Jump to content

Recommended Posts

I've had problem with multiple pop ups and virus like symptoms over the past month. I have tried to restore windows to an earlier date but I still feel something is not quite right.

I ran Malwarebytes it found 5 detections I cleaned them/restarted ran again and no detections. Please let me know if you see anything else that may crop back up.

Thanks!

Attach.txt

DDS.txt

Link to post
Share on other sites

Welcome to the forum.

Please download Farbar Service Scanner and run it on the computer with the issue.

  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update

    [*]Press "Scan".

    [*]It will create a log (FSS.txt) in the same directory the tool is run.

    [*]Please copy and paste the log to your reply.

-------------

Next..........

Please download and run RogueKiller.

Choose 1 to scan the system

Post back the report.

-------------------------

Last.......

Please download OTL from one of the links below:

http://oldtimer.geekstogo.com/OTL.exe

http://oldtimer.geekstogo.com/OTL.com (<---renamed version)

Save it to your desktop.

Double click on the icon on your desktop.

Click the Scan All Users checkbox.

Push the Quick Scan button.

The scan will take about 10 minutes...depends on your hard drive size.

Two reports will open, copy and paste them in a reply here: (or attach them as .txt files)

OTL.txt <-- Will be opened

Extra.txt <-- Will be minimized

MrC

Link to post
Share on other sites

Farbar Service Scanner Version: 18-01-2012 01

Ran by Owner (administrator) on 22-01-2012 at 15:59:35

Microsoft Windows 7 Home Premium Service Pack 1 (X64)

Boot Mode: Normal

****************************************************************

Internet Services:

============

Connection Status:

==============

Localhost is accessible.

LAN connected.

Google IP is accessible.

Yahoo IP is accessible.

Windows Firewall:

=============

Firewall Disabled Policy:

==================

System Restore:

============

SDRSVC Service is not running. Checking service configuration:

The start type of SDRSVC service is OK.

The ImagePath of SDRSVC service is OK.

The ServiceDll of SDRSVC service is OK.

System Restore Disabled Policy:

========================

Security Center:

============

Windows Update:

===========

File Check:

========

C:\Windows\System32\nsisvc.dll => MD5 is legit

C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit

C:\Windows\System32\dhcpcore.dll => MD5 is legit

C:\Windows\System32\drivers\afd.sys => MD5 is legit

C:\Windows\System32\drivers\tdx.sys => MD5 is legit

C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit

C:\Windows\System32\dnsrslvr.dll => MD5 is legit

C:\Windows\System32\mpssvc.dll => MD5 is legit

C:\Windows\System32\bfe.dll => MD5 is legit

C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit

C:\Windows\System32\SDRSVC.dll => MD5 is legit

C:\Windows\System32\vssvc.exe => MD5 is legit

C:\Windows\System32\wscsvc.dll => MD5 is legit

C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit

C:\Windows\System32\wuaueng.dll => MD5 is legit

C:\Windows\System32\qmgr.dll => MD5 is legit

C:\Windows\System32\es.dll => MD5 is legit

C:\Windows\System32\cryptsvc.dll => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

**** End of log ****

RogueKiller V6.2.4 [01/12/2012] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User: Owner [Admin rights]

Mode: Scan -- Date : 01/22/2012 16:02:10

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Registry Entries: 2 ¤¤¤

[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: +++++

--- User ---

[MBR] ccebbf342fa3a1504dce44c271e91838

[bSP] b5a532384acf7ca94ca2c1850921e2da : Windows Vista/7 MBR Code

Partition table:

0 - [ACTIVE] NTFS [VISIBLE] Offset (sectors): 2048 | Size: 208 Mo

1 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 409600 | Size: 299751 Mo

2 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 585861120 | Size: 20002 Mo

3 - [XXXXXX] FAT32 [VISIBLE] Offset (sectors): 624928768 | Size: 108 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[1].txt >>

RKreport[1].txt

OTL logfile created on: 1/22/2012 4:05:11 PM - Run 1

OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Owner\Downloads

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.75 Gb Total Physical Memory | 2.17 Gb Available Physical Memory | 57.85% Memory free

7.49 Gb Paging File | 5.49 Gb Available in Paging File | 73.27% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 279.17 Gb Total Space | 231.24 Gb Free Space | 82.83% Space Free | Partition Type: NTFS

Drive D: | 18.63 Gb Total Space | 2.70 Gb Free Space | 14.50% Space Free | Partition Type: NTFS

Drive F: | 99.34 Mb Total Space | 89.20 Mb Free Space | 89.79% Space Free | Partition Type: FAT32

Computer Name: OWNER-HP | User Name: Owner | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - File not found --

PRC - [2012/01/22 16:04:42 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Downloads\OTL.exe

PRC - [2011/12/17 00:08:59 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

PRC - [2011/12/05 14:17:44 | 024,242,056 | ---- | M] (Dropbox, Inc.) -- C:\Users\Owner\AppData\Roaming\Dropbox\bin\Dropbox.exe

PRC - [2011/05/11 07:22:10 | 022,631,608 | ---- | M] (ooVoo LLC) -- C:\Program Files (x86)\ooVoo\ooVoo.exe

PRC - [2011/04/22 07:21:10 | 000,247,728 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe

PRC - [2011/04/22 07:21:10 | 000,092,592 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

PRC - [2011/04/19 01:44:40 | 001,706,040 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\psi.exe

PRC - [2011/04/19 01:44:40 | 000,993,848 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\psia.exe

PRC - [2011/04/19 01:44:40 | 000,291,896 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\psi_tray.exe

PRC - [2011/03/28 16:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

PRC - [2011/03/21 13:56:16 | 001,230,704 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe

PRC - [2010/11/09 17:16:22 | 000,154,816 | ---- | M] (Zecter Inc.) -- C:\Program Files (x86)\Hewlett-Packard\HP CloudDrive\zumodrive.exe

PRC - [2010/11/09 14:20:36 | 000,586,296 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

PRC - [2010/11/09 14:20:34 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

PRC - [2010/09/29 01:55:32 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe

PRC - [2010/09/14 04:45:56 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

PRC - [2010/09/14 04:45:44 | 000,508,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

PRC - [2010/09/11 03:02:22 | 000,399,344 | ---- | M] (Roxio) -- C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe

PRC - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

========== Modules (No Company Name) ==========

MOD - [2012/01/20 23:59:46 | 000,379,904 | ---- | M] () -- C:\Users\Owner\AppData\Local\Temp\libsqlitejdbc-3761613361462362228.lib

MOD - [2012/01/20 23:59:33 | 000,199,168 | ---- | M] () -- C:\Users\Owner\AppData\Local\Temp\WindowsAPI.dll8883638562231704896.lib

MOD - [2012/01/20 23:29:58 | 000,397,824 | ---- | M] () -- C:\Program Files (x86)\Secunia\PSI\psires.dll

MOD - [2012/01/20 23:04:50 | 006,276,768 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

MOD - [2011/12/17 00:08:59 | 002,124,760 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

MOD - [2011/03/21 13:57:34 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll

MOD - [2011/03/21 13:56:16 | 001,230,704 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/04/27 16:21:18 | 000,288,272 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)

SRV:64bit: - [2011/04/27 16:21:18 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)

SRV:64bit: - [2010/09/30 01:49:20 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)

SRV:64bit: - [2010/08/05 21:51:08 | 000,291,896 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)

