Jump to content

IE Redirect Virus


Recommended Posts

Hi, my computer has a redirect virus/rootkit. McAfee claimed it rid the computer of a rootkit recently, but the effects still remain. Before contacting you, I ran: Sophos (uninstalled), Spyware S&D (still on computer), Malwarebytes (still on computer), McAfee (still on computer), TDSS Killer (still on computer), Microsoft Malware Removal Tool, and the Backdoor.Tidserve removal tool (uninstalled). None of the tools listed above found anything, excepting TDSS killer, which found a few registry keys for which the digital signature didn't match up (no action performed). The redirect virus only seems to affect Internet Explorer, and only my user. I used most of the tools last week, so they may be out of date by now. I also tried resetting IE settings to the default, but to no avail. Here are the DDS & Attach logs:

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_26

Run by Jacob at 13:55:54 on 2012-06-11

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8183.5758 [GMT -4:00]

.

AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}

SP: Spybot - Search and Destroy *Enabled/Updated* {1EAF1D03-5480-F3B2-EB14-11F0F5EE2699}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}

FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt

c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe

C:\Windows\system32\mfevtps.exe

c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe

C:\Windows\System32\svchost.exe -k HPZ12

C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe

C:\Windows\System32\svchost.exe -k HPZ12

C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe

C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Program Files (x86)\Rosetta Stone\SMS v3.0.2hs\Service\JavaSrvc.exe

c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Intel\TurboBoost\TurboBoost.exe

C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe

C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe

C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\svchost.exe -k HPService

C:\Windows\system32\svchost.exe -k WindowsMobile

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\WUDFHost.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Windows\system32\DllHost.exe

C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\system32\svchost.exe -k SDRSVC

C:\Windows\system32\rundll32.exe

C:\Windows\system32\rundll32.exe

C:\Windows\SysWOW64\rundll32.exe

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskhost.exe

C:\Windows\system32\taskeng.exe

C:\Users\Jacob\Downloads\CoreTemp64\Core Temp.exe

C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Windows\WindowsMobile\wmdc.exe

C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE

C:\Program Files (x86)\Windows Sidebar\sidebar.exe

C:\Windows\System32\rundll32.exe

C:\Windows\SysWOW64\rundll32.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe

C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe

C:\Program Files (x86)\Windows Media Player\wmplayer.exe

C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe

C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

C:\Program Files\McAfee.com\Agent\mcagent.exe

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe

c:\PROGRA~2\mcafee\SITEAD~1\saui.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe

C:\Users\Jacob\Documents\Schoolwork\GameMaker\Projects\Finished EXEs\Digital Timer.exe

C:\Program Files (x86)\Rosetta Stone\RS2.1.5.1Asms\Rosetta Stone.exe

C:\Users\Jacob\AppData\Local\Temp\~e5.0001

C:\Windows\splwow64.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Program Files\McAfee\VirusScan\mcods.exe

C:\Program Files\Common Files\McAfee\Core\mchost.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

.

============== Pseudo HJT Report ===============

.

uSearch Bar = Preserve

uStart Page = hxxp://zradio.org/

uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

mWinlogon: Userinit=userinit.exe,

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll

BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120425081238.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL

BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File

{555d4d79-4bd2-4094-a395-cfc534424a05}

uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

uRun: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"

uRun: [sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe /autoRun

uRun: [Apps] rundll32.exe "C:\Users\Jacob\AppData\Local\DataSafeOnline\Apps\rngpzjif.dll",DllRegisterServer

mRun: [shwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe

mRun: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"

mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

mRun: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [sDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"

StartupFolder: C:\Users\Jacob\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\FAVSAL~1.LNK - C:\Users\Public\Music\Music\Playlists\FavsAll.wpl

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

Trusted Zone: flvs.net\learn

Trusted Zone: internet

Trusted Zone: live.com\onecare

Trusted Zone: mcafee.com

Trusted Zone: yoyogames.com\www

DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB

DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/templates/ieawsdc.cab

DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab

DPF: {2B497CAF-D938-4059-BA76-0DA5DB77EA0A} - hxxps://72.156.249.212/Remote/BuiltIns/FS/Wssg.Web.FileAccess.RichUpload.cab

DPF: {362C56AA-6E4F-40C7-A0B5-85501DBDAD77} - hxxp://i.dell.com/images/global/js/scanner/SysProExe.cab

DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - hxxp://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.10.115.cab

DPF: {40F576AD-8680-4F9E-9490-99D069CD665F} - hxxp://srtest-cdn.systemrequirementslab.com.s3.amazonaws.com/bin/sysreqlabdetect.cab

DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} - hxxp://support.dell.com/systemprofiler/SysProExe.CAB

DPF: {721700FE-7F0E-49C5-BDED-CA92B7CB1245} - hxxp://65.44.139.2:9203/camclictrl.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} - hxxp://www.sibelius.com/download/software/win/ActiveXPlugin.cab

DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} - hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB

DPF: {C49134CC-B5EF-458C-A442-E8DFE7B4645F} - hxxp://www.yoyogames.com/plugins/activex/YoYo.cab

DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} - hxxp://clients.futuremark.com/calico/systeminfodeploy/FMSI.cab

DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://berklee.webex.com/client/T27L10NSP25/nbr/ieatgpc1.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: DhcpNameServer = 192.168.2.1

TCP: Interfaces\{410F48CF-12A3-40EB-B398-2C0A4D370576} : DhcpNameServer = 192.168.2.1

Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\McAfee\MSC\McSnIePl.dll

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL

Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll

Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

Notify: SDWinLogon - SDWinLogon.dll

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll

BHO-X64: McAfee Phishing Filter - No File

BHO-X64: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

BHO-X64: Search Helper - No File

BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120425081238.dll

BHO-X64: scriptproxy - No File

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

BHO-X64: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL

BHO-X64: URLRedirectionBHO - No File

BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB-X64: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File

EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File

mRun-x64: [shwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe

mRun-x64: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"

mRun-x64: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

mRun-x64: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun-x64: [sDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Jacob\AppData\Roaming\Mozilla\Firefox\Profiles\9iiiea8p.default\

FF - prefs.js: browser.search.selectedEngine - Bing

FF - prefs.js: browser.startup.homepage - hxxp://zradio.org/

FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&p=

FF - plugin: c:\progra~2\mcafee\msc\npMcSnFFPl.dll

FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL

FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL

FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\McAfee\SiteAdvisor\NPMcFFPlg32.dll

FF - plugin: C:\Program Files (x86)\Microsoft Research\HD View\nphdview.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\NPYYGInstantPlay.dll

FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Users\Jacob\AppData\Roaming\Mozilla\plugins\npatgpc.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll

.

============= SERVICES / DRIVERS ===============

.

R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?]

R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?]

R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]

R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?]

R2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-9-6 169408]

R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]

R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-8 92160]

R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [2012-2-23 103440]

R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-6-5 249936]

R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-6-5 249936]

R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-6-5 249936]

R2 McShield;McAfee McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2011-2-18 199272]

R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2011-2-18 210584]

R2 mfevtp;McAfee Validation Trust Protection Service;"C:\Windows\system32\mfevtps.exe" --> C:\Windows\system32\mfevtps.exe [?]

R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2012-2-13 2253120]

R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2012-5-31 1122296]

R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2012-5-31 838136]

R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2012-5-31 166528]

R2 SMSv3_0_2hs;SMSv3_0_2hs;C:\Program Files (x86)\Rosetta Stone\SMS v3.0.2hs\service\JavaSrvc.exe [2006-7-26 65536]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-10-15 381248]

R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?]

R2 TurboBoost;Intel® Turbo Boost Technology Monitor;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-5-21 134928]

R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-4-1 428640]

R3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?]

R3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys --> C:\Windows\system32\DRIVERS\k57nd60a.sys [?]

R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?]

R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?]

R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?]

R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?]

R3 nvoclk64;NVIDIA Enthusiasts Platform KDM;C:\Windows\system32\DRIVERS\nvoclk64.sys --> C:\Windows\system32\DRIVERS\nvoclk64.sys [?]

R3 WSDPrintDevice;WSD Print Support via UMB;C:\Windows\system32\DRIVERS\WSDPrint.sys --> C:\Windows\system32\DRIVERS\WSDPrint.sys [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-7-24 136176]

S2 SessionLauncher;SessionLauncher;c:\Users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe --> c:\Users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe [?]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-2-29 158856]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-3 257696]

S3 CompFilter64;UVCCompositeFilter;C:\Windows\system32\DRIVERS\lvbflt64.sys --> C:\Windows\system32\DRIVERS\lvbflt64.sys [?]

S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]

S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]

S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-7-24 136176]

S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\system32\DRIVERS\lvrs64.sys --> C:\Windows\system32\DRIVERS\lvrs64.sys [?]

S3 LVUVC64;Logitech HD Pro Webcam C910(UVC);C:\Windows\system32\DRIVERS\lvuvc64.sys --> C:\Windows\system32\DRIVERS\lvuvc64.sys [?]

S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?]

S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-6-7 129976]

S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]

S3 pmxdrv;pmxdrv;\??\C:\Windows\system32\drivers\pmxdrv.sys --> C:\Windows\system32\drivers\pmxdrv.sys [?]

S3 RoxMediaDB10;RoxMediaDB10;C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCom\RoxMediaDB10.exe [2009-6-26 1124848]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

S4 McOobeSv;McAfee OOBE Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-6-5 249936]

S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-7-22 61976]

S4 RsFx0103;RsFx0103 Driver;C:\Windows\system32\DRIVERS\RsFx0103.sys --> C:\Windows\system32\DRIVERS\RsFx0103.sys [?]

S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2010-9-17 430424]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

.

=============== Created Last 30 ================

.

