.bat 2010-08-29 20:30:19 153376 ----a-w- c:\windows\syswow64\javaws.exe 2010-08-29 20:30:19 145184 ----a-w- c:\windows\syswow64\javaw.exe 2010-08-29 20:30:19 145184 ----a-w- c:\windows\syswow64\java.exe 2010-07-29 06:30:34 82944 ----a-w- c:\windows\syswow64\iccvid.dll 2010-07-18 21:54:10 205885 ----a-w- c:\windows\hpoins46.dat 2010-07-05 23:33:15 0 ----a-w- c:\windows\system32\drivers\144D_SAMSUNG_N_Q430_02KF.mrk 2010-06-30 07:13:46 1192960 ----a-w- c:\windows\system32\wininet.dll 2010-06-30 06:25:31 978432 ----a-w- c:\windows\syswow64\wininet.dll 2010-06-30 06:25:18 1226240 ----a-w- c:\windows\syswow64\urlmon.dll 2010-06-30 06:22:45 606208 ----a-w- c:\windows\syswow64\mstime.dll 2010-06-30 06:22:34 5971456 ----a-w- c:\windows\syswow64\mshtml.dll 2010-06-30 06:22:33 64512 ----a-w- c:\windows\syswow64\msfeedsbs.dll 2010-06-30 06:21:57 48128 ----a-w- c:\windows\syswow64\jsproxy.dll 2010-06-30 06:21:47 185856 ----a-w- c:\windows\syswow64\iepeers.dll 2010-06-30 06:21:47 176640 ----a-w- c:\windows\syswow64\ieui.dll 2010-06-30 06:21:46 10985472 ----a-w- c:\windows\syswow64\ieframe.dll 2010-06-30 06:21:44 381440 ----a-w- c:\windows\syswow64\iedkcs32.dll 2010-06-30 06:19:16 12800 ----a-w- c:\windows\syswow64\msfeedssync.exe 2010-06-19 07:05:01 5507968 ----a-w- c:\windows\system32\ntoskrnl.exe 2010-06-19 06:53:18 52224 ----a-w- c:\windows\system32\rtutils.dll 2010-06-19 06:33:29 3955080 ----a-w- c:\windows\syswow64\ntkrnlpa.exe 2010-06-19 06:33:29 3899784 ----a-w- c:\windows\syswow64\ntoskrnl.exe 2010-06-19 06:23:50 37376 ----a-w- c:\windows\syswow64\rtutils.dll 2010-06-19 04:32:34 3122688 ----a-w- c:\windows\system32\win32k.sys 2010-06-16 06:11:10 340992 ----a-w- c:\windows\system32\schannel.dll 2010-06-16 05:48:35 224256 ----a-w- c:\windows\syswow64\schannel.dll 2010-06-08 06:02:06 1233920 ----a-w- c:\windows\syswow64\msxml3.dll 2010-06-08 05:36:31 1877504 ----a-w- c:\windows\system32\msxml3.dll 2009-07-14 05:37:38 31548 ----a-w- c:\windows\inf\perflib\0409\perfd.dat 2009-07-14 05:37:38 31548 ----a-w- c:\windows\inf\perflib\0409\perfc.dat 2009-07-14 05:37:38 291294 ----a-w- c:\windows\inf\perflib\0409\perfi.dat 2009-07-14 05:37:38 291294 ----a-w- c:\windows\inf\perflib\0409\perfh.dat 2009-07-14 04:54:24 174 --sha-w- c:\program files\desktop.ini 2009-07-14 04:54:24 174 --sha-w- c:\program files (x86)\desktop.ini 2009-07-14 01:00:34 291294 ----a-w- c:\windows\inf\perflib\0000\perfi.dat 2009-07-14 01:00:34 291294 ----a-w- c:\windows\inf\perflib\0000\perfh.dat 2009-07-14 01:00:32 31548 ----a-w- c:\windows\inf\perflib\0000\perfd.dat 2009-07-14 01:00:32 31548 ----a-w- c:\windows\inf\perflib\0000\perfc.dat 2009-06-10 20:44:08 9633792 --sha-r- c:\windows\fonts\StaticCache.dat 2009-07-14 01:39:53 398848 --sha-w- c:\windows\winsxs\amd64_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_4d4d1f2f696639a2\WinMail.exe 2009-07-14 01:14:45 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe ============= FINISH: 8:21:19.94 =============== Attach: UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT DDS (Ver_10-03-17.01) Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 7/5/2010 6:32:46 PM System Uptime: 9/1/2010 8:07:24 AM (0 hours ago) Motherboard: SAMSUNG ELECTRONICS CO., LTD. | | Q430/Q530 Processor: Intel® Core i5 CPU M 450 @ 2.40GHz | CPU 1 | 2400/133mhz ==== Disk Partitions ========================= C: is FIXED (NTFS) - 100 GiB total, 69.682 GiB free. D: is FIXED (NTFS) - 351 GiB total, 350.563 GiB free. E: is