SRV:64bit: - [2010/07/21 16:33:00 | 000,103,992 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe -- (HP Wireless Assistant Service)

SRV:64bit: - [2010/06/24 17:24:12 | 000,315,392 | ---- | M] (Realtek Semiconductor Corp.) [Auto | Running] -- C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe -- (RtVOsdService)

SRV:64bit: - [2009/11/17 21:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)

SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV - [2011/06/21 14:57:34 | 000,085,560 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe -- (HP Support Assistant Service)

SRV - [2011/04/22 07:21:10 | 000,092,592 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)

SRV - [2011/04/19 01:44:40 | 000,993,848 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe -- (Secunia PSI Agent)

SRV - [2011/04/19 01:44:40 | 000,399,416 | ---- | M] (Secunia) [Auto | Stopped] -- C:\Program Files (x86)\Secunia\PSI\sua.exe -- (Secunia Update Agent)

SRV - [2011/03/28 16:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)

SRV - [2010/11/09 14:20:34 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)

SRV - [2010/09/14 04:45:56 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)

SRV - [2010/09/14 04:45:44 | 000,508,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)

SRV - [2010/09/11 03:02:22 | 000,399,344 | ---- | M] (Roxio) [Auto | Running] -- C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe -- (RoxioNow Service)

SRV - [2010/06/18 20:59:12 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)

SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/06/10 06:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)

DRV:64bit: - [2011/04/27 14:25:24 | 000,084,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)

DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2010/11/20 04:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2010/11/20 02:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV:64bit: - [2010/11/20 00:37:44 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)

DRV:64bit: - [2010/09/30 03:51:14 | 007,767,552 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)

DRV:64bit: - [2010/09/30 01:13:38 | 000,279,040 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)

DRV:64bit: - [2010/09/29 01:55:54 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)

DRV:64bit: - [2010/09/14 04:45:52 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)

DRV:64bit: - [2010/09/14 04:45:50 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)

DRV:64bit: - [2010/09/14 04:45:48 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)

DRV:64bit: - [2010/09/14 04:45:44 | 000,760,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)

DRV:64bit: - [2010/09/13 13:00:08 | 001,390,640 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)

DRV:64bit: - [2010/09/02 00:52:50 | 003,065,408 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)

DRV:64bit: - [2010/09/01 03:30:58 | 000,017,976 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\psi_mf.sys -- (PSI)

DRV:64bit: - [2010/06/17 08:15:36 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie64.sys -- (AtiPcie) AMD PCI Express (3GIO)

DRV:64bit: - [2010/05/14 21:04:16 | 000,073,856 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)

DRV:64bit: - [2010/05/14 21:04:16 | 000,028,800 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)

DRV:64bit: - [2010/05/07 14:19:58 | 000,245,792 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)

DRV:64bit: - [2010/05/06 08:21:46 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)

DRV:64bit: - [2010/04/29 08:43:20 | 000,038,528 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)

DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009/06/10 16:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)

DRV:64bit: - [2009/06/10 16:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)

DRV:64bit: - [2009/06/10 16:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)

DRV:64bit: - [2009/06/10 15:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)

DRV:64bit: - [2009/06/10 15:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)

DRV:64bit: - [2009/06/10 15:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel®

DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2801566047-643987979-85891851-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1

IE - HKU\S-1-5-21-2801566047-643987979-85891851-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1

IE - HKU\S-1-5-21-2801566047-643987979-85891851-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..network.proxy.type: 0

FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: File not found

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@photoproduct.rocketlife.com/RocketLife App Viewer;version=0.8: File not found

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\FFExt\virtualKeyboard@kaspersky.ru

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\FFExt\linkfilter@kaspersky.ru

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/01/20 23:45:05 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/01/20 23:28:18 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/01/20 23:58:34 | 000,000,000 | ---D | M]

[2011/08/20 14:26:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Extensions

[2011/08/20 14:26:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com

[2012/01/11 18:28:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\bc0xqit7.default\extensions

[2012/01/20 23:53:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

[2012/01/20 23:45:16 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

[2012/01/20 23:53:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}

[2012/01/20 23:45:16 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak

() (No name found) -- C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BC0XQIT7.DEFAULT\EXTENSIONS\{7F57CF46-4467-4C2D-ADFA-0CBA7C507E54}.XPI

() (No name found) -- C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BC0XQIT7.DEFAULT\EXTENSIONS\{E968FC70-8F95-4AB9-9E79-304DE2A71EE1}.XPI

[2011/12/17 00:09:01 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll

[2012/01/20 23:53:32 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll

[2011/12/16 20:38:42 | 000,001,538 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-en-GB.xml

[2011/12/24 17:09:19 | 000,003,747 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml

[2011/12/16 20:25:53 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

[2011/12/16 20:38:42 | 000,000,947 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\chambers-en-GB.xml

[2011/12/16 20:38:42 | 000,001,180 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-en-GB.xml

[2011/12/16 20:38:42 | 000,001,135 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O2:64bit: - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found

O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)

O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O2 - BHO: (no name) - MRI_DISABLED - No CLSID value found.

O4:64bit: - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe ()

O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)

O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)

O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()

O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)

O4 - HKLM..\Run: [startCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKLM..\Run: [ZumoDrive] C:\Program Files (x86)\Hewlett-Packard\HP CloudDrive\ZumoLauncher.lnk ()

O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-2801566047-643987979-85891851-1000..\Run: [ooVoo.exe] C:\Program Files (x86)\ooVoo\oovoo.exe (ooVoo LLC)

O4 - HKU\S-1-5-21-2801566047-643987979-85891851-1000..\Run: [TomTomHOME.exe] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)

O4 - HKU\S-1-5-21-2801566047-643987979-85891851-1000..\Run: [ZumoDrive] C:\Program Files (x86)\Hewlett-Packard\HP CloudDrive\ZumoLauncher.lnk ()

O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O4 - Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Owner\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O7 - HKU\S-1-5-21-2801566047-643987979-85891851-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1

O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8D765335-68A9-47DB-9819-6D4F1ADF69C9}: DhcpNameServer = 192.168.0.1

O18:64bit: - Protocol\Handler\livecall - No CLSID value found

O18:64bit: - Protocol\Handler\msnim - No CLSID value found

O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found

O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found

O18:64bit: - Protocol\Handler\wlpg - No CLSID value found

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/01/22 16:02:01 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\RK_Quarantine

[2012/01/20 23:54:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java

[2012/01/20 23:53:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java

[2012/01/20 23:19:19 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Visan

[2012/01/20 23:19:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Visan

[2012/01/20 23:09:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe

[2012/01/20 21:03:50 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Malwarebytes

[2012/01/20 21:03:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2012/01/20 21:03:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2012/01/20 21:03:31 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[2012/01/20 21:03:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware

[2011/12/28 18:36:10 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{517DD7FF-20E6-4A05-92CB-E262549D8467}

[2011/12/24 17:09:30 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Secure Search

[2011/12/24 17:09:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVG Secure Search

[2011/12/24 17:09:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG Secure Search

[2011/12/24 17:09:17 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files

[2011/12/24 17:07:41 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2012

[2011/12/24 17:07:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG

[2011/12/24 16:17:36 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData

[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/01/22 16:07:00 | 000,000,324 | ---- | M] () -- C:\Windows\tasks\HP Photo Creations Communicator.job

[2012/01/22 15:59:28 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForOwner.job