2012-06-11 15:51:44 -------- d-----w- C:\Users\Jacob\AppData\Local\{601E397C-C67E-498A-866F-A191C37C14B4}

2012-06-11 15:51:32 -------- d-----w- C:\Users\Jacob\AppData\Local\{E18E85D7-1BDC-4391-A3A4-D2E99ECE2FA8}

2012-06-10 00:56:13 -------- d-----w- C:\Program Files (x86)\Sibelius Software

2012-06-09 17:54:17 -------- d-----w- C:\Users\Jacob\AppData\Local\{46571528-A6D5-4000-8F4C-72834C35E911}

2012-06-09 17:54:04 -------- d-----w- C:\Users\Jacob\AppData\Local\{E424CDF8-4701-4908-8785-C9E478281815}

2012-06-08 15:48:57 -------- d-----w- C:\Users\Jacob\AppData\Local\{C66CDB0D-5EB0-48D0-8028-F1B7B9B04E2D}

2012-06-08 15:48:45 -------- d-----w- C:\Users\Jacob\AppData\Local\{5E27C6B3-A30E-4DA0-836B-0EA2D1040F17}

2012-06-08 14:58:08 8955792 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{764A374B-CDFF-4B16-A880-04B955979BE5}\mpengine.dll

2012-06-07 17:14:14 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service

2012-06-07 17:13:49 588728 ----a-w- C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll

2012-06-07 17:13:49 129976 ----a-w- C:\Program Files (x86)\Mozilla Firefox\maintenanceservice.exe

2012-06-07 17:13:48 626688 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcr80.dll

2012-06-07 17:13:48 548864 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcp80.dll

2012-06-07 17:13:48 479232 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcm80.dll

2012-06-07 17:13:48 43960 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozglue.dll

2012-06-07 17:13:48 157352 ----a-w- C:\Program Files (x86)\Mozilla Firefox\maintenanceservice_installer.exe

2012-06-07 17:11:44 -------- d-----w- C:\Users\Jacob\AppData\Local\{D95F4EEE-713D-4111-AED0-753CC755D21B}

2012-06-07 17:11:31 -------- d-----w- C:\Users\Jacob\AppData\Local\{3C788A4D-6569-4A73-B1CE-B500CF4D25C3}

2012-06-07 05:11:01 -------- d-----w- C:\Users\Jacob\AppData\Local\{85B3D4CF-9BAB-4085-8501-0AE3644D23E4}

2012-06-07 05:10:48 -------- d-----w- C:\Users\Jacob\AppData\Local\{A9270E0F-AD0C-4987-9E42-27E5C78252B7}

2012-06-06 17:10:21 -------- d-----w- C:\Users\Jacob\AppData\Local\{13B87C11-FB71-43CD-8029-DF40029E137D}

2012-06-06 17:10:08 -------- d-----w- C:\Users\Jacob\AppData\Local\{CC8F2999-C6EC-41C2-9A9A-050AB4CF1ABE}

2012-06-05 16:26:18 -------- d-----w- C:\Users\Jacob\AppData\Local\{6315DDE6-162E-45D0-816F-E32C25D5FD0C}

2012-06-05 16:24:42 -------- d-----w- C:\Users\Jacob\AppData\Local\{9E040E56-185C-428B-9DD4-866879A87927}

2012-06-04 16:19:31 -------- d-----w- C:\Users\Jacob\AppData\Local\{2ED9CB6C-10FE-4456-9F19-907E39BE40B2}

2012-06-04 16:19:18 -------- d-----w- C:\Users\Jacob\AppData\Local\{DDC5CD5B-49F0-4EFC-A5BC-5F96925A66C7}

2012-06-03 20:20:47 -------- d-----w- C:\Users\Jacob\AppData\Local\{31007099-B9AA-4D03-9BA0-E66F38E69AC6}

2012-06-03 20:20:34 -------- d-----w- C:\Users\Jacob\AppData\Local\{D5D3E8A0-8426-48A7-86E2-AD0906115417}

2012-06-02 16:58:39 -------- d-----w- C:\Users\Jacob\AppData\Local\{C4FD5831-CA24-4F4E-A3AC-ED00EE0CC5ED}

2012-06-02 16:58:27 -------- d-----w- C:\Users\Jacob\AppData\Local\{0BCE56C8-DC5E-4BC8-95EE-16625B42AE7F}

2012-06-02 03:21:46 -------- d-----w- C:\Users\Jacob\AppData\Local\{C3888708-6A4B-47FE-8758-19F83D954E2F}

2012-06-01 15:21:20 -------- d-----w- C:\Users\Jacob\AppData\Local\{A0FEB971-F4A3-4C09-B97D-BD6A0441F2A0}

2012-06-01 15:21:07 -------- d-----w- C:\Users\Jacob\AppData\Local\{4F05EA62-75F0-4D75-B9DA-7AD4D1101614}

2012-06-01 01:49:59 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy

2012-06-01 01:49:51 17272 ----a-w- C:\Windows\System32\sdnclean64.exe

2012-06-01 01:49:46 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2

2012-05-31 16:49:26 -------- d-----w- C:\Users\Jacob\AppData\Local\{B8DC9575-373E-4F6A-9D72-D50C71475BCE}

2012-05-31 16:49:14 -------- d-----w- C:\Users\Jacob\AppData\Local\{347BA266-4DEC-483E-B19D-A1BC0149C2F3}

2012-05-30 12:49:01 -------- d-----w- C:\Users\Jacob\AppData\Local\{42A821F5-35E5-41E4-A145-5955518A04CD}

2012-05-30 12:48:48 -------- d-----w- C:\Users\Jacob\AppData\Local\{2395E78A-BD1C-4289-A86F-2EC8952716F1}

2012-05-30 00:07:09 -------- d-----w- C:\ProgramData\Sophos

2012-05-29 14:53:43 -------- d-----w- C:\Users\Jacob\AppData\Local\{3811D7A7-6281-4A27-80A2-2F5597037350}

2012-05-29 14:53:10 -------- d-----w- C:\Users\Jacob\AppData\Local\{E6385A85-E33B-4686-B7C4-F6465D4F53E2}

2012-05-27 22:56:47 116016 ----a-w- C:\Windows\System32\drivers\18720901.sys

2012-05-27 17:57:10 -------- d-----w- C:\Users\Jacob\AppData\Local\{6DF849BA-5A99-4D6E-95BA-0E2AE22D3585}

2012-05-27 17:56:57 -------- d-----w- C:\Users\Jacob\AppData\Local\{4BE7DD0F-5046-4A09-9B85-86418BCA3970}

2012-05-25 16:38:22 -------- d-----w- C:\Users\Jacob\AppData\Local\{2C84B04E-87A7-419F-AA6F-C63D6E17F4F7}

2012-05-25 16:38:09 -------- d-----w- C:\Users\Jacob\AppData\Local\{499AF48C-7555-4466-B491-55C5DC07CB8E}

2012-05-24 19:17:05 -------- d-----w- C:\Users\Jacob\AppData\Roaming\System

2012-05-24 15:03:05 -------- d-----w- C:\Users\Jacob\AppData\Local\{DEAD7B09-DA57-4BAE-A841-F21E67C7CC5A}

2012-05-24 15:02:51 -------- d-----w- C:\Users\Jacob\AppData\Local\{DF8C6C73-3615-45AB-9773-1B152C9210B3}

2012-05-22 15:33:21 -------- d-----w- C:\Users\Jacob\AppData\Local\{D7A892FA-2909-47D6-B9F5-BEF70AC48D7D}

2012-05-22 15:33:08 -------- d-----w- C:\Users\Jacob\AppData\Local\{0C4D18A8-B0EE-42C4-88BD-DC48134E695C}

2012-05-21 15:42:50 -------- d-----w- C:\Users\Jacob\AppData\Local\{A0A507B2-36B3-4A5B-99D4-7B0C7EA65302}

2012-05-21 15:42:39 -------- d-----w- C:\Users\Jacob\AppData\Local\{BC18CE89-7843-4F42-86EC-01716242CE8D}

2012-05-21 03:04:36 -------- d-----w- C:\Users\Jacob\AppData\Local\{722C2EF9-7C5B-4C05-950D-194094F3F595}

2012-05-21 03:04:24 -------- d-----w- C:\Users\Jacob\AppData\Local\{29E5BEC5-F2DC-4806-9A1A-126210B3C228}

2012-05-19 17:08:17 -------- d-----w- C:\Users\Jacob\AppData\Local\{5C0A0C64-9A19-4918-B477-A5510AA0EE38}

2012-05-19 17:08:05 -------- d-----w- C:\Users\Jacob\AppData\Local\{D663333A-ED19-4859-89AE-E5EF138EC4C2}

2012-05-18 23:57:29 -------- d-----w- C:\Users\Jacob\AppData\Local\{B5AA328D-8445-4AF1-8546-F9EFDD7ABCB8}

2012-05-18 23:57:16 -------- d-----w- C:\Users\Jacob\AppData\Local\{DFAABAC2-A3EA-4CF1-9DEC-2B3E03776D0A}

2012-05-18 00:26:17 -------- d-----w- C:\Users\Jacob\AppData\Local\{DB8A108C-5048-4D2B-8B71-9F80025D4705}

2012-05-18 00:26:03 -------- d-----w- C:\Users\Jacob\AppData\Local\{1E220F65-1F32-4D45-B4CF-47DEC2D39871}

2012-05-17 15:01:23 -------- d-----w- C:\Users\Jacob\AppData\Local\{B6655982-DCA7-42E6-8C36-7D4CE56AA245}

2012-05-16 16:39:12 -------- d-----w- C:\Users\Jacob\AppData\Local\{0326D363-90A2-4ACD-B0BF-C019F9EB5F08}

2012-05-16 16:39:00 -------- d-----w- C:\Users\Jacob\AppData\Local\{BD4DF713-20DA-49E3-BACA-AAB7F2502E77}

2012-05-16 02:37:57 -------- d-----w- C:\Users\Jacob\AppData\Local\{53216DF7-E13F-4148-8BF5-875A95236B18}

2012-05-16 02:37:45 -------- d-----w- C:\Users\Jacob\AppData\Local\{9EB13F55-BEAC-4709-95A4-A273876C3C98}

2012-05-15 14:37:18 -------- d-----w- C:\Users\Jacob\AppData\Local\{6469DCEF-2F66-494E-B8CA-0E2F90738C80}

2012-05-15 14:37:06 -------- d-----w- C:\Users\Jacob\AppData\Local\{0D0DD81E-0DB8-4DC1-A80F-F3560D65E4A3}

2012-05-14 14:34:33 -------- d-----w- C:\Users\Jacob\AppData\Local\{B2DC64F0-5889-4416-A7C8-1E70FCFDEED3}

2012-05-14 14:34:20 -------- d-----w- C:\Users\Jacob\AppData\Local\{8DB178BC-F1F1-427E-A1E0-6D74B3794B37}

2012-05-13 16:27:17 -------- d-----w- C:\Users\Jacob\AppData\Local\{A5EAA35A-11D0-4716-AA78-E9B74262F046}

2012-05-13 16:26:53 -------- d-----w- C:\Users\Jacob\AppData\Local\{46295A3A-F933-434A-98C6-515D695D005C}

.