CDROM () ==== Disabled Device Manager Items ============= Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: Photosmart D110 series Device ID: ROOT\MULTIFUNCTION\0000 Manufacturer: HP Name: Photosmart D110 series PNP Device ID: ROOT\MULTIFUNCTION\0000 Service: Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: HL-2140 series Device ID: ROOT\MULTIFUNCTION\0001 Manufacturer: Brother Name: HL-2140 series PNP Device ID: ROOT\MULTIFUNCTION\0001 Service: Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: HP Color LaserJet CP2025dn Device ID: ROOT\MULTIFUNCTION\0002 Manufacturer: Hewlett-Packard Name: HP Color LaserJet CP2025dn PNP Device ID: ROOT\MULTIFUNCTION\0002 Service: Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: hp LaserJet 4350 Device ID: ROOT\MULTIFUNCTION\0003 Manufacturer: Hewlett-Packard Name: hp LaserJet 4350 PNP Device ID: ROOT\MULTIFUNCTION\0003 Service: Class GUID: Description: HP LaserJet 1200 Device ID: ROOT\MULTIFUNCTION\0004 Manufacturer: Name: HP LaserJet 1200 PNP Device ID: ROOT\MULTIFUNCTION\0004 Service: Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: Officejet Pro 8000 A809 Device ID: ROOT\MULTIFUNCTION\0005 Manufacturer: HP Name: Officejet Pro 8000 A809 PNP Device ID: ROOT\MULTIFUNCTION\0005 Service: ==== System Restore Points =================== RP37: 8/25/2010 11:55:57 AM - Removed Adobe Flash Player 10 Plugin. RP39: 8/26/2010 3:59:27 PM - Windows Modules Installer RP40: 8/26/2010 4:00:39 PM - Windows Modules Installer RP41: 8/27/2010 10:41:24 AM - OTL Restore Point RP42: 8/27/2010 8:56:05 PM - Removed Java 6 Update 18 RP43: 8/27/2010 9:09:28 PM - Installed Java 6 Update 21 (64-bit) RP44: 8/27/2010 9:55:33 PM - Removed Java 6 Update 21 (64-bit) RP45: 8/27/2010 9:55:59 PM - Installed Java 6 Update 21 (64-bit) RP46: 8/27/2010 10:14:55 PM - Removed Adobe Reader 9.1. RP47: 8/29/2010 3:30:00 PM - Installed Java 6 Update 21 RP48: 8/31/2010 3:33:19 PM - Windows Update RP49: 8/31/2010 8:46:03 PM - Windows Update ==== Installed Programs ====================== Adobe AIR Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Apple Application Support Apple Software Update Ask Toolbar AT&T Yahoo! Browser Configuration Atheros Client Installation Program Avira AntiVir Personal - Free Antivirus BatteryLifeExtender Best Buy Software Installer BufferChm ChargeableUSB Coupon Printer for Windows CyberLink DVD Suite CyberLink LabelPrint CyberLink Power2Go CyberLink PowerDirector CyberLink PowerDVD 8 CyberLink PowerProducer CyberLink YouCam D110 Definition update for Microsoft Office 2010 (KB982726) Destinations DeviceDiscovery Easy Content Share Easy Display Manager Easy Network Manager Easy SpeedUp Manager EasyBatteryManager EasyFileShare ERUNT 1.1j Google Toolbar for Internet Explorer Google Update Helper GPBaseService2 HP Photo Creations HP Update HPAppStudio HPPhotoGadget HPProductAssistant HPSSupply Intel® Rapid Storage Technology Intel® Turbo Boost Technology Driver Java Auto Updater Java 6 Update 21 Junk Mail filter update LimeWire 5.5.10 Malwarebytes' Anti-Malware MarketResearch Marvell Miniport Driver Microsoft Choice Guard Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Professional 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Single Image 2010 Microsoft Office Word MUI (English) 2010 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MultimediaPOP PS_AIO_07_D110_SW_Min QuickTime QuickTransfer Realtek High Definition Audio Driver Samsung Recovery Solution 4 