[2012/01/22 15:59:15 | 000,730,706 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2012/01/22 15:59:15 | 000,626,964 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2012/01/22 15:59:15 | 000,107,950 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2012/01/22 15:57:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2012/01/21 00:14:38 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2012/01/21 00:14:38 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2012/01/20 23:58:35 | 3015,888,896 | -HS- | M] () -- C:\hiberfil.sys

[2012/01/20 23:54:36 | 001,049,314 | ---- | M] () -- C:\Windows\SysNative\oem14.inf

[2012/01/20 23:28:20 | 000,001,130 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

[2012/01/20 23:09:17 | 000,002,014 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk

[2012/01/20 22:21:07 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForOWNER-HP$.job

[2012/01/05 20:08:33 | 000,005,632 | ---- | M] () -- C:\Users\Owner\Desktop\Report.csv

[2011/12/24 16:12:48 | 000,285,448 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2011/12/24 15:59:17 | 000,008,656 | -HS- | M] () -- C:\Users\Owner\AppData\Local\230276g6x323v423g161f3avq0c1

[2011/12/24 15:59:17 | 000,008,656 | -HS- | M] () -- C:\ProgramData\230276g6x323v423g161f3avq0c1

[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/01/20 23:28:20 | 000,001,130 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

[2012/01/20 23:19:07 | 000,000,324 | ---- | C] () -- C:\Windows\tasks\HP Photo Creations Communicator.job

[2012/01/20 23:09:17 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk

[2012/01/20 23:09:17 | 000,002,014 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk

[2012/01/05 20:08:33 | 000,005,632 | ---- | C] () -- C:\Users\Owner\Desktop\Report.csv

[2011/12/24 15:45:00 | 000,008,656 | -HS- | C] () -- C:\Users\Owner\AppData\Local\230276g6x323v423g161f3avq0c1

[2011/12/24 15:45:00 | 000,008,656 | -HS- | C] () -- C:\ProgramData\230276g6x323v423g161f3avq0c1

[2011/06/29 18:23:35 | 000,000,017 | ---- | C] () -- C:\Windows\SysWow64\shortcut_ex.dat

[2011/05/14 10:51:43 | 000,747,002 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2011/04/06 03:43:05 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

[2011/04/06 03:35:57 | 000,000,268 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog2.ini

[2011/04/06 03:35:57 | 000,000,209 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog.ini

[2010/10/20 01:44:40 | 000,000,188 | ---- | C] () -- C:\Windows\SysWow64\HPWA.ini

[2010/09/21 12:30:44 | 000,007,736 | ---- | C] () -- C:\Windows\hpDSTRES.DLL

[2010/06/15 21:28:54 | 000,002,857 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat

[2009/07/14 00:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat

[2009/07/13 21:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT

[2009/07/13 21:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat

[2009/07/13 19:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll

[2009/07/13 16:59:36 | 001,498,564 | ---- | C] () -- C:\Windows\SysWow64\igkrng400.bin

[2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

[2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== LOP Check ==========

[2012/01/20 23:59:39 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Dropbox

[2012/01/20 23:51:12 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\MechCAD

[2011/05/14 10:21:07 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\ooVoo Details

[2012/01/20 23:46:08 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\PictureMover

[2012/01/20 23:46:08 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\SoftGrid Client

[2012/01/20 23:46:08 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\StreamTorrent

[2012/01/20 23:46:08 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\TomTom

[2011/05/14 10:52:32 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\TP

[2012/01/20 23:19:19 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Visan

[2011/06/28 20:27:46 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Windows Live Writer

[2012/01/20 23:59:47 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\ZumoDrive

[2009/07/14 00:08:49 | 000,010,386 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

< End of report >

OTL Extras logfile created on: 1/22/2012 4:05:11 PM - Run 1

OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Owner\Downloads

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.75 Gb Total Physical Memory | 2.17 Gb Available Physical Memory | 57.85% Memory free

7.49 Gb Paging File | 5.49 Gb Available in Paging File | 73.27% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 279.17 Gb Total Space | 231.24 Gb Free Space | 82.83% Space Free | Partition Type: NTFS

Drive D: | 18.63 Gb Total Space | 2.70 Gb Free Space | 14.50% Space Free | Partition Type: NTFS

Drive F: | 99.34 Mb Total Space | 89.20 Mb Free Space | 89.79% Space Free | Partition Type: FAT32

Computer Name: OWNER-HP | User Name: Owner | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2801566047-643987979-85891851-1000\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- Reg Error: Key error.

htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- Reg Error: Key error.

htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

========== Authorized Applications List ==========

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware

"{091A0130-A82F-4A6D-9C61-3BBBB3289030}" = RtVOsd

"{13DCC2C7-454D-42F0-A892-E0E9A5DE4E67}" = HP Wireless Assistant

"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant

"{2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}" = HP Client Services

"{28FA742C-DC52-9804-7116-E198E0AEFAE4}" = ATI Catalyst Install Manager

"{2D7B64F7-E9A3-C49B-9CEA-C4FE05F887E9}" = ccc-utility64

"{42738DB0-FC3E-4672-A99B-9372F5696E30}" = Microsoft Security Client

"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector

"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570

"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010

"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting

"{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}" = HP Auto

"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter

"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile

"Broadcom 802.11 Wireless LAN Adapter" = Broadcom 802.11 Wireless LAN Adapter

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft Security Client" = Microsoft Security Essentials

"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam

"{078BE4C5-D0AA-5AD1-6195-D4E9FB7CA8F7}" = CCC Help Greek

"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{0EDEB615-1A60-425E-8306-0E10519C7B55}" = RoxioNow Player

"{120262A6-7A4B-4889-AE85-F5E5688D3683}" = HP MovieStore

"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker

"{19D87B80-626A-B57F-37F2-30329A5FA056}" = CCC Help Korean

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update

"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{21C887C2-008E-0610-96F8-74AB3AF22784}" = CCC Help Chinese Standard

"{264FE20A-757B-492a-B0C3-4009E2997D8A}" = PictureMover

"{26A24AE4-039D-4CA4-87B4-2F83216029FF}" = Java 6 Update 29

"{274AE2D3-08C1-4F5C-9A56-C675345D6DE2}" = HP Documentation

"{28639B03-FEF0-06B0-72AE-4DC2F5FE7197}" = Catalyst Control Center Graphics Previews Common

"{2A435018-6957-76A6-36A6-FB34F4EF5F6D}" = CCC Help Turkish

"{330A754C-2B53-0C5F-057F-283EC9D01D5A}" = CCC Help Japanese

"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery

"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery

"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Windows 7

"{3EB4E1B3-5C51-D460-D305-9077DA4711B7}" = CCC Help French

"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go

"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager

"{489A887E-1F33-2DB8-B856-291B6729D832}" = CCC Help Dutch

"{491ADA37-04EE-2ECE-9F86-DDC0106047AC}" = Times Reader

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform

"{4F649712-FA36-502C-B26B-88A9D091E1DF}" = CCC Help Finnish

"{504CC891-B140-4E1B-860B-5E4C1DFBA9E3}" = Blio

"{52DE3AF0-1C26-4258-9A04-9AEBF3E145F7}" = Catalyst Control Center - Branding

"{53469506-A37E-4314-A9D9-38724EC23A75}" = HP Setup

"{5535B1B7-AB06-2922-C3F6-DEDA4E823903}" = CCC Help Italian

"{5A19A119-86B6-FD94-7479-7A4AED4F2D82}" = Catalyst Control Center Graphics Previews Vista