==================== Find3M ====================

.

2012-05-31 19:40:07 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-05-31 19:40:07 419488 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2012-05-05 15:34:15 8744608 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe

2012-04-19 00:56:30 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx

2012-04-19 00:56:30 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts

2012-04-04 19:56:40 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-03-31 06:05:57 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe

2012-03-31 04:39:37 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2012-03-31 04:39:37 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2012-03-31 03:10:03 3146240 ----a-w- C:\Windows\System32\win32k.sys

2012-03-30 11:35:47 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2012-03-20 17:11:30 162192 ----a-w- C:\Windows\System32\mfevtps.exe

2012-03-17 07:58:57 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys

.

============= FINISH: 13:56:57.92 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume2

Install Date: 11/16/2009 10:43:17 AM

System Uptime: 6/11/2012 11:38:56 AM (2 hours ago)

.

Motherboard: Dell Inc. | | 0X231R

Processor: Intel® Core™ i7 CPU 860 @ 2.80GHz | CPU 1 | 2801/133mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 917 GiB total, 663.946 GiB free.

D: is CDROM (CDFS)

E: is Removable

F: is Removable

G: is Removable

H: is Removable

K: is FIXED (NTFS) - 932 GiB total, 322.786 GiB free.

.

==== Disabled Device Manager Items =============

.

Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}

Description: Photosmart Premium C309g-m

Device ID: ROOT\MULTIFUNCTION\0000

Manufacturer: HP

Name: Photosmart Premium C309g-m

PNP Device ID: ROOT\MULTIFUNCTION\0000

Service:

.

==== System Restore Points ===================

.

RP534: 6/4/2012 11:51:36 PM - Windows Update

RP535: 6/8/2012 10:57:30 AM - Windows Update

RP536: 6/9/2012 8:55:49 PM - Installed Sibelius Scorch (ActiveX Only)

RP537: 6/9/2012 9:02:23 PM - Installed Sibelius Scorch (Firefox, Opera, Netscape only)

RP538: 6/10/2012 2:00:14 AM - Windows Backup

.

==== Installed Programs ======================

.

7-Zip 4.65

Acrobat.com

Adobe AIR

Adobe Community Help

Adobe Photoshop Elements 9

Adobe Photoshop.com Inspiration Browser

Adobe Premiere Elements 9

Adobe Premiere Elements 9 Content

Adobe Premiere Elements 9 Content 1

Adobe Premiere Elements 9 Content 2

Adobe Premiere Elements 9 Content 3

Adobe Premiere Elements 9 HD Content 1

Adobe Premiere Elements 9 HD Content 2

Adobe Premiere Elements 9 HD Content 3

Adobe Reader X (10.1.3)

Adobe Shockwave Player 11.5

Age of Empires III

Age of Empires III - The Asian Dynasties

Age of Empires III - The WarChiefs

Amazon Kindle For PC v1.1

Amazon MP3 Downloader 1.0.15

Apple Application Support

Apple Software Update

Audacity 1.3.10 (Unicode)

BufferChm

C309g-m

CameraHelperMsi

Consumer In-Home Service Agreement

Crazy Machines II + Demo

D3DX10

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

Dell Driver Download Manager

Dell Getting Started Guide

Destinations

DeviceDiscovery

DietPower 4.4

DirectXInstallService

Elements 9 Organizer

Elements STI Installer

EMC 10 Content

erLT

FFmpeg for Audacity on Windows

Game Maker 8.0

GameMaker 8.1

Google Earth

Google Update Helper

GPBaseService2

HD View

Higher Score on the ACT

Higher Score on the SAT/PSAT

Hotfix for Microsoft Visual Basic 2010 Express - ENU (KB2635973)

Hotfix for Microsoft Windows Phone Developer Tools - ENU (KB2635973)

HP Update

HPPhotoGadget

HPProductAssistant

hpWLPGInstaller

Internet TV for Windows Media Center

Java Auto Updater

Java™ 6 Update 26

Junk Mail filter update

LAME v3.98.2 for Audacity

LEGO Digital Designer

LEGO MINDSTORMS NXT - English Language Pack

LEGO MINDSTORMS NXT Migration Package

LEGO MINDSTORMS NXT Software v2.0

Logitech Webcam Software

LWS Facebook

LWS Gallery

LWS Help_main

LWS Launcher

LWS Motion Detection

LWS Pictures And Video

LWS Twitter

LWS Video Mask Maker

LWS Webcam Software

LWS WLM Plugin

LWS YouTube Plugin

Malwarebytes Anti-Malware version 1.61.0.1400

McAfee Internet Security

Mesh Runtime

Messenger Companion

Microsoft .NET Framework 4 Multi-Targeting Pack

Microsoft Access 2002 Runtime

Microsoft Age of Empires II

Microsoft Age of Empires II: The Conquerors Expansion

Microsoft Application Error Reporting

Microsoft DirectX SDK (June 2010)

Microsoft Expression Blend 3 SDK

Microsoft Expression Blend 4

Microsoft Expression Blend 4 Add-in for Adobe FXG Import

Microsoft Expression Blend SDK for .NET 4

Microsoft Expression Blend SDK for Silverlight 4

Microsoft Expression Blend SDK for Windows Phone 7

Microsoft Games for Windows - LIVE Redistributable

Microsoft Games for Windows Marketplace

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Access MUI (English) 2010

Microsoft Office Access Setup Metadata MUI (English) 2010

Microsoft Office Excel MUI (English) 2010

Microsoft Office Home and Student 2010

Microsoft Office OneNote MUI (English) 2010

Microsoft Office Outlook MUI (English) 2010

Microsoft Office PowerPoint MUI (English) 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (English) 2010

Microsoft Office Publisher MUI (English) 2010

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office Single Image 2010

Microsoft Office Word MUI (English) 2010

Microsoft Search Enhancement Pack

Microsoft Silverlight

Microsoft Silverlight 3 SDK

Microsoft Silverlight 4 SDK

Microsoft Silverlight Tools for Visual Studio 2010

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft SQL Server 2008 Browser

Microsoft SQL Server 2008 R2 Management Objects

Microsoft SQL Server Compact 3.5 SP2 ENU

Microsoft SQL Server System CLR Types

Microsoft Visual Basic 2010 Express - ENU

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319

Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219

Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools

Microsoft Visual Studio 2010 Express for Windows Phone - ENU

Microsoft Visual Studio 2010 Service Pack 1

Microsoft Windows Phone 7 Developer Resources

Microsoft Windows Phone Developer Tools - ENU

Microsoft XNA Framework Redistributable 4.0

Microsoft XNA Game Studio 4.0

Microsoft XNA Game Studio 4.0 (ARP entry)

Microsoft XNA Game Studio 4.0 (Redists)

Microsoft XNA Game Studio 4.0 (Shared Components)

Microsoft XNA Game Studio 4.0 (Visual Studio)

Microsoft XNA Game Studio 4.0 (XnaLiveProxy)

Microsoft XNA Game Studio 4.0 Documentation

Microsoft XNA Game Studio 4.0 Windows Phone Extensions

Microsoft XNA Game Studio Platform Tools

Microsoft_VC80_CRT_x86

Microsoft_VC80_MFC_x86

Microsoft_VC80_MFCLOC_x86

Microsoft_VC90_CRT_x86

Moonbase Alpha

Mozilla Firefox 12.0 (x86 en-US)

Mozilla Maintenance Service

MSVCRT

MSVCRT_amd64

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML4 Parser

Multimedia Card Reader

NEC Electronics USB 3.0 Host Controller Driver

NVIDIA 3D Vision Video Player

NVIDIA Performance

NVIDIA PhysX

NVIDIA Stereoscopic 3D Driver

NVIDIA System Monitor

NVIDIA System Update

OpenAL

OpenOffice.org 3.2

Portal

Portal 2

PowerDVD DX

PS_AIO_06_C309g-m_SW_Min

QuickTime

Realtek High Definition Audio Driver

RollerCoaster Tycoon 2 Triple Thrill Pack

RollerCoaster Tycoon 3 Platinum

Rosetta Stone 2.1.5.1Asms

Roxio Activation Module

Roxio BackOnTrack

Roxio Central Audio

Roxio Central Copy

Roxio Central Core

Roxio Central Data

Roxio Central Tools

Roxio Easy CD and DVD Burning

Roxio Express Labeler 3

Roxio Update Manager

Scan

Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Extended (KB2416472)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553091)

Security Update for Microsoft Office 2010 (KB2553096)

Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2598039) 32-Bit Edition

Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition

Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)

Security Update for Microsoft Visio Viewer 2010 (KB2597981) 32-Bit Edition

Sibelius Scorch (ActiveX Only)

Sibelius Scorch (Firefox, Opera, Netscape only)

SimCity 4 Deluxe

Skype™ 5.8

SmartSound Quicktracks for Premiere Elements 9.0

SolutionCenter

SongBaseXP

Sonic CinePlayer Decoder Pack

Sophos Virus Removal Tool

Spybot - Search & Destroy

Status

Steam

Student Management System v3.0.2hs

System Requirements Lab

Thinkin' Science

Toolbox

TrackMania Nations Forever

TrayApp

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Update for Microsoft Office 2010 (KB2494150)

Update for Microsoft Office 2010 (KB2553065)

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition

Update for Microsoft Office 2010 (KB2566458)

Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition

Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition

Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU

WCF RIA Services V1.0 SP1

WebEx

WebReg

Windows Live Communications Platform

Windows Live Essentials

Windows Live Installer

Windows Live Mail

Windows Live Mesh

Windows Live Messenger

Windows Live Messenger Companion Core

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live Sync

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

Windows Media Center Add-in for Flash

Windows Media Center Add-in for Silverlight

Windows Movie Maker 2.6

Windows Phone 7 Add-in for Visual Studio 2010 - ENU

WPF Toolkit February 2010 (Version 3.5.50211.1)

XML Explorer

.