Samsung Support Center Samsung Update Plus Scan SmartWebPrinting SolutionCenter SpywareBlaster 4.4 Status Toolbox TrayApp Update for Microsoft Office 2010 (KB2202188) Update for Microsoft Outlook Social Connector (KB983403) User Guide WebReg Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Mail Windows Live Messenger Windows Live Movie Maker Windows Live Photo Gallery Windows Live Sign-in Assistant Windows Live Sync Windows Live Upload Tool Windows Live Writer ==== Event Viewer Messages From Past Week ======== 9/1/2010 8:06:09 AM, Error: Service Control Manager [7038] - The WerSvc service was unable to log on as NT AUTHORITY\SYSTEM with the currently configured password due to the following error: The RPC server is unavailable. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC). 9/1/2010 8:06:08 AM, Error: Service Control Manager [7038] - The WerSvc service was unable to log on as NT AUTHORITY\SYSTEM with the currently configured password due to the following error: The remote procedure call failed. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC). 8/31/2010 3:08:46 PM, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for Start with the following error: Access is denied. 8/31/2010 2:57:16 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. 8/31/2010 2:55:22 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 8/31/2010 2:55:22 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 8/31/2010 2:55:21 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 8/31/2010 2:55:16 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 8/31/2010 2:54:55 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache SABI spldr Wanarpv6 8/29/2010 6:13:21 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start. 8/29/2010 3:10:33 PM, Error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 8/28/2010 8:29:49 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service McNaiAnn with arguments "" in order to run the server: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40} 8/27/2010 1:28:30 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service McNaiAnn with arguments "" in order to run the server: {395633B1-EED9-4DFC-B67F-9788B51C9F06} 8/26/2010 5:27:22 PM, Error: Service Control Manager [7031] - The McShield service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service. 8/25/2010 11:25:02 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {D3DCB472-7261-43CE-924B-0704BD730D5F} 8/25/2010 11:25:02 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF} 8/25/2010 11:17:00 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046} ==== End Of File =========================== MBAM log: Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Database version: 4521 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 9/1/2010 8:14:28 AM mbam-log-2010-09-01 (08-14-28).txt Scan type: Quick scan Objects scanned: 148558 Time elapsed: 3 minute(s), 25 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected)
  16. I meant to type Java not Jave, and the names are jre-6u21-windows-i586-s and jre-6u21-windows-x64. No, I was not surfing the web, I've only been getting on this website and ones you direct me towards since you've been helping me. It did pop up in a seperate window, and I am using Internet Explorer.
  17. I am also still getting pop ups randomly- this is the one I just got - http://wordslife.com/ads.php There are different ones that show up. I made sure my popup blocker is on. What should I do?