"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053

"{5F479D0A-ABB5-DE85-2C6A-92566C7FB813}" = CCC Help Polish

"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{6863508E-00B6-34DF-31FA-DD8D57E8CEE0}" = CCC Help Thai

"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack

"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.1.0

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{7A0AAE7D-BEED-DD34-58EA-304DAC2EF7B6}" = CCC Help Norwegian

"{7B939E98-D099-5172-FF4C-673B96ED3D13}" = CCC Help Portuguese

"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger

"{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow

"{8337F301-A848-71AC-4699-51B5153085EE}" = CCC Help German

"{84160DF4-D1B0-428F-EFE7-4CA2E14B5CD2}" = Catalyst Control Center Localization All

"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7

"{89EBB60F-5F24-2153-AEF2-F7E33B2DD8DB}" = CCC Help Russian

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{8EFD09A6-E374-8519-68A9-A3F7383C29AA}" = CCC Help Hungarian

"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules

"{9008D736-35CA-40DB-A2BE-5F32D954E5AA}" = HP MovieStore

"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English

"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker

"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010

"{95140000-00AF-0409-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer

"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader

"{97174E88-52F9-445A-A28E-704A45332D19}" = HP Software Framework

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail

"{A2C23ED8-6C37-F32D-3108-3E91BEDEDCA8}" = CCC Help Swedish

"{A47B6CB9-E31C-B471-75FF-F42236292750}" = CCC Help Spanish

"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer

"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer

"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer

"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.0

"{AE856388-AFAD-4753-81DF-D96B19D0A17C}" = HP Setup Manager

"{AF306BD8-F9D1-4627-89B9-246E59074A05}" = HP Power Manager

"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars

"{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}" = Energy Star Digital Logo

"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint

"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail

"{CA43FE4F-9FF2-4AD7-88F0-CC3BAC17B226}" = HP Support Assistant

"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector

"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86

"{CE081CB8-1970-88F1-A4D8-FC435D2E86C1}" = ccc-core-static

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64

"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!

"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}" = Skype™ 5.3

"{D9DB57B7-7C15-596C-6D5B-4CF06CF98E41}" = CCC Help English

"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime

"{E599494B-C668-E1C7-09A4-76A33BDC03F6}" = CCC Help Czech

"{E68A38AA-A1B2-114E-19FA-F07D54683077}" = Catalyst Control Center InstallProxy

"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger

"{EB58480C-0721-483C-B354-9D35A147999F}" = HP Quick Launch

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F12B4E57-D702-E193-E8AF-C93EDB8DF63E}" = CCC Help Chinese Traditional

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}" = ooVoo

"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables

"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR

"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials

"{FE0E7A1C-68C3-99E1-A5DD-0749CFAB7AB9}" = CCC Help Danish

"AceMoney Lite_is1" = AceMoney Lite

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"com.nyt.timesreader.78C54164786ADE80CB31E1C5D95607D0938C987A.1" = Times Reader

"DivX Setup.divx.com" = DivX Setup

"HP Photo Creations" = HP Photo Creations

"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam

"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite

"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go

"InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow

"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9

"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint

"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector

"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.0.1800

"Mozilla Firefox 9.0 (x86 en-GB)" = Mozilla Firefox 9.0 (x86 en-GB)

"My HP Game Console" = HP Game Console

"Office14.Click2Run" = Microsoft Office Click-to-Run 2010

"Secunia PSI" = Secunia PSI (2.0.0.3003)

"TomTom HOME" = TomTom HOME 2.8.2.2264

"WildTangent hp Master Uninstall" = HP Games

"WinLiveSuite" = Windows Live Essentials

"WT087328" = Blackhawk Striker 2

"WT087330" = Bounce Symphony

"WT087335" = Build-a-lot 2

"WT087343" = Dora's World Adventure

"WT087360" = Escape Rosecliff Island

"WT087361" = FATE

"WT087362" = Final Drive Nitro

"WT087372" = Heroes of Hellas 2 - Olympia

"WT087379" = Jewel Quest Solitaire 2

"WT087394" = Penguins!

"WT087395" = Poker Superstars III

"WT087396" = Polar Bowler

"WT087397" = Polar Golfer

"WT087414" = Virtual Families

"WT087415" = Wheel of Fortune 2

"WT087428" = Bejeweled 2 Deluxe

"WT087453" = Chuzzle Deluxe

"WT087501" = Plants vs. Zombies

"WT087533" = Zuma Deluxe

"WT087536" = Diner Dash 2 Restaurant Rescue

"WT089299" = Mystery P.I. - The London Caper

"WT089307" = Virtual Villagers 4 - The Tree of Life

"WT089308" = Blasterball 3

"WT089328" = Farm Frenzy

"WT089359" = Cake Mania

"WT089362" = Agatha Christie - Peril at End House

"ZumoDrive" = HP CloudDrive

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2801566047-643987979-85891851-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Dropbox" = Dropbox

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

Link to post
Share on other sites

At some point, please update your Java:

Java™ 6 Update 29<-----should be 30

Go to your control panel > Java > update

-------------------------------------------------------------------

Please do this:

Run OTL

  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
    O2 - BHO: (no name) - MRI_DISABLED - No CLSID value found.
    O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
    O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
    [2011/12/24 15:59:17 | 000,008,656 | -HS- | M] () -- C:\Users\Owner\AppData\Local\230276g6x323v423g161f3avq0c1
    [2011/12/24 15:59:17 | 000,008,656 | -HS- | M] () -- C:\ProgramData\230276g6x323v423g161f3avq0c1
    :Commands
    [emptytemp]


  • Then click the Run Fix button at the top
  • Let the program run unhindered, when done it will say "Fix Complete press ok to open the log"
  • Please post that log in your next reply. Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTL\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.

MrC

Link to post
Share on other sites

All processes killed

========== OTL ==========

64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\MRI_DISABLED\ deleted successfully.

Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.

Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.

C:\Users\Owner\AppData\Local\230276g6x323v423g161f3avq0c1 moved successfully.

C:\ProgramData\230276g6x323v423g161f3avq0c1 moved successfully.

========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

->Flash cache emptied: 56468 bytes

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

->Flash cache emptied: 0 bytes

User: Owner

->Temp folder emptied: 492044456 bytes

->Temporary Internet Files folder emptied: 165256188 bytes

->Java cache emptied: 92272 bytes

->FireFox cache emptied: 193576976 bytes

->Flash cache emptied: 62417 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32 (64bit) .tmp files removed: 3986744 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 113828877 bytes

%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50467 bytes

%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 749 bytes

RecycleBin emptied: 1249113357 bytes

Total Files Cleaned = 2,115.00 mb

OTL by OldTimer - Version 3.2.31.0 log created on 01232012_200553

Files\Folders moved on Reboot...

C:\Users\Owner\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...

Link to post
Share on other sites

Not much showing so far.

Please run a free online scan with the ESET Online Scanner

Note: You will need to use Internet Explorer for this scan.

http://www.eset.eu/online-scanner

Tick the box next to YES, I accept the Terms of Use.