==== Event Viewer Messages From Past Week ========

.

6/7/2012 5:22:11 PM, Error: srv [2017] - The server was unable to allocate from the system nonpaged pool because the server reached the configured limit for nonpaged pool allocations.

6/11/2012 11:40:45 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

6/11/2012 11:39:55 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: RxFilter

6/11/2012 11:39:43 AM, Error: Service Control Manager [7000] - The SessionLauncher service failed to start due to the following error: The system cannot find the file specified.

6/10/2012 8:09:00 PM, Error: Microsoft-Windows-WMPNSS-Service [14365] - Proximity detection failed due to unknown error '0x80004004'. The best proximity time detected was -1 milliseconds.

.

==== End Of File ===========================

Link to post
Share on other sites

Hello kalpow500 and :welcome:! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at support@malwarebytes.org or here (http://helpdesk.malwarebytes.org/home). If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.

Step 1

Download the latest version of TDSSKiller from here and save it to your Desktop.

  1. Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
    tdss_1.jpg
  2. Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
    tdss_2.jpg
  3. Click the Start Scan button.
    tdss_3.jpg
  4. If a suspicious object is detected, the default action will be Skip, click on Continue.
    tdss_4.jpg
  5. If malicious objects are found, they will show in the Scan results and offer three (3) options.
  6. Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
    tdss_5.jpg
  7. Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

Step 2

  • Launch Malwarebytes' Anti-Malware
  • Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
  • Go to Scanner tab and select Perform Quick Scan, then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

Step 3

Download OTL to your Desktop

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Please tick the Scan All users. Next, click the Quick Scan button. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic.

In your next reply, post the following log files:

  • TDSSKiller log
  • Malwarebytes' Anti-Malware log
  • OTL log with Extras.txt

Link to post
Share on other sites

Sorry about that, post 1/4:

(TDSS)

21:00:28.0663 10340 TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16

21:00:29.0713 10340 ============================================================

21:00:29.0713 10340 Current date / time: 2012/06/11 21:00:29.0713

21:00:29.0713 10340 SystemInfo:

21:00:29.0713 10340

21:00:29.0713 10340 OS Version: 6.1.7601 ServicePack: 1.0

21:00:29.0713 10340 Product type: Workstation

21:00:29.0713 10340 ComputerName: JIMMY

21:00:29.0713 10340 UserName: Jacob

21:00:29.0713 10340 Windows directory: C:\Windows

21:00:29.0713 10340 System windows directory: C:\Windows

21:00:29.0713 10340 Running under WOW64

21:00:29.0713 10340 Processor architecture: Intel x64

21:00:29.0713 10340 Number of processors: 8

21:00:29.0713 10340 Page size: 0x1000

21:00:29.0713 10340 Boot type: Normal boot

21:00:29.0713 10340 ============================================================

21:00:30.0883 10340 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

21:00:30.0893 10340 Drive \Device\Harddisk5\DR7 - Size: 0xE8E0DB5E00 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

21:00:30.0893 10340 ============================================================

21:00:30.0893 10340 \Device\Harddisk0\DR0:

21:00:30.0893 10340 MBR partitions:

21:00:30.0893 10340 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000

21:00:30.0893 10340 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x729A65B0

21:00:30.0893 10340 \Device\Harddisk5\DR7:

21:00:30.0903 10340 MBR partitions:

21:00:30.0903 10340 \Device\Harddisk5\DR7\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x747061A1

21:00:30.0903 10340 ============================================================

21:00:30.0933 10340 C: <-> \Device\Harddisk0\DR0\Partition1

21:00:30.0943 10340 K: <-> \Device\Harddisk5\DR7\Partition0

21:00:30.0943 10340 ============================================================

21:00:30.0943 10340 Initialize success

21:00:30.0943 10340 ============================================================

21:01:16.0644 4968 ============================================================

21:01:16.0644 4968 Scan started

21:01:16.0644 4968 Mode: Manual; SigCheck; TDLFS;

21:01:16.0644 4968 ============================================================

21:01:17.0174 4968 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys

21:01:17.0244 4968 1394ohci - ok

21:01:17.0284 4968 61883 (e0a8525a951addb4655bc2068566407d) C:\Windows\system32\DRIVERS\61883.sys

21:01:17.0334 4968 61883 - ok

21:01:17.0384 4968 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys

21:01:17.0424 4968 ACPI - ok

21:01:17.0434 4968 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys

21:01:17.0484 4968 AcpiPmi - ok

21:01:17.0584 4968 AdobeActiveFileMonitor9.0 (c004f38974f4d321b4c20a240e1175c0) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe

21:01:17.0604 4968 AdobeActiveFileMonitor9.0 - ok

21:01:17.0664 4968 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

21:01:17.0684 4968 AdobeARMservice - ok

21:01:17.0794 4968 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

21:01:17.0804 4968 AdobeFlashPlayerUpdateSvc - ok

21:01:17.0864 4968 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

21:01:17.0894 4968 adp94xx - ok

21:01:17.0894 4968 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

21:01:17.0914 4968 adpahci - ok

21:01:17.0924 4968 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

21:01:17.0934 4968 adpu320 - ok

21:01:17.0974 4968 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll

21:01:18.0034 4968 AeLookupSvc - ok

21:01:18.0094 4968 AERTFilters (3ac22a3dfa8a050e35f0e3cd99d0cdf2) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe

21:01:18.0204 4968 AERTFilters - ok

21:01:18.0274 4968 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys

21:01:18.0304 4968 AFD - ok

21:01:18.0344 4968 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys

21:01:18.0374 4968 agp440 - ok

21:01:18.0394 4968 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe

21:01:18.0444 4968 ALG - ok

21:01:18.0454 4968 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys

21:01:18.0464 4968 aliide - ok

21:01:18.0584 4968 ALSysIO - ok

21:01:18.0654 4968 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys

21:01:18.0674 4968 amdide - ok

21:01:18.0714 4968 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

21:01:18.0744 4968 AmdK8 - ok

21:01:18.0754 4968 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

21:01:18.0774 4968 AmdPPM - ok

21:01:18.0824 4968 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys

21:01:18.0874 4968 amdsata - ok

21:01:18.0894 4968 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

21:01:18.0904 4968 amdsbs - ok

21:01:18.0924 4968 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys

21:01:18.0924 4968 amdxata - ok

21:01:18.0994 4968 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys

21:01:19.0084 4968 AppID - ok

21:01:19.0104 4968 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll

21:01:19.0174 4968 AppIDSvc - ok

21:01:19.0204 4968 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll

21:01:19.0294 4968 Appinfo - ok

21:01:19.0304 4968 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

21:01:19.0314 4968 arc - ok

21:01:19.0314 4968 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

21:01:19.0324 4968 arcsas - ok

21:01:19.0474 4968 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

21:01:19.0494 4968 aspnet_state - ok

21:01:19.0514 4968 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

21:01:19.0594 4968 AsyncMac - ok

21:01:19.0614 4968 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys

21:01:19.0624 4968 atapi - ok

21:01:19.0674 4968 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

21:01:19.0744 4968 AudioEndpointBuilder - ok

21:01:19.0754 4968 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

21:01:19.0784 4968 AudioSrv - ok

21:01:19.0814 4968 Avc (16fabe84916623d0607e4a975544032c) C:\Windows\system32\DRIVERS\avc.sys

21:01:19.0854 4968 Avc - ok

21:01:19.0894 4968 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll

21:01:19.0964 4968 AxInstSV - ok

21:01:20.0004 4968 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

21:01:20.0054 4968 b06bdrv - ok

21:01:20.0074 4968 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

21:01:20.0114 4968 b57nd60a - ok

21:01:20.0164 4968 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll

21:01:20.0204 4968 BDESVC - ok

21:01:20.0214 4968 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

21:01:20.0244 4968 Beep - ok

21:01:20.0304 4968 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll

21:01:20.0354 4968 BFE - ok

21:01:20.0384 4968 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll

21:01:20.0414 4968 BITS - ok

21:01:20.0454 4968 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

21:01:20.0484 4968 blbdrive - ok

21:01:20.0514 4968 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys

21:01:20.0544 4968 bowser - ok

21:01:20.0574 4968 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

21:01:20.0604 4968 BrFiltLo - ok

21:01:20.0624 4968 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

21:01:20.0634 4968 BrFiltUp - ok

21:01:20.0674 4968 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll

21:01:20.0734 4968 Browser - ok

21:01:20.0744 4968 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

21:01:20.0804 4968 Brserid - ok

21:01:20.0814 4968 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

21:01:20.0834 4968 BrSerWdm - ok

21:01:20.0844 4968 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

21:01:20.0864 4968 BrUsbMdm - ok

21:01:20.0884 4968 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

21:01:20.0894 4968 BrUsbSer - ok

21:01:20.0904 4968 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

21:01:20.0924 4968 BTHMODEM - ok

21:01:20.0984 4968 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll

21:01:21.0044 4968 bthserv - ok

21:01:21.0064 4968 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

21:01:21.0104 4968 cdfs - ok

21:01:21.0154 4968 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys

21:01:21.0224 4968 cdrom - ok

21:01:21.0264 4968 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

21:01:21.0314 4968 CertPropSvc - ok

21:01:21.0374 4968 cfwids (274ce03459896006f7a5069266e0469e) C:\Windows\system32\drivers\cfwids.sys