  18. Also, there are a number of programs installed on my desktop that I'm not sure what to do with- SecurityCheck, NTREGOPT, MCPR, avira_antivir_personal_em (There is also an Avira Control Center so I'm not sure if I need to keep both?) There is also an mbam-setup in addition to the Malwarebyte's Anti-Malware program. And do I need to keep both Jave (64-bit and 32-bit) on the desktop? If not, how do I take it off without deleting/uninstalling it? Do I install the programs you recommended on my desktop or somewhere else? If so, where do I save them? I use LimeWire, is it safe to use? How do I make backups of my system? That's all for now, thanks!
  19. Thank you soo much for all your help! I have one more question for the time being, I might have more as I move through these steps... I show that I have 3 Adobe programs- Adobe Air, Adobe Flash Player 10 Active X and Plugin... Do I uninstall all of these?
  20. I downloaded Avira, updated it, and ran a scan. I attached the log from the scan below: Avira AntiVir Personal Report file date: Tuesday, August 31, 2010 15:23 Scanning for 2768657 virus strains and unwanted programs. The program is running as an unrestricted full version. Online services are available: Licensee : Avira AntiVir Personal - FREE Antivirus Serial number : 0000149996-ADJIE-0000001 Platform : Windows 7 x64 Windows version : (plain) [6.1.7600] Boot mode : Normally booted Username : SYSTEM Computer name : KIMBERLY-PC Version information: BUILD.DAT : 10.0.0.567 32097 Bytes 4/19/2010 15:07:00 AVSCAN.EXE : 10.0.3.0 433832 Bytes 4/1/2010 18:37:38 AVSCAN.DLL : 10.0.3.0 46440 Bytes 4/1/2010 18:57:04 LUKE.DLL : 10.0.2.3 104296 Bytes 3/8/2010 00:33:04 LUKERES.DLL : 10.0.0.1 12648 Bytes 2/11/2010 05:40:49 VBASE000.VDF : 7.10.0.0 19875328 Bytes 11/6/2009 15:05:36 VBASE001.VDF : 7.10.1.0 1372672 Bytes 11/19/2009 01:27:49 VBASE002.VDF : 7.10.3.1 3143680 Bytes 1/20/2010 23:37:42 VBASE003.VDF : 7.10.3.75 996864 Bytes 1/26/2010 22:37:42 VBASE004.VDF : 7.10.4.203 1579008 Bytes 3/5/2010 17:29:03 VBASE005.VDF : 7.10.6.82 2494464 Bytes 4/15/2010 20:13:42 VBASE006.VDF : 7.10.7.218 2294784 Bytes 6/2/2010 20:14:39 VBASE007.VDF : 7.10.9.165 4840960 Bytes 7/23/2010 20:17:36 VBASE008.VDF : 7.10.9.166 2048 Bytes 7/23/2010 20:17:37 VBASE009.VDF : 7.10.9.167 2048 Bytes 7/23/2010 20:17:38 VBASE010.VDF : 7.10.9.168 2048 Bytes 7/23/2010 20:17:38 VBASE011.VDF : 7.10.9.169 2048 Bytes 7/23/2010 20:17:38 VBASE012.VDF : 7.10.9.170 2048 Bytes 7/23/2010 20:17:38 VBASE013.VDF : 7.10.9.198 157696 Bytes 7/26/2010 20:17:47 VBASE014.VDF : 7.10.9.255 997888 Bytes 7/29/2010 20:18:36 VBASE015.VDF : 7.10.10.28 139264 Bytes 8/2/2010 20:18:44 VBASE016.VDF : 7.10.10.52 127488 Bytes 8/3/2010 20:18:50 VBASE017.VDF : 7.10.10.84 137728 Bytes 8/6/2010 20:18:54 VBASE018.VDF : 7.10.10.107 176640 Bytes 8/9/2010 20:19:00 VBASE019.VDF : 7.10.10.130 132608 Bytes 8/10/2010 20:19:11 VBASE020.VDF : 7.10.10.158 131072 Bytes 8/12/2010 20:19:16 VBASE021.VDF : 7.10.10.190 136704 Bytes 8/16/2010 20:19:22 VBASE022.VDF : 7.10.10.217 118272 Bytes 8/19/2010 20:19:26 VBASE023.VDF : 7.10.10.246 130048 Bytes 8/23/2010 20:19:30 VBASE024.VDF : 7.10.11.11 144896 Bytes 8/25/2010 20:19:38 VBASE025.VDF : 7.10.11.33 135168 