Click Start

When asked, allow the ActiveX control to install

Click Start

Make sure that the options Remove found threats and the option Scan unwanted applications is unchecked

Click Scan

Wait for the scan to finish

Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt

Copy and paste that log as a reply to this topic

MrC

Link to post
Share on other sites

Everything appears to be fine and this log seems ok from what I can tell. Thanks for helping! Hope I'm in the clear.

ESETSmartInstaller@High as downloader log:

all ok

# version=7

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.6583

# api_version=3.0.2

# EOSSerial=9e4063a7e4a184469152bf8286433286

# end=finished

# remove_checked=false

# archives_checked=false

# unwanted_checked=false

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2012-01-24 11:47:13

# local_time=2012-01-24 06:47:13 (-0500, Eastern Standard Time)

# country="United States"

# lang=1033

# osver=6.1.7601 NT Service Pack 1

# compatibility_mode=5893 16776574 100 94 0 78914378 0 0

# compatibility_mode=8192 67108863 100 0 0 0 0 0

# scanned=154512

# found=0

# cleaned=0

# scan_time=77926

Link to post
Share on other sites

Just run one last program:

Please download and run TDSSKiller as outlined in the post below:

http://forums.malwar...howtopic=104821

If a suspicious object is detected, the default action will be Skip, click on Continue

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

Post back the log, MrC

Link to post
Share on other sites

19:14:06.0564 5648 TDSS rootkit removing tool 2.7.7.0 Jan 24 2012 16:44:27

19:14:06.0912 5648 ============================================================

19:14:06.0912 5648 Current date / time: 2012/01/25 19:14:06.0912

19:14:06.0912 5648 SystemInfo:

19:14:06.0912 5648

19:14:06.0912 5648 OS Version: 6.1.7601 ServicePack: 1.0

19:14:06.0912 5648 Product type: Workstation

19:14:06.0912 5648 ComputerName: OWNER-HP

19:14:06.0912 5648 UserName: Owner

19:14:06.0912 5648 Windows directory: C:\Windows

19:14:06.0912 5648 System windows directory: C:\Windows

19:14:06.0912 5648 Running under WOW64

19:14:06.0912 5648 Processor architecture: Intel x64

19:14:06.0913 5648 Number of processors: 2

19:14:06.0913 5648 Page size: 0x1000

19:14:06.0913 5648 Boot type: Normal boot

19:14:06.0913 5648 ============================================================

19:14:08.0589 5648 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

19:14:08.0692 5648 Initialize success

19:14:33.0053 5248 ============================================================

19:14:33.0053 5248 Scan started

19:14:33.0053 5248 Mode: Manual; SigCheck; TDLFS;

19:14:33.0053 5248 ============================================================

19:14:34.0250 5248 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys

19:14:34.0384 5248 1394ohci - ok

19:14:34.0515 5248 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys

19:14:34.0557 5248 ACPI - ok

19:14:34.0702 5248 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys

19:14:34.0828 5248 AcpiPmi - ok

19:14:34.0998 5248 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

19:14:35.0049 5248 adp94xx - ok

19:14:35.0187 5248 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

19:14:35.0230 5248 adpahci - ok

19:14:35.0367 5248 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

19:14:35.0414 5248 adpu320 - ok

19:14:35.0587 5248 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys

19:14:35.0646 5248 AFD - ok

19:14:35.0768 5248 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys

19:14:35.0799 5248 agp440 - ok

19:14:35.0926 5248 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys

19:14:35.0967 5248 aliide - ok

19:14:36.0133 5248 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys

19:14:36.0160 5248 amdide - ok

19:14:36.0290 5248 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

19:14:36.0375 5248 AmdK8 - ok

19:14:36.0983 5248 amdkmdag (2e76d0a912ab09ca5586ab23e466a25f) C:\Windows\system32\DRIVERS\atikmdag.sys

19:14:37.0317 5248 amdkmdag - ok

19:14:37.0472 5248 amdkmdap (dd3c0c1b62da0736482501c4bcdcd1f8) C:\Windows\system32\DRIVERS\atikmpag.sys

19:14:37.0565 5248 amdkmdap - ok

19:14:37.0683 5248 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

19:14:37.0765 5248 AmdPPM - ok

19:14:37.0882 5248 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys

19:14:37.0918 5248 amdsata - ok

19:14:38.0045 5248 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

19:14:38.0073 5248 amdsbs - ok

19:14:38.0214 5248 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys

19:14:38.0252 5248 amdxata - ok

19:14:38.0350 5248 amd_sata (08e8a4172c57abd7693a6915cf1e7a99) C:\Windows\system32\DRIVERS\amd_sata.sys

19:14:38.0415 5248 amd_sata - ok

19:14:38.0516 5248 amd_xata (9866af4e4ad7f16e810b6c0b8473f9cd) C:\Windows\system32\DRIVERS\amd_xata.sys

19:14:38.0563 5248 amd_xata - ok

19:14:38.0718 5248 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys

19:14:39.0000 5248 AppID - ok

19:14:39.0141 5248 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

19:14:39.0181 5248 arc - ok

19:14:39.0305 5248 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

19:14:39.0352 5248 arcsas - ok

19:14:39.0510 5248 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

19:14:39.0706 5248 AsyncMac - ok

19:14:39.0827 5248 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys

19:14:39.0865 5248 atapi - ok

19:14:40.0059 5248 AtiHdmiService (2d648572ba9a610952fcafba1e119c2d) C:\Windows\system32\drivers\AtiHdmi.sys

19:14:40.0105 5248 AtiHdmiService - ok

19:14:40.0238 5248 AtiPcie (e82e61f46d1336447f4deff8c074f13e) C:\Windows\system32\DRIVERS\AtiPcie64.sys

19:14:40.0275 5248 AtiPcie - ok

19:14:40.0429 5248 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

19:14:40.0532 5248 b06bdrv - ok

19:14:40.0654 5248 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

19:14:40.0712 5248 b57nd60a - ok

19:14:40.0980 5248 BCM43XX (0e7a9264576b40638a3fbc804de1ff76) C:\Windows\system32\DRIVERS\bcmwl664.sys

19:14:41.0114 5248 BCM43XX - ok

19:14:41.0224 5248 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

19:14:41.0335 5248 Beep - ok

19:14:41.0477 5248 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

19:14:41.0519 5248 blbdrive - ok

19:14:41.0653 5248 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys

19:14:41.0734 5248 bowser - ok

19:14:41.0864 5248 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

19:14:42.0232 5248 BrFiltLo - ok

19:14:42.0331 5248 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

19:14:42.0379 5248 BrFiltUp - ok

19:14:42.0504 5248 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

19:14:42.0645 5248 Brserid - ok

19:14:42.0733 5248 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

19:14:42.0806 5248 BrSerWdm - ok

19:14:42.0931 5248 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

19:14:43.0010 5248 BrUsbMdm - ok

19:14:43.0120 5248 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

19:14:43.0194 5248 BrUsbSer - ok

19:14:43.0319 5248 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

19:14:43.0403 5248 BTHMODEM - ok

19:14:43.0541 5248 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

19:14:43.0637 5248 cdfs - ok

19:14:43.0762 5248 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys

19:14:43.0852 5248 cdrom - ok

19:14:43.0982 5248 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

19:14:44.0060 5248 circlass - ok

19:14:44.0150 5248 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

19:14:44.0196 5248 CLFS - ok

19:14:44.0373 5248 clwvd (50f92c943f18b070f166d019dfab3d9a) C:\Windows\system32\DRIVERS\clwvd.sys