21:01:21.0434 4968 cfwids - ok

21:01:21.0434 4968 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

21:01:21.0464 4968 circlass - ok

21:01:21.0494 4968 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

21:01:21.0514 4968 CLFS - ok

21:01:21.0584 4968 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

21:01:21.0614 4968 clr_optimization_v2.0.50727_32 - ok

21:01:21.0684 4968 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

21:01:21.0704 4968 clr_optimization_v2.0.50727_64 - ok

21:01:21.0774 4968 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

21:01:21.0784 4968 clr_optimization_v4.0.30319_32 - ok

21:01:21.0824 4968 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

21:01:21.0824 4968 clr_optimization_v4.0.30319_64 - ok

21:01:21.0834 4968 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

21:01:21.0854 4968 CmBatt - ok

21:01:21.0894 4968 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys

21:01:21.0904 4968 cmdide - ok

21:01:21.0944 4968 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys

21:01:21.0974 4968 CNG - ok

21:01:21.0974 4968 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

21:01:21.0984 4968 Compbatt - ok

21:01:22.0044 4968 CompFilter64 (11cc395d18ff03e95e8c6a149c84c91b) C:\Windows\system32\DRIVERS\lvbflt64.sys

21:01:22.0054 4968 CompFilter64 - ok

21:01:22.0084 4968 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys

21:01:22.0104 4968 CompositeBus - ok

21:01:22.0114 4968 COMSysApp - ok

21:01:22.0214 4968 cpuz135 - ok

21:01:22.0284 4968 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

21:01:22.0304 4968 crcdisk - ok

21:01:22.0364 4968 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll

21:01:22.0414 4968 CryptSvc - ok

21:01:22.0474 4968 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

21:01:22.0534 4968 DcomLaunch - ok

21:01:22.0574 4968 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll

21:01:22.0634 4968 defragsvc - ok

21:01:22.0664 4968 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys

21:01:22.0714 4968 DfsC - ok

21:01:22.0764 4968 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll

21:01:22.0814 4968 Dhcp - ok

21:01:22.0904 4968 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

21:01:22.0984 4968 discache - ok

21:01:23.0024 4968 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

21:01:23.0034 4968 Disk - ok

21:01:23.0074 4968 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll

21:01:23.0184 4968 Dnscache - ok

21:01:23.0234 4968 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll

21:01:23.0294 4968 dot3svc - ok

21:01:23.0324 4968 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll

21:01:23.0374 4968 DPS - ok

21:01:23.0424 4968 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

21:01:23.0454 4968 drmkaud - ok

21:01:23.0514 4968 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys

21:01:23.0554 4968 DXGKrnl - ok

21:01:23.0594 4968 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll

21:01:23.0654 4968 EapHost - ok

21:01:23.0744 4968 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

21:01:23.0834 4968 ebdrv - ok

21:01:23.0944 4968 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe

21:01:24.0004 4968 EFS - ok

21:01:24.0034 4968 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe

21:01:24.0114 4968 ehRecvr - ok

21:01:24.0154 4968 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe

21:01:24.0194 4968 ehSched - ok

21:01:24.0244 4968 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

21:01:24.0274 4968 elxstor - ok

21:01:24.0304 4968 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys

21:01:24.0344 4968 ErrDev - ok

21:01:24.0404 4968 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll

21:01:24.0464 4968 EventSystem - ok

21:01:24.0494 4968 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

21:01:24.0544 4968 exfat - ok

21:01:24.0554 4968 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

21:01:24.0594 4968 fastfat - ok

21:01:24.0624 4968 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe

21:01:24.0684 4968 Fax - ok

21:01:24.0694 4968 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

21:01:24.0714 4968 fdc - ok

21:01:24.0724 4968 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll

21:01:24.0744 4968 fdPHost - ok

21:01:24.0754 4968 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll

21:01:24.0814 4968 FDResPub - ok

21:01:24.0834 4968 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

21:01:24.0844 4968 FileInfo - ok

21:01:24.0844 4968 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

21:01:24.0874 4968 Filetrace - ok

21:01:24.0884 4968 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

21:01:24.0894 4968 flpydisk - ok

21:01:24.0914 4968 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys

21:01:24.0924 4968 FltMgr - ok

21:01:25.0004 4968 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll

21:01:25.0084 4968 FontCache - ok

21:01:25.0214 4968 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

21:01:25.0234 4968 FontCache3.0.0.0 - ok

21:01:25.0264 4968 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

21:01:25.0294 4968 FsDepends - ok

21:01:25.0334 4968 fssfltr (07da62c960ddccc2d35836aeab4fc578) C:\Windows\system32\DRIVERS\fssfltr.sys

21:01:25.0404 4968 fssfltr - ok

21:01:25.0564 4968 fsssvc (28ddeeec44e988657b732cf404d504cb) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe

21:01:25.0604 4968 fsssvc - ok

21:01:25.0674 4968 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys

21:01:25.0724 4968 Fs_Rec - ok

21:01:25.0794 4968 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys

21:01:25.0824 4968 fvevol - ok

21:01:25.0844 4968 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

21:01:25.0854 4968 gagp30kx - ok

21:01:25.0914 4968 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll

21:01:25.0984 4968 gpsvc - ok

21:01:26.0084 4968 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

21:01:26.0104 4968 gupdate - ok

21:01:26.0124 4968 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

21:01:26.0144 4968 gupdatem - ok

21:01:26.0164 4968 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

21:01:26.0204 4968 hcw85cir - ok

21:01:26.0254 4968 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys

21:01:26.0284 4968 HDAudBus - ok

21:01:26.0304 4968 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

21:01:26.0334 4968 HidBatt - ok

21:01:26.0344 4968 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

21:01:26.0374 4968 HidBth - ok

21:01:26.0384 4968 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

21:01:26.0404 4968 HidIr - ok

21:01:26.0434 4968 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll

21:01:26.0474 4968 hidserv - ok

21:01:26.0504 4968 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys

21:01:26.0524 4968 HidUsb - ok

21:01:26.0554 4968 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll

21:01:26.0624 4968 hkmsvc - ok

21:01:26.0654 4968 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll

21:01:26.0704 4968 HomeGroupListener - ok

21:01:26.0734 4968 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll

21:01:26.0754 4968 HomeGroupProvider - ok

21:01:26.0864 4968 hpqcxs08 (0a3c6aa4a9fc38c20ba4eac2c3351c05) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll

21:01:26.0884 4968 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning

21:01:26.0884 4968 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)

21:01:26.0904 4968 hpqddsvc (f3f72a2a86c22610bca5439fa789dd52) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll

21:01:26.0924 4968 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning

21:01:26.0924 4968 hpqddsvc - detected UnsignedFile.Multi.Generic (1)

21:01:26.0944 4968 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys

21:01:26.0954 4968 HpSAMD - ok

21:01:26.0984 4968 HPSLPSVC (d972f48d0ce396759b788693cd665926) C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL

21:01:27.0014 4968 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning

21:01:27.0014 4968 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)

21:01:27.0074 4968 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys

21:01:27.0124 4968 HTTP - ok

21:01:27.0154 4968 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys

21:01:27.0194 4968 hwpolicy - ok

21:01:27.0244 4968 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys

21:01:27.0284 4968 i8042prt - ok

21:01:27.0314 4968 iaStor (1d004cb1da6323b1f55caef7f94b61d9) C:\Windows\system32\DRIVERS\iaStor.sys

21:01:27.0324 4968 iaStor - ok

21:01:27.0374 4968 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys

21:01:27.0454 4968 iaStorV - ok

21:01:27.0544 4968 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

21:01:27.0564 4968 IDriverT ( UnsignedFile.Multi.Generic ) - warning

21:01:27.0564 4968 IDriverT - detected UnsignedFile.Multi.Generic (1)

21:01:27.0694 4968 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

21:01:27.0724 4968 idsvc - ok

21:01:27.0814 4968 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

21:01:27.0844 4968 iirsp - ok

21:01:27.0894 4968 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll

21:01:27.0954 4968 IKEEXT - ok

21:01:28.0164 4968 IntcAzAudAddService (d42d651676883181400e22957a7e0b1e) C:\Windows\system32\drivers\RTKVHD64.sys

21:01:28.0254 4968 IntcAzAudAddService - ok

21:01:28.0314 4968 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys

21:01:28.0344 4968 intelide - ok

21:01:28.0364 4968 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

21:01:28.0394 4968 intelppm - ok

21:01:28.0434 4968 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll

21:01:28.0484 4968 IPBusEnum - ok

21:01:28.0514 4968 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys

21:01:28.0594 4968 IpFilterDriver - ok

21:01:28.0614 4968 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll

21:01:28.0684 4968 iphlpsvc - ok

21:01:28.0704 4968 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys

21:01:28.0724 4968 IPMIDRV - ok

21:01:28.0744 4968 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

21:01:28.0774 4968 IPNAT - ok

21:01:28.0794 4968 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

21:01:28.0824 4968 IRENUM - ok

21:01:28.0834 4968 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys

21:01:28.0844 4968 isapnp - ok

21:01:28.0864 4968 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys

21:01:28.0914 4968 iScsiPrt - ok

21:01:28.0954 4968 k57nd60a (249ee2d26cb1530f3bede0ac8b9e3099) C:\Windows\system32\DRIVERS\k57nd60a.sys

21:01:28.0984 4968 k57nd60a - ok

21:01:29.0024 4968 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys

21:01:29.0054 4968 kbdclass - ok

21:01:29.0054 4968 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys

21:01:29.0114 4968 kbdhid - ok

21:01:29.0154 4968 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

21:01:29.0164 4968 KeyIso - ok

21:01:29.0164 4968 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys

21:01:29.0174 4968 KSecDD - ok

21:01:29.0184 4968 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys

21:01:29.0204 4968 KSecPkg - ok

21:01:29.0204 4968 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

21:01:29.0244 4968 ksthunk - ok

21:01:29.0284 4968 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll

21:01:29.0354 4968 KtmRm - ok

21:01:29.0384 4968 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll

21:01:29.0414 4968 LanmanServer - ok

21:01:29.0464 4968 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll

21:01:29.0524 4968 LanmanWorkstation - ok

21:01:29.0534 4968 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

21:01:29.0594 4968 lltdio - ok

21:01:29.0614 4968 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll

21:01:29.0654 4968 lltdsvc - ok

21:01:29.0664 4968 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll

21:01:29.0694 4968 lmhosts - ok

21:01:29.0714 4968 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

21:01:29.0724 4968 LSI_FC - ok

21:01:29.0724 4968 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

21:01:29.0734 4968 LSI_SAS - ok

21:01:29.0744 4968 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

21:01:29.0754 4968 LSI_SAS2 - ok

21:01:29.0754 4968 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

21:01:29.0764 4968 LSI_SCSI - ok

21:01:29.0774 4968 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

21:01:29.0814 4968 luafv - ok

21:01:29.0874 4968 LVRS64 (ef586b959f747e74c76603ff16ae417b) C:\Windows\system32\DRIVERS\lvrs64.sys