Bytes 8/27/2010 20:19:42 VBASE026.VDF : 7.10.11.52 148992 Bytes 8/31/2010 20:19:54 VBASE027.VDF : 7.10.11.53 2048 Bytes 8/31/2010 20:19:54 VBASE028.VDF : 7.10.11.54 2048 Bytes 8/31/2010 20:19:54 VBASE029.VDF : 7.10.11.55 2048 Bytes 8/31/2010 20:19:54 VBASE030.VDF : 7.10.11.56 2048 Bytes 8/31/2010 20:19:55 VBASE031.VDF : 7.10.11.62 49664 Bytes 8/31/2010 20:19:58 Engineversion : 8.2.4.46 AEVDF.DLL : 8.1.2.1 106868 Bytes 8/31/2010 20:22:22 AESCRIPT.DLL : 8.1.3.44 1364346 Bytes 8/31/2010 20:22:19 AESCN.DLL : 8.1.6.1 127347 Bytes 8/31/2010 20:22:02 AESBX.DLL : 8.1.3.1 254324 Bytes 8/31/2010 20:22:25 AERDL.DLL : 8.1.8.2 614772 Bytes 8/31/2010 20:21:59 AEPACK.DLL : 8.2.3.5 471412 Bytes 8/31/2010 20:21:39 AEOFFICE.DLL : 8.1.1.8 201081 Bytes 8/31/2010 20:21:33 AEHEUR.DLL : 8.1.2.19 2867574 Bytes 8/31/2010 20:21:31 AEHELP.DLL : 8.1.13.3 242038 Bytes 8/31/2010 20:20:38 AEGEN.DLL : 8.1.3.20 397684 Bytes 8/31/2010 20:20:33 AEEMU.DLL : 8.1.2.0 393588 Bytes 8/31/2010 20:20:19 AECORE.DLL : 8.1.16.2 192887 Bytes 8/31/2010 20:20:14 AEBB.DLL : 8.1.1.0 53618 Bytes 8/31/2010 20:20:11 AVWINLL.DLL : 10.0.0.0 19304 Bytes 1/14/2010 18:03:38 AVPREF.DLL : 10.0.0.0 44904 Bytes 1/14/2010 18:03:35 AVREP.DLL : 10.0.0.8 62209 Bytes 2/18/2010 22:47:40 AVREG.DLL : 10.0.3.0 53096 Bytes 4/1/2010 18:35:46 AVSCPLR.DLL : 10.0.3.0 83816 Bytes 4/1/2010 18:39:51 AVARKT.DLL : 10.0.0.14 227176 Bytes 4/1/2010 18:22:13 AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 1/26/2010 15:53:30 SQLITE3.DLL : 3.6.19.0 355688 Bytes 1/28/2010 18:57:58 AVSMTP.DLL : 10.0.0.17 63848 Bytes 3/16/2010 21:38:56 NETNT.DLL : 10.0.0.0 11624 Bytes 2/19/2010 20:41:00 RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 1/28/2010 19:10:20 RCTEXT.DLL : 10.0.53.0 97128 Bytes 4/9/2010 20:14:29 Configuration settings for the scan: Jobname.............................: Complete system scan Configuration file..................: C:\Program Files (x86)\Avira\AntiVir Desktop\sysscan.avp Logging.............................: low Primary action......................: interactive Secondary action....................: ignore Scan master boot sector.............: on Scan boot sector....................: on Boot sectors........................: C:, D:, Process scan........................: on Extended process scan...............: on Scan registry.......................: on Search for rootkits.................: on Integrity checking of system files..: off Scan all files......................: All files Scan archives.......................: on Recursion depth.....................: 20 Smart extensions....................: on Macro heuristic.....................: on File heuristic......................: medium Start of the scan: Tuesday, August 31, 2010 15:23 Starting search for hidden objects. HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{00020D75-0000-0000-C000-000000000046}\ShellFolder\attributes [NOTE] The registry entry is invisible. The scan of running processes will be started Scan process 'avscan.exe' - '87' Module(s) have been scanned Scan process 'avscan.exe' - '30' Module(s) have been scanned Scan process 'avcenter.exe' - '77' Module(s) have been scanned Scan process 'hpqgpc01.exe' - '56' Module(s) have been scanned Scan