19:14:44.0429 5248 clwvd - ok

19:14:44.0557 5248 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

19:14:44.0629 5248 CmBatt - ok

19:14:44.0744 5248 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys

19:14:44.0785 5248 cmdide - ok

19:14:44.0903 5248 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys

19:14:44.0976 5248 CNG - ok

19:14:45.0121 5248 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

19:14:45.0166 5248 Compbatt - ok

19:14:45.0291 5248 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys

19:14:45.0366 5248 CompositeBus - ok

19:14:45.0479 5248 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

19:14:45.0518 5248 crcdisk - ok

19:14:45.0679 5248 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys

19:14:45.0780 5248 DfsC - ok

19:14:45.0893 5248 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

19:14:45.0947 5248 discache - ok

19:14:46.0075 5248 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

19:14:46.0116 5248 Disk - ok

19:14:46.0255 5248 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

19:14:46.0301 5248 drmkaud - ok

19:14:46.0439 5248 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys

19:14:46.0499 5248 DXGKrnl - ok

19:14:46.0698 5248 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

19:14:46.0826 5248 ebdrv - ok

19:14:46.0974 5248 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

19:14:47.0031 5248 elxstor - ok

19:14:47.0127 5248 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys

19:14:47.0208 5248 ErrDev - ok

19:14:47.0520 5248 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

19:14:47.0623 5248 exfat - ok

19:14:47.0729 5248 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

19:14:47.0866 5248 fastfat - ok

19:14:47.0989 5248 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

19:14:48.0051 5248 fdc - ok

19:14:48.0160 5248 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

19:14:48.0209 5248 FileInfo - ok

19:14:48.0307 5248 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

19:14:48.0428 5248 Filetrace - ok

19:14:48.0537 5248 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

19:14:48.0579 5248 flpydisk - ok

19:14:48.0720 5248 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys

19:14:48.0775 5248 FltMgr - ok

19:14:48.0900 5248 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

19:14:48.0941 5248 FsDepends - ok

19:14:49.0035 5248 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys

19:14:49.0077 5248 Fs_Rec - ok

19:14:49.0193 5248 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys

19:14:49.0252 5248 fvevol - ok

19:14:49.0379 5248 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

19:14:49.0413 5248 gagp30kx - ok

19:14:49.0538 5248 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

19:14:49.0621 5248 hcw85cir - ok

19:14:49.0759 5248 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys

19:14:49.0840 5248 HdAudAddService - ok

19:14:49.0952 5248 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys

19:14:50.0059 5248 HDAudBus - ok

19:14:50.0158 5248 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

19:14:50.0238 5248 HidBatt - ok

19:14:50.0345 5248 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

19:14:50.0433 5248 HidBth - ok

19:14:50.0544 5248 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

19:14:50.0630 5248 HidIr - ok

19:14:50.0763 5248 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys

19:14:50.0822 5248 HidUsb - ok

19:14:51.0007 5248 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys

19:14:51.0049 5248 HpSAMD - ok

19:14:51.0203 5248 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys

19:14:51.0357 5248 HTTP - ok

19:14:51.0461 5248 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys

19:14:51.0499 5248 hwpolicy - ok

19:14:51.0638 5248 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys

19:14:51.0687 5248 i8042prt - ok

19:14:51.0827 5248 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys

19:14:51.0878 5248 iaStorV - ok

19:14:52.0134 5248 igfx (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys

19:14:52.0473 5248 igfx - ok

19:14:52.0699 5248 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

19:14:52.0721 5248 iirsp - ok

19:14:52.0871 5248 IntcAzAudAddService (d311e2dd59a34079d89c249b2a4d9fdb) C:\Windows\system32\drivers\RTKVHD64.sys