21:01:29.0894 4968 LVRS64 - ok

21:01:30.0054 4968 LVUVC64 (edf73bfa1bd24d74d1d64dc0ed28a7cd) C:\Windows\system32\DRIVERS\lvuvc64.sys

21:01:30.0154 4968 LVUVC64 - ok

21:01:30.0294 4968 McAfee SiteAdvisor Service (be8c524313db75fa26fb2b0c0aaff88e) c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe

21:01:30.0364 4968 McAfee SiteAdvisor Service - ok

21:01:30.0454 4968 McMPFSvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

21:01:30.0474 4968 McMPFSvc - ok

21:01:30.0514 4968 mcmscsvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

21:01:30.0534 4968 mcmscsvc - ok

21:01:30.0544 4968 McNaiAnn (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

21:01:30.0554 4968 McNaiAnn - ok

21:01:30.0564 4968 McNASvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

21:01:30.0574 4968 McNASvc - ok

21:01:30.0624 4968 McODS (dd2321925274f2902929d76ce2b0eb45) C:\Program Files\McAfee\VirusScan\mcods.exe

21:01:30.0634 4968 McODS - ok

21:01:30.0634 4968 McOobeSv (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

21:01:30.0644 4968 McOobeSv - ok

21:01:30.0654 4968 McProxy (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

21:01:30.0654 4968 McProxy - ok

21:01:30.0714 4968 McShield (e998e3b12101288d716558466cbf6ae1) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe

21:01:30.0784 4968 McShield - ok

21:01:30.0884 4968 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll

21:01:30.0934 4968 Mcx2Svc - ok

21:01:30.0984 4968 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

21:01:31.0004 4968 megasas - ok

21:01:31.0024 4968 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

21:01:31.0034 4968 MegaSR - ok

21:01:31.0114 4968 mfeapfk (01884cb7655c8908b43ff5e364fe6fd2) C:\Windows\system32\drivers\mfeapfk.sys

21:01:31.0134 4968 mfeapfk - ok

21:01:31.0174 4968 mfeavfk (dab9a9cdfb04e4d68924492aa043019d) C:\Windows\system32\drivers\mfeavfk.sys

21:01:31.0194 4968 mfeavfk - ok

21:01:31.0214 4968 mfeavfk01 - ok

21:01:31.0224 4968 mfefire (b26782c3d6045b4464017d7926877560) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe

21:01:31.0244 4968 mfefire - ok

21:01:31.0284 4968 mfefirek (ce9a3680675c0907ade16404ca967b49) C:\Windows\system32\drivers\mfefirek.sys

21:01:31.0314 4968 mfefirek - ok

21:01:31.0374 4968 mfehidk (60cf67458dd29cd17e77f2327b1a9a54) C:\Windows\system32\drivers\mfehidk.sys

21:01:31.0414 4968 mfehidk - ok

21:01:31.0464 4968 mfenlfk (a8129cfb919347f8533c934b365e9202) C:\Windows\system32\DRIVERS\mfenlfk.sys

21:01:31.0524 4968 mfenlfk - ok

21:01:31.0554 4968 mferkdet (5041fa2bd2b3a2693b015771bfbf6dca) C:\Windows\system32\drivers\mferkdet.sys

21:01:31.0574 4968 mferkdet - ok

21:01:31.0594 4968 mfevtp (723a5eb6cef7f408c3d0f15a82a6bff8) C:\Windows\system32\mfevtps.exe

21:01:31.0634 4968 mfevtp - ok

21:01:31.0644 4968 mfewfpk (919c56db14a0e1e2ab6da5d2821dc26e) C:\Windows\system32\drivers\mfewfpk.sys

21:01:31.0654 4968 mfewfpk - ok

21:01:31.0704 4968 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

21:01:31.0724 4968 MMCSS - ok

21:01:31.0754 4968 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

21:01:31.0814 4968 Modem - ok

21:01:31.0824 4968 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

21:01:31.0844 4968 monitor - ok

21:01:31.0894 4968 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

21:01:31.0914 4968 mouclass - ok

21:01:31.0924 4968 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

21:01:31.0954 4968 mouhid - ok

21:01:32.0004 4968 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys

21:01:32.0024 4968 mountmgr - ok

21:01:32.0094 4968 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

21:01:32.0124 4968 MozillaMaintenance - ok

21:01:32.0154 4968 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys

21:01:32.0164 4968 mpio - ok

21:01:32.0164 4968 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

21:01:32.0194 4968 mpsdrv - ok

21:01:32.0224 4968 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll

21:01:32.0264 4968 MpsSvc - ok

21:01:32.0294 4968 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys

21:01:32.0314 4968 MRxDAV - ok

21:01:32.0344 4968 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys

21:01:32.0364 4968 mrxsmb - ok

21:01:32.0394 4968 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys

21:01:32.0404 4968 mrxsmb10 - ok

21:01:32.0444 4968 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

21:01:32.0454 4968 mrxsmb20 - ok

21:01:32.0484 4968 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys

21:01:32.0504 4968 msahci - ok

21:01:32.0534 4968 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys

21:01:32.0594 4968 msdsm - ok

21:01:32.0634 4968 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe

21:01:32.0674 4968 MSDTC - ok

21:01:32.0724 4968 MSDV (72949a24d37a20a54b3d4d3dadbb55e9) C:\Windows\system32\DRIVERS\msdv.sys

21:01:32.0764 4968 MSDV - ok

21:01:32.0794 4968 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

21:01:32.0854 4968 Msfs - ok

21:01:32.0864 4968 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

21:01:32.0894 4968 mshidkmdf - ok

21:01:32.0904 4968 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys

21:01:32.0914 4968 msisadrv - ok

21:01:32.0954 4968 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll

21:01:32.0994 4968 MSiSCSI - ok

21:01:32.0994 4968 msiserver - ok

21:01:33.0104 4968 MSK80Service (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

21:01:33.0134 4968 MSK80Service - ok

21:01:33.0154 4968 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

21:01:33.0214 4968 MSKSSRV - ok

21:01:33.0224 4968 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

21:01:33.0274 4968 MSPCLOCK - ok

21:01:33.0294 4968 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

21:01:33.0344 4968 MSPQM - ok

21:01:33.0384 4968 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys

21:01:33.0404 4968 MsRPC - ok

21:01:33.0454 4968 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys

21:01:33.0474 4968 mssmbios - ok

21:01:33.0554 4968 MSSQL$SQLEXPRESS - ok

21:01:33.0604 4968 MSSQLServerADHelper100 (7a2a8c975356858eb38466a6b1592e8d) c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE

21:01:33.0624 4968 MSSQLServerADHelper100 - ok

21:01:33.0634 4968 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

21:01:33.0664 4968 MSTEE - ok

21:01:33.0674 4968 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

21:01:33.0684 4968 MTConfig - ok

21:01:33.0704 4968 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

21:01:33.0714 4968 Mup - ok

21:01:33.0724 4968 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll

21:01:33.0784 4968 napagent - ok

21:01:33.0814 4968 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

21:01:33.0844 4968 NativeWifiP - ok

21:01:33.0864 4968 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys

21:01:33.0884 4968 NDIS - ok

21:01:33.0894 4968 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

21:01:33.0924 4968 NdisCap - ok

21:01:33.0944 4968 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

21:01:33.0974 4968 NdisTapi - ok

21:01:34.0004 4968 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys

21:01:34.0064 4968 Ndisuio - ok

21:01:34.0094 4968 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys

21:01:34.0124 4968 NdisWan - ok

21:01:34.0154 4968 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys

21:01:34.0174 4968 NDProxy - ok

21:01:34.0214 4968 Net Driver HPZ12 (d5ac41ae382738483faffbd7e373d49a) C:\Windows\system32\HPZinw12.dll

21:01:34.0234 4968 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning

21:01:34.0234 4968 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)

21:01:34.0244 4968 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

21:01:34.0304 4968 NetBIOS - ok

21:01:34.0314 4968 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys

21:01:34.0344 4968 NetBT - ok

21:01:34.0384 4968 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

21:01:34.0414 4968 Netlogon - ok

21:01:34.0444 4968 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll

21:01:34.0514 4968 Netman - ok

21:01:34.0654 4968 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

21:01:34.0714 4968 NetMsmqActivator - ok

21:01:34.0754 4968 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

21:01:34.0824 4968 NetPipeActivator - ok

21:01:34.0844 4968 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll

21:01:34.0874 4968 netprofm - ok

21:01:34.0874 4968 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

21:01:34.0924 4968 NetTcpActivator - ok

21:01:34.0924 4968 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

21:01:34.0974 4968 NetTcpPortSharing - ok

21:01:35.0044 4968 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

21:01:35.0064 4968 nfrd960 - ok

21:01:35.0104 4968 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll

21:01:35.0174 4968 NlaSvc - ok

21:01:35.0194 4968 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

21:01:35.0214 4968 Npfs - ok

21:01:35.0244 4968 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll

21:01:35.0294 4968 nsi - ok

21:01:35.0294 4968 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

21:01:35.0334 4968 nsiproxy - ok

21:01:35.0414 4968 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys

21:01:35.0474 4968 Ntfs - ok

21:01:35.0584 4968 nTuneService - ok

21:01:35.0654 4968 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

21:01:35.0684 4968 Null - ok

21:01:35.0714 4968 nusb3hub (f5bc2345e8c89d4e90fafd23a2239935) C:\Windows\system32\DRIVERS\nusb3hub.sys