process 'avgnt.exe' - '57' Module(s) have been scanned Scan process 'jusched.exe' - '27' Module(s) have been scanned Scan process 'iTunesHelper.exe' - '75' Module(s) have been scanned Scan process 'hpqbam08.exe' - '30' Module(s) have been scanned Scan process 'hpqSTE08.exe' - '58' Module(s) have been scanned Scan process 'hpwuschd2.exe' - '20' Module(s) have been scanned Scan process 'EasySpeedUpManager.exe' - '34' Module(s) have been scanned Scan process 'PDVD8Serv.exe' - '27' Module(s) have been scanned Scan process 'CLMLSvc.exe' - '36' Module(s) have been scanned Scan process 'ONENOTEM.EXE' - '22' Module(s) have been scanned Scan process 'hpqtra08.exe' - '70' Module(s) have been scanned Scan process 'SSCKbdHk.exe' - '29' Module(s) have been scanned Scan process 'WCScheduler.exe' - '50' Module(s) have been scanned Scan process 'dmhkcore.exe' - '55' Module(s) have been scanned Scan process 'RichVideo.exe' - '24' Module(s) have been scanned Scan process 'svchost.exe' - '46' Module(s) have been scanned Scan process 'mDNSResponder.exe' - '41' Module(s) have been scanned Scan process 'AppleMobileDeviceService.exe' - '35' Module(s) have been scanned Scan process 'avguard.exe' - '67' Module(s) have been scanned Scan process 'sched.exe' - '50' Module(s) have been scanned Starting master boot sector scan: Master boot sector HD0 [iNFO] No virus was found! Start scanning boot sectors: Boot sector 'C:\' [iNFO] No virus was found! Boot sector 'D:\' [iNFO] No virus was found! Starting to scan executable files (registry). The registry was scanned ( '730' files ). Starting the file scan: Begin scan in 'C:\' Begin scan in 'D:\' End of the scan: Tuesday, August 31, 2010 16:00 Used time: 36:33 Minute(s) The scan has been done completely. 21029 Scanned directories 425811 Files were scanned 0 Viruses and/or unwanted programs were found 0 Files were classified as suspicious 0 files were deleted 0 Viruses and unwanted programs were repaired 0 Files were moved to quarantine 0 Files were renamed 0 Files cannot be scanned 425811 Files not concerned 1529 Archives were scanned 0 Warnings 0 Notes 687393 Objects were scanned with rootkit scan 1 Hidden objects were found
  21. I am installing Avira on my computer right now, and it says "Windows Defender is currently enabled on your system. This can lead to compatibility problems. We therefore recommend that you turn off Windows Defender." Should I do that?
  22. Got it to work in safe mode. -------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER 7.0: scan report Sunday, August 29, 2010 Operating system: Microsoft (build 7600) Kaspersky Online Scanner version: 7.0.26.13 Last database update: Sunday, August 29, 2010 18:44:42 Records in database: 4167612 -------------------------------------------------------------------------------- Scan settings: scan using the following database: extended Scan archives: yes Scan e-mail databases: yes Scan area - My Computer: C:\ D:\ E:\ Scan statistics: Objects scanned: 110939 Threats found: 0 Infected objects found: 0 Suspicious objects found: 0 Scan duration: 01:27:12 No threats found. Scanned area is clean. Selected area has been scanned.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.