19:14:52.0934 5248 IntcAzAudAddService - ok

19:14:53.0029 5248 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys

19:14:53.0064 5248 intelide - ok

19:14:53.0187 5248 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

19:14:53.0247 5248 intelppm - ok

19:14:53.0358 5248 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys

19:14:53.0472 5248 IpFilterDriver - ok

19:14:53.0584 5248 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys

19:14:53.0664 5248 IPMIDRV - ok

19:14:53.0777 5248 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

19:14:53.0874 5248 IPNAT - ok

19:14:53.0981 5248 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

19:14:54.0074 5248 IRENUM - ok

19:14:54.0196 5248 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys

19:14:54.0235 5248 isapnp - ok

19:14:54.0352 5248 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys

19:14:54.0400 5248 iScsiPrt - ok

19:14:54.0528 5248 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys

19:14:54.0572 5248 kbdclass - ok

19:14:54.0711 5248 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys

19:14:54.0778 5248 kbdhid - ok

19:14:54.0880 5248 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys

19:14:54.0910 5248 KSecDD - ok

19:14:55.0010 5248 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys

19:14:55.0060 5248 KSecPkg - ok

19:14:55.0188 5248 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

19:14:55.0276 5248 ksthunk - ok

19:14:55.0427 5248 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

19:14:55.0495 5248 lltdio - ok

19:14:55.0640 5248 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

19:14:55.0678 5248 LSI_FC - ok

19:14:55.0796 5248 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

19:14:55.0831 5248 LSI_SAS - ok

19:14:55.0954 5248 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

19:14:56.0000 5248 LSI_SAS2 - ok

19:14:56.0114 5248 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

19:14:56.0140 5248 LSI_SCSI - ok

19:14:56.0265 5248 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

19:14:56.0351 5248 luafv - ok

19:14:56.0466 5248 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

19:14:56.0512 5248 megasas - ok

19:14:56.0631 5248 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

19:14:56.0664 5248 MegaSR - ok

19:14:56.0780 5248 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

19:14:56.0840 5248 Modem - ok

19:14:56.0954 5248 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

19:14:57.0020 5248 monitor - ok

19:14:57.0137 5248 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

19:14:57.0154 5248 mouclass - ok

19:14:57.0287 5248 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

19:14:57.0356 5248 mouhid - ok

19:14:57.0464 5248 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys

19:14:57.0512 5248 mountmgr - ok

19:14:57.0717 5248 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys

19:14:57.0780 5248 MpFilter - ok

19:14:57.0887 5248 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys

19:14:57.0919 5248 mpio - ok

19:14:58.0055 5248 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys

19:14:58.0097 5248 MpNWMon - ok

19:14:58.0190 5248 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

19:14:58.0313 5248 mpsdrv - ok

19:14:58.0422 5248 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys

19:14:58.0541 5248 MRxDAV - ok

19:14:58.0685 5248 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys

19:14:58.0766 5248 mrxsmb - ok

19:14:58.0877 5248 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys

19:14:58.0931 5248 mrxsmb10 - ok

19:14:59.0046 5248 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

19:14:59.0070 5248 mrxsmb20 - ok

19:14:59.0171 5248 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys

19:14:59.0217 5248 msahci - ok

19:14:59.0319 5248 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys

19:14:59.0356 5248 msdsm - ok

19:14:59.0464 5248 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

19:14:59.0552 5248 Msfs - ok

19:14:59.0662 5248 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

19:14:59.0786 5248 mshidkmdf - ok

19:14:59.0911 5248 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys

19:14:59.0961 5248 msisadrv - ok

19:15:00.0121 5248 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

19:15:00.0232 5248 MSKSSRV - ok

19:15:00.0365 5248 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

19:15:00.0483 5248 MSPCLOCK - ok

19:15:00.0621 5248 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

19:15:00.0732 5248 MSPQM - ok

19:15:00.0840 5248 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys

19:15:00.0869 5248 MsRPC - ok

19:15:00.0975 5248 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys

19:15:00.0995 5248 mssmbios - ok

19:15:01.0119 5248 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

19:15:01.0174 5248 MSTEE - ok

19:15:01.0268 5248 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

19:15:01.0317 5248 MTConfig - ok

19:15:01.0438 5248 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

19:15:01.0456 5248 Mup - ok

19:15:01.0600 5248 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

19:15:01.0645 5248 NativeWifiP - ok

19:15:01.0792 5248 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys

19:15:01.0836 5248 NDIS - ok

19:15:01.0954 5248 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

19:15:02.0044 5248 NdisCap - ok

19:15:02.0176 5248 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

19:15:02.0230 5248 NdisTapi - ok

19:15:02.0355 5248 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys

19:15:02.0445 5248 Ndisuio - ok

19:15:02.0557 5248 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys

19:15:02.0638 5248 NdisWan - ok

19:15:02.0738 5248 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys

19:15:02.0835 5248 NDProxy - ok

19:15:02.0952 5248 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

19:15:03.0059 5248 NetBIOS - ok

19:15:03.0169 5248 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys

19:15:03.0262 5248 NetBT - ok

19:15:03.0539 5248 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys

19:15:03.0768 5248 netw5v64 - ok

19:15:03.0895 5248 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

19:15:03.0918 5248 nfrd960 - ok

19:15:04.0095 5248 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys

19:15:04.0140 5248 NisDrv - ok

19:15:04.0348 5248 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

19:15:04.0419 5248 Npfs - ok

19:15:04.0534 5248 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

19:15:04.0628 5248 nsiproxy - ok

19:15:04.0765 5248 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys

19:15:04.0844 5248 Ntfs - ok

19:15:04.0928 5248 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

19:15:04.0987 5248 Null - ok

19:15:05.0099 5248 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys

19:15:05.0146 5248 nvraid - ok

19:15:05.0255 5248 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys

19:15:05.0309 5248 nvstor - ok

19:15:05.0415 5248 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys

19:15:05.0458 5248 nv_agp - ok

19:15:05.0569 5248 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys

19:15:05.0637 5248 ohci1394 - ok

19:15:05.0763 5248 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

19:15:05.0799 5248 Parport - ok

19:15:05.0911 5248 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys

19:15:05.0945 5248 partmgr - ok

19:15:06.0063 5248 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys

19:15:06.0124 5248 pci - ok

19:15:06.0211 5248 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys

19:15:06.0248 5248 pciide - ok

19:15:06.0365 5248 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

19:15:06.0390 5248 pcmcia - ok

19:15:06.0481 5248 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

19:15:06.0514 5248 pcw - ok

19:15:06.0619 5248 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

19:15:06.0689 5248 PEAUTH - ok

19:15:06.0841 5248 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys

19:15:06.0952 5248 PptpMiniport - ok

19:15:07.0068 5248 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

19:15:07.0134 5248 Processor - ok

19:15:07.0258 5248 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys

19:15:07.0366 5248 Psched - ok

19:15:07.0481 5248 PSI (fb46e9a827a8799ebd7bfa9128c91f37) C:\Windows\system32\DRIVERS\psi_mf.sys

19:15:07.0535 5248 PSI - ok

19:15:07.0668 5248 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

19:15:07.0735 5248 ql2300 - ok

19:15:07.0830 5248 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

19:15:07.0868 5248 ql40xx - ok

19:15:07.0969 5248 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

19:15:08.0045 5248 QWAVEdrv - ok

19:15:08.0151 5248 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

19:15:08.0247 5248 RasAcd - ok

19:15:08.0363 5248 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

19:15:08.0441 5248 RasAgileVpn - ok

19:15:08.0572 5248 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys

19:15:08.0649 5248 Rasl2tp - ok

19:15:08.0780 5248 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

19:15:08.0882 5248 RasPppoe - ok

19:15:08.0991 5248 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

19:15:09.0104 5248 RasSstp - ok

19:15:09.0219 5248 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys

19:15:09.0305 5248 rdbss - ok

19:15:09.0403 5248 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

19:15:09.0464 5248 rdpbus - ok

19:15:09.0689 5248 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

19:15:09.0827 5248 RDPCDD - ok

19:15:09.0946 5248 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

19:15:10.0020 5248 RDPENCDD - ok

19:15:10.0123 5248 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

19:15:10.0198 5248 RDPREFMP - ok

19:15:10.0308 5248 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys

19:15:10.0379 5248 RDPWD - ok

19:15:10.0511 5248 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys

19:15:10.0561 5248 rdyboost - ok

19:15:10.0766 5248 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

19:15:10.0834 5248 rspndr - ok

19:15:10.0963 5248 RSUSBSTOR (22d6b47d004a6568c500680be2972854) C:\Windows\system32\Drivers\RtsUStor.sys

19:15:11.0010 5248 RSUSBSTOR - ok

19:15:11.0154 5248 RTL8167 (ee082e06a82ff630351d1e0ebbd3d8d0) C:\Windows\system32\DRIVERS\Rt64win7.sys

19:15:11.0201 5248 RTL8167 - ok

19:15:11.0338 5248 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys

19:15:11.0391 5248 sbp2port - ok

19:15:11.0494 5248 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys

19:15:11.0599 5248 scfilter - ok

19:15:11.0732 5248 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys

19:15:11.0799 5248 sdbus - ok

19:15:11.0929 5248 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

19:15:12.0035 5248 secdrv - ok

19:15:12.0181 5248 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

19:15:12.0230 5248 Serenum - ok

19:15:12.0338 5248 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

19:15:12.0413 5248 Serial - ok

19:15:12.0542 5248 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

19:15:12.0563 5248 sermouse - ok

19:15:12.0677 5248 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys

19:15:12.0767 5248 sffdisk - ok

19:15:12.0860 5248 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys

19:15:12.0920 5248 sffp_mmc - ok

19:15:13.0032 5248 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys

19:15:13.0108 5248 sffp_sd - ok

19:15:13.0229 5248 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

19:15:13.0301 5248 sfloppy - ok

19:15:13.0445 5248 Sftfs (a40abfdcb75f835fdf3ce0cc64e4250d) C:\Windows\system32\DRIVERS\Sftfslh.sys

19:15:13.0503 5248 Sftfs - ok

19:15:13.0625 5248 Sftplay (411769ed1cb12d2b44217734347bdb7a) C:\Windows\system32\DRIVERS\Sftplaylh.sys

19:15:13.0682 5248 Sftplay - ok

19:15:13.0796 5248 Sftredir (a14d0df34bbb00ea94da16193d0c7957) C:\Windows\system32\DRIVERS\Sftredirlh.sys

19:15:13.0833 5248 Sftredir - ok

19:15:13.0929 5248 Sftvol (393b22addd89979eb1c60898f51c3648) C:\Windows\system32\DRIVERS\Sftvollh.sys