21:01:35.0744 4968 nusb3hub - ok

21:01:35.0804 4968 nusb3xhc (5d42578241bc2a9b4a64837077436d5f) C:\Windows\system32\DRIVERS\nusb3xhc.sys

21:01:35.0884 4968 nusb3xhc - ok

21:01:36.0234 4968 nvlddmkm (b15258b1f45f9571758ac6bb2f043b01) C:\Windows\system32\DRIVERS\nvlddmkm.sys

21:01:36.0504 4968 nvlddmkm - ok

21:01:36.0584 4968 nvoclk64 (8c1d181480796d7d3366a9381fd7782d) C:\Windows\system32\DRIVERS\nvoclk64.sys

21:01:36.0624 4968 nvoclk64 - ok

21:01:36.0654 4968 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys

21:01:36.0684 4968 nvraid - ok

21:01:36.0714 4968 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys

21:01:36.0734 4968 nvstor - ok

21:01:36.0804 4968 nvsvc (2d7092fec9bd2aca199673bba2ba9277) C:\Windows\system32\nvvsvc.exe

21:01:36.0874 4968 nvsvc - ok

21:01:37.0034 4968 nvUpdatusService (7e22de30e222bfdfcec7e77032baf3cd) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

21:01:37.0074 4968 nvUpdatusService - ok

21:01:37.0134 4968 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys

21:01:37.0164 4968 nv_agp - ok

21:01:37.0184 4968 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys

21:01:37.0214 4968 ohci1394 - ok

21:01:37.0294 4968 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

21:01:37.0314 4968 ose - ok

21:01:37.0534 4968 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

21:01:37.0634 4968 osppsvc - ok

21:01:37.0704 4968 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

21:01:37.0744 4968 p2pimsvc - ok

21:01:37.0774 4968 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll

21:01:37.0784 4968 p2psvc - ok

21:01:37.0814 4968 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

21:01:37.0824 4968 Parport - ok

21:01:37.0854 4968 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys

21:01:37.0884 4968 partmgr - ok

21:01:37.0894 4968 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll

21:01:37.0934 4968 PcaSvc - ok

21:01:37.0974 4968 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys

21:01:38.0004 4968 pci - ok

21:01:38.0004 4968 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys

21:01:38.0014 4968 pciide - ok

21:01:38.0024 4968 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

21:01:38.0044 4968 pcmcia - ok

21:01:38.0064 4968 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

21:01:38.0074 4968 pcw - ok

21:01:38.0084 4968 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

21:01:38.0124 4968 PEAUTH - ok

21:01:38.0174 4968 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe

21:01:38.0214 4968 PerfHost - ok

21:01:38.0314 4968 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll

21:01:38.0384 4968 pla - ok

21:01:38.0424 4968 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll

21:01:38.0484 4968 PlugPlay - ok

21:01:38.0524 4968 Pml Driver HPZ12 (37f6046cdc630442d7dc087501ff6fc6) C:\Windows\system32\HPZipm12.dll

21:01:38.0534 4968 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning

21:01:38.0534 4968 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)

21:01:38.0594 4968 pmxdrv (34bfc6ed31b4e8be940c884b8ac7d9df) C:\Windows\system32\drivers\pmxdrv.sys

21:01:38.0614 4968 pmxdrv - ok

21:01:38.0634 4968 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll

21:01:38.0664 4968 PNRPAutoReg - ok

21:01:38.0684 4968 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

21:01:38.0704 4968 PNRPsvc - ok

21:01:38.0744 4968 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll

21:01:38.0834 4968 PolicyAgent - ok

21:01:38.0874 4968 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll

21:01:38.0914 4968 Power - ok

21:01:38.0954 4968 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys

21:01:39.0024 4968 PptpMiniport - ok

21:01:39.0044 4968 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

21:01:39.0084 4968 Processor - ok

21:01:39.0114 4968 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll

21:01:39.0144 4968 ProfSvc - ok

21:01:39.0184 4968 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

21:01:39.0204 4968 ProtectedStorage - ok

21:01:39.0244 4968 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys

21:01:39.0284 4968 Psched - ok

21:01:39.0294 4968 pssPCI - ok

21:01:39.0334 4968 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys

21:01:39.0354 4968 PxHlpa64 - ok

21:01:39.0434 4968 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

21:01:39.0504 4968 ql2300 - ok

21:01:39.0614 4968 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

21:01:39.0634 4968 ql40xx - ok

21:01:39.0674 4968 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll

21:01:39.0704 4968 QWAVE - ok

21:01:39.0704 4968 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

21:01:39.0734 4968 QWAVEdrv - ok

21:01:39.0794 4968 RapiMgr (a55e7d0d873b2c97585b3b5926ac6ade) C:\Windows\WindowsMobile\rapimgr.dll

21:01:39.0814 4968 RapiMgr - ok

21:01:39.0814 4968 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

21:01:39.0844 4968 RasAcd - ok

21:01:39.0874 4968 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

21:01:39.0914 4968 RasAgileVpn - ok

21:01:39.0924 4968 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll

21:01:39.0964 4968 RasAuto - ok

21:01:39.0994 4968 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys

21:01:40.0024 4968 Rasl2tp - ok

21:01:40.0044 4968 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll

21:01:40.0074 4968 RasMan - ok

21:01:40.0084 4968 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

21:01:40.0124 4968 RasPppoe - ok

21:01:40.0134 4968 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

21:01:40.0174 4968 RasSstp - ok

21:01:40.0214 4968 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys

21:01:40.0294 4968 rdbss - ok

21:01:40.0294 4968 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

21:01:40.0304 4968 rdpbus - ok

21:01:40.0324 4968 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

21:01:40.0354 4968 RDPCDD - ok

21:01:40.0374 4968 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

21:01:40.0404 4968 RDPENCDD - ok

21:01:40.0414 4968 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

21:01:40.0444 4968 RDPREFMP - ok

21:01:40.0474 4968 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys

21:01:40.0534 4968 RDPWD - ok

21:01:40.0554 4968 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys

21:01:40.0564 4968 rdyboost - ok

21:01:40.0594 4968 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll

21:01:40.0634 4968 RemoteAccess - ok

21:01:40.0664 4968 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll

21:01:40.0724 4968 RemoteRegistry - ok

21:01:40.0874 4968 RoxMediaDB10 (05fc44d32a144925eae45570029fd6e1) c:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe

21:01:40.0904 4968 RoxMediaDB10 - ok

21:01:40.0924 4968 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll

21:01:40.0964 4968 RpcEptMapper - ok

21:01:40.0974 4968 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe

21:01:40.0994 4968 RpcLocator - ok

21:01:41.0064 4968 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

21:01:41.0084 4968 RpcSs - ok

21:01:41.0144 4968 RsFx0103 (cd553b8633466a6d1c115812f2619f1f) C:\Windows\system32\DRIVERS\RsFx0103.sys

21:01:41.0164 4968 RsFx0103 - ok

21:01:41.0204 4968 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

21:01:41.0224 4968 rspndr - ok

21:01:41.0224 4968 RxFilter - ok

21:01:41.0264 4968 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

21:01:41.0274 4968 SamSs - ok

21:01:41.0304 4968 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys

21:01:41.0354 4968 sbp2port - ok

21:01:41.0394 4968 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll

21:01:41.0444 4968 SCardSvr - ok

21:01:41.0474 4968 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys

21:01:41.0524 4968 scfilter - ok

21:01:41.0564 4968 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll

21:01:41.0594 4968 Schedule - ok

21:01:41.0624 4968 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

21:01:41.0654 4968 SCPolicySvc - ok

21:01:41.0664 4968 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll

21:01:41.0714 4968 SDRSVC - ok

21:01:41.0834 4968 SDScannerService (e1f35f902b825c7b18236271f398dda2) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe

21:01:41.0864 4968 SDScannerService - ok

21:01:41.0924 4968 SDUpdateService (2db434f4ce96b3fb65d44b3ad5a4de3e) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe

21:01:41.0944 4968 SDUpdateService - ok

21:01:41.0954 4968 SDWSCService (59dce6783f9ed27eb72c81466e363bf8) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe

21:01:41.0964 4968 SDWSCService - ok

21:01:42.0044 4968 SeaPort (16a252022535b680046f6e34e136d378) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

21:01:42.0074 4968 SeaPort - ok

21:01:42.0184 4968 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

21:01:42.0224 4968 secdrv - ok

21:01:42.0234 4968 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll

21:01:42.0264 4968 seclogon - ok

21:01:42.0304 4968 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll

21:01:42.0344 4968 SENS - ok

21:01:42.0364 4968 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll

21:01:42.0414 4968 SensrSvc - ok

21:01:42.0444 4968 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

21:01:42.0474 4968 Serenum - ok

21:01:42.0484 4968 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

21:01:42.0494 4968 Serial - ok

21:01:42.0514 4968 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

21:01:42.0524 4968 sermouse - ok

21:01:42.0564 4968 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll

21:01:42.0624 4968 SessionEnv - ok

21:01:42.0634 4968 SessionLauncher - ok

21:01:42.0664 4968 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys

21:01:42.0714 4968 sffdisk - ok

21:01:42.0724 4968 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys

21:01:42.0734 4968 sffp_mmc - ok

21:01:42.0734 4968 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys

21:01:42.0754 4968 sffp_sd - ok

21:01:42.0754 4968 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

21:01:42.0794 4968 sfloppy - ok

21:01:42.0814 4968 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll

21:01:42.0844 4968 SharedAccess - ok

21:01:42.0864 4968 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll

21:01:42.0894 4968 ShellHWDetection - ok

21:01:42.0904 4968 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

21:01:42.0914 4968 SiSRaid2 - ok

21:01:42.0924 4968 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

21:01:42.0934 4968 SiSRaid4 - ok

21:01:43.0004 4968 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files (x86)\Skype\Updater\Updater.exe