19:15:13.0970 5248 Sftvol - ok

19:15:14.0103 5248 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

19:15:14.0136 5248 SiSRaid2 - ok

19:15:14.0235 5248 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

19:15:14.0277 5248 SiSRaid4 - ok

19:15:14.0410 5248 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

19:15:14.0518 5248 Smb - ok

19:15:14.0645 5248 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

19:15:14.0689 5248 spldr - ok

19:15:14.0826 5248 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys

19:15:14.0930 5248 srv - ok

19:15:15.0029 5248 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys

19:15:15.0118 5248 srv2 - ok

19:15:15.0251 5248 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS

19:15:15.0314 5248 SrvHsfHDA - ok

19:15:15.0459 5248 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS

19:15:15.0526 5248 SrvHsfV92 - ok

19:15:15.0651 5248 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS

19:15:15.0712 5248 SrvHsfWinac - ok

19:15:15.0808 5248 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys

19:15:15.0858 5248 srvnet - ok

19:15:15.0990 5248 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

19:15:16.0006 5248 stexstor - ok

19:15:16.0129 5248 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys

19:15:16.0165 5248 swenum - ok

19:15:16.0330 5248 SynTP (961cfac2a5318e212f459d651f28e0a4) C:\Windows\system32\DRIVERS\SynTP.sys

19:15:16.0401 5248 SynTP - ok

19:15:16.0593 5248 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys

19:15:16.0701 5248 Tcpip - ok

19:15:16.0871 5248 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys

19:15:16.0953 5248 TCPIP6 - ok

19:15:17.0060 5248 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys

19:15:17.0182 5248 tcpipreg - ok

19:15:17.0311 5248 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

19:15:17.0424 5248 TDPIPE - ok

19:15:17.0533 5248 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys

19:15:17.0618 5248 TDTCP - ok

19:15:17.0740 5248 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys

19:15:17.0838 5248 tdx - ok

19:15:17.0944 5248 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys

19:15:17.0992 5248 TermDD - ok

19:15:18.0150 5248 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys

19:15:18.0241 5248 tssecsrv - ok

19:15:18.0388 5248 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys

19:15:18.0475 5248 TsUsbFlt - ok

19:15:18.0606 5248 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys

19:15:18.0708 5248 tunnel - ok

19:15:18.0821 5248 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

19:15:18.0875 5248 uagp35 - ok

19:15:18.0984 5248 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys

19:15:19.0056 5248 udfs - ok

19:15:19.0173 5248 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys

19:15:19.0220 5248 uliagpkx - ok

19:15:19.0343 5248 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys

19:15:19.0414 5248 umbus - ok

19:15:19.0526 5248 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

19:15:19.0587 5248 UmPass - ok

19:15:19.0694 5248 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys

19:15:19.0759 5248 usbccgp - ok

19:15:19.0905 5248 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys

19:15:19.0979 5248 usbcir - ok

19:15:20.0081 5248 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys

19:15:20.0146 5248 usbehci - ok

19:15:20.0274 5248 usbfilter (dc2b306861f42eeeb92ef525f4119f08) C:\Windows\system32\DRIVERS\usbfilter.sys

19:15:20.0307 5248 usbfilter - ok

19:15:20.0403 5248 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys

19:15:20.0442 5248 usbhub - ok

19:15:20.0545 5248 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys

19:15:20.0580 5248 usbohci - ok

19:15:20.0712 5248 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

19:15:20.0801 5248 usbprint - ok

19:15:20.0930 5248 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys

19:15:21.0012 5248 usbscan - ok

19:15:21.0119 5248 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS

19:15:21.0183 5248 USBSTOR - ok

19:15:21.0284 5248 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys

19:15:21.0375 5248 usbuhci - ok

19:15:21.0492 5248 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys

19:15:21.0549 5248 usbvideo - ok

19:15:21.0682 5248 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys

19:15:21.0722 5248 vdrvroot - ok

19:15:21.0847 5248 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

19:15:21.0903 5248 vga - ok

19:15:22.0009 5248 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

19:15:22.0130 5248 VgaSave - ok

19:15:22.0245 5248 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys

19:15:22.0295 5248 vhdmp - ok

19:15:22.0395 5248 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys

19:15:22.0434 5248 viaide - ok

19:15:22.0536 5248 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys

19:15:22.0581 5248 volmgr - ok

19:15:22.0722 5248 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys

19:15:22.0775 5248 volmgrx - ok

19:15:22.0892 5248 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys

19:15:22.0936 5248 volsnap - ok

19:15:23.0072 5248 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

19:15:23.0123 5248 vsmraid - ok

19:15:23.0231 5248 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys

19:15:23.0299 5248 vwifibus - ok

19:15:23.0437 5248 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys

19:15:23.0511 5248 vwififlt - ok

19:15:23.0624 5248 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

19:15:23.0691 5248 WacomPen - ok

19:15:23.0817 5248 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

19:15:23.0915 5248 WANARP - ok

19:15:23.0950 5248 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

19:15:24.0001 5248 Wanarpv6 - ok

19:15:24.0154 5248 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

19:15:24.0198 5248 Wd - ok

19:15:24.0316 5248 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

19:15:24.0380 5248 Wdf01000 - ok

19:15:24.0540 5248 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

19:15:24.0613 5248 WfpLwf - ok

19:15:24.0725 5248 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

19:15:24.0767 5248 WIMMount - ok

19:15:24.0936 5248 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys

19:15:25.0011 5248 WinUsb - ok

19:15:25.0142 5248 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys

19:15:25.0212 5248 WmiAcpi - ok

19:15:25.0365 5248 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

19:15:25.0455 5248 ws2ifsl - ok

19:15:25.0577 5248 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys

19:15:25.0674 5248 WudfPf - ok

19:15:25.0800 5248 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys

19:15:25.0924 5248 WUDFRd - ok

19:15:26.0062 5248 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys

19:15:26.0137 5248 yukonw7 - ok

19:15:26.0194 5248 MBR (0x1B8) (885ee7aa22fa5cca6a43e524d8a406b5) \Device\Harddisk0\DR0

19:15:27.0004 5248 \Device\Harddisk0\DR0 - ok

19:15:27.0025 5248 Boot (0x1200) (514a52b68c07128375cdbd173bc1584b) \Device\Harddisk0\DR0\Partition0

19:15:27.0027 5248 \Device\Harddisk0\DR0\Partition0 - ok

19:15:27.0040 5248 Boot (0x1200) (e8b7f883b507d11e05d72754737e3de1) \Device\Harddisk0\DR0\Partition1

19:15:27.0041 5248 \Device\Harddisk0\DR0\Partition1 - ok

19:15:27.0073 5248 Boot (0x1200) (6d7e67336c5a8d0e8f98f80ca4561aba) \Device\Harddisk0\DR0\Partition2

19:15:27.0074 5248 \Device\Harddisk0\DR0\Partition2 - ok

19:15:27.0097 5248 Boot (0x1200) (15854dd6d1dcd63f2c9a44b3eb5f74d5) \Device\Harddisk0\DR0\Partition3

19:15:27.0098 5248 \Device\Harddisk0\DR0\Partition3 - ok

19:15:27.0100 5248 ============================================================

19:15:27.0101 5248 Scan finished

19:15:27.0101 5248 ============================================================

19:15:27.0114 4876 Detected object count: 0

19:15:27.0114 4876 Actual detected object count: 0

19:15:55.0841 3352 Deinitialize success

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.