21:01:45.0304 4968 SkypeUpdate - ok

21:01:45.0314 4968 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

21:01:45.0344 4968 Smb - ok

21:01:45.0504 4968 SMSv3_0_2hs (4787ea164e01cafbf5da384b6edc9fc5) C:\Program Files (x86)\Rosetta Stone\SMS v3.0.2hs\Service\JavaSrvc.exe

21:01:45.0534 4968 SMSv3_0_2hs ( UnsignedFile.Multi.Generic ) - warning

21:01:45.0534 4968 SMSv3_0_2hs - detected UnsignedFile.Multi.Generic (1)

21:01:45.0644 4968 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe

21:01:45.0674 4968 SNMPTRAP - ok

21:01:45.0874 4968 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

21:01:45.0894 4968 spldr - ok

21:01:45.0934 4968 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe

21:01:46.0014 4968 Spooler - ok

21:01:46.0144 4968 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe

21:01:46.0224 4968 sppsvc - ok

21:01:46.0304 4968 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll

21:01:46.0354 4968 sppuinotify - ok

21:01:46.0474 4968 SQLAgent$SQLEXPRESS (a5609d0178b2fec118a7f4a24ecd1bfb) c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE

21:01:46.0534 4968 SQLAgent$SQLEXPRESS - ok

21:01:46.0614 4968 SQLBrowser (b54b48f6d92423440c264e91225c5ff1) c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe

21:01:46.0634 4968 SQLBrowser - ok

21:01:46.0704 4968 SQLWriter (c298d989d717cb153702e397b6d9aaad) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

21:01:46.0724 4968 SQLWriter - ok

21:01:46.0784 4968 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys

21:01:46.0814 4968 srv - ok

21:01:46.0824 4968 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys

21:01:46.0854 4968 srv2 - ok

21:01:46.0864 4968 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys

21:01:46.0884 4968 srvnet - ok

21:01:46.0934 4968 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll

21:01:46.0994 4968 SSDPSRV - ok

21:01:47.0014 4968 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll

21:01:47.0044 4968 SstpSvc - ok

21:01:47.0094 4968 Steam Client Service - ok

21:01:47.0194 4968 Stereo Service (9e1222c417291bc836210743624a8e5e) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

21:01:47.0224 4968 Stereo Service - ok

21:01:47.0254 4968 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

21:01:47.0284 4968 stexstor - ok

21:01:47.0294 4968 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys

21:01:47.0334 4968 StillCam - ok

21:01:47.0394 4968 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll

21:01:47.0434 4968 stisvc - ok

21:01:47.0474 4968 stllssvr (ff5eb78af7dfb68c2fb363537aaf753e) c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe

21:01:47.0484 4968 stllssvr - ok

21:01:47.0504 4968 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys

21:01:47.0514 4968 swenum - ok

21:01:47.0544 4968 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll

21:01:47.0604 4968 swprv - ok

21:01:47.0664 4968 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll

21:01:47.0744 4968 SysMain - ok

21:01:47.0814 4968 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll

21:01:47.0854 4968 TabletInputService - ok

21:01:47.0874 4968 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll

21:01:47.0934 4968 TapiSrv - ok

21:01:47.0944 4968 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll

21:01:47.0964 4968 TBS - ok

21:01:48.0064 4968 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys

21:01:48.0134 4968 Tcpip - ok

21:01:48.0244 4968 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys

21:01:48.0264 4968 TCPIP6 - ok

21:01:48.0344 4968 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys

21:01:48.0394 4968 tcpipreg - ok

21:01:48.0434 4968 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

21:01:48.0464 4968 TDPIPE - ok

21:01:48.0504 4968 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys

21:01:48.0534 4968 TDTCP - ok

21:01:48.0564 4968 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys

21:01:48.0604 4968 tdx - ok

21:01:48.0644 4968 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys

21:01:48.0664 4968 TermDD - ok

21:01:48.0684 4968 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll

21:01:48.0714 4968 TermService - ok

21:01:48.0724 4968 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll

21:01:48.0754 4968 Themes - ok

21:01:48.0794 4968 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

21:01:48.0824 4968 THREADORDER - ok

21:01:48.0844 4968 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll

21:01:48.0874 4968 TrkWks - ok

21:01:48.0934 4968 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe

21:01:48.0974 4968 TrustedInstaller - ok

21:01:49.0004 4968 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys

21:01:49.0064 4968 tssecsrv - ok

21:01:49.0084 4968 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys

21:01:49.0104 4968 TsUsbFlt - ok

21:01:49.0154 4968 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys

21:01:49.0254 4968 tunnel - ok

21:01:49.0304 4968 TurboB (f37d49111a12a97de4bb5d8ff444bd2c) C:\Windows\system32\DRIVERS\TurboB.sys

21:01:49.0374 4968 TurboB - ok

21:01:49.0474 4968 TurboBoost (44d81b1bfd2428274bba98316d9606dc) C:\Program Files\Intel\TurboBoost\TurboBoost.exe

21:01:49.0494 4968 TurboBoost - ok

21:01:49.0534 4968 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

21:01:49.0554 4968 uagp35 - ok

21:01:49.0574 4968 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys

21:01:49.0634 4968 udfs - ok

21:01:49.0664 4968 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe

21:01:49.0674 4968 UI0Detect - ok

21:01:49.0704 4968 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys

21:01:49.0714 4968 uliagpkx - ok

21:01:49.0764 4968 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys

21:01:49.0794 4968 umbus - ok

21:01:49.0824 4968 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

21:01:49.0854 4968 UmPass - ok

21:01:49.0964 4968 UMVPFSrv (8b802b483cbde06f62dbc04dc7afaf8e) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe

21:01:50.0024 4968 UMVPFSrv - ok

21:01:50.0064 4968 UpdateCenterService - ok

21:01:50.0094 4968 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll

21:01:50.0144 4968 upnphost - ok

21:01:50.0174 4968 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys

21:01:50.0184 4968 usbaudio - ok

21:01:50.0214 4968 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys

21:01:50.0294 4968 usbccgp - ok

21:01:50.0314 4968 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys

21:01:50.0324 4968 usbcir - ok

21:01:50.0344 4968 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys

21:01:50.0364 4968 usbehci - ok

21:01:50.0394 4968 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys

21:01:50.0434 4968 usbhub - ok

21:01:50.0454 4968 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys

21:01:50.0524 4968 usbohci - ok

21:01:50.0554 4968 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

21:01:50.0594 4968 usbprint - ok

21:01:50.0624 4968 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS

21:01:50.0684 4968 USBSTOR - ok

21:01:50.0684 4968 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys

21:01:50.0734 4968 usbuhci - ok

21:01:50.0784 4968 usb_rndisx (70d05ee263568a742d14e1876df80532) C:\Windows\system32\DRIVERS\usb8023x.sys

21:01:50.0804 4968 usb_rndisx - ok

21:01:50.0834 4968 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll

21:01:50.0864 4968 UxSms - ok

21:01:50.0934 4968 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

21:01:50.0954 4968 VaultSvc - ok

21:01:51.0054 4968 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys

21:01:51.0094 4968 vdrvroot - ok

21:01:51.0134 4968 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe

21:01:51.0194 4968 vds - ok

21:01:51.0194 4968 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

21:01:51.0204 4968 vga - ok

21:01:51.0234 4968 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

21:01:51.0284 4968 VgaSave - ok

21:01:51.0294 4968 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys

21:01:51.0344 4968 vhdmp - ok

21:01:51.0364 4968 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys

21:01:51.0374 4968 viaide - ok

21:01:51.0424 4968 vmm (21c96aa588d3993191761a08dbaabb15) C:\Windows\system32\Drivers\vmm.sys

21:01:51.0454 4968 vmm - ok

21:01:51.0454 4968 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys

21:01:51.0464 4968 volmgr - ok

21:01:51.0504 4968 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys

21:01:51.0524 4968 volmgrx - ok

21:01:51.0544 4968 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys

21:01:51.0554 4968 volsnap - ok

21:01:51.0564 4968 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

21:01:51.0584 4968 vsmraid - ok

21:01:51.0664 4968 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe

21:01:51.0724 4968 VSS - ok

21:01:51.0834 4968 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys

21:01:51.0874 4968 vwifibus - ok

21:01:51.0894 4968 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll

21:01:51.0944 4968 W32Time - ok

21:01:51.0944 4968 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

21:01:51.0964 4968 WacomPen - ok

21:01:51.0974 4968 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

21:01:52.0034 4968 WANARP - ok

21:01:52.0034 4968 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

21:01:52.0054 4968 Wanarpv6 - ok

21:01:52.0124 4968 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe

21:01:52.0174 4968 WatAdminSvc - ok

21:01:52.0234 4968 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe

21:01:52.0304 4968 wbengine - ok

21:01:52.0344 4968 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll

21:01:52.0384 4968 WbioSrvc - ok

21:01:52.0464 4968 WcesComm (8bda6db43aa54e8bb5e0794541ddc209) C:\Windows\WindowsMobile\wcescomm.dll

21:01:52.0494 4968 WcesComm - ok

21:01:52.0524 4968 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll

21:01:52.0554 4968 wcncsvc - ok

21:01:52.0574 4968 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll

21:01:52.0634 4968 WcsPlugInService - ok

21:01:52.0674 4968 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

21:01:52.0694 4968 Wd - ok

21:01:52.0724 4968 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

21:01:52.0734 4968 Wdf01000 - ok

21:01:52.0744 4968 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

21:01:52.0834 4968 WdiServiceHost - ok

21:01:52.0834 4968 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

21:01:52.0864 4968 WdiSystemHost - ok

21:01:52.0914 4968 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll

21:01:52.0954 4968 WebClient - ok

21:01:52.0974 4968 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll

21:01:53.0024 4968 Wecsvc - ok

21:01:53.0034 4968 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll

21:01:53.0074 4968 wercplsupport - ok

21:01:53.0094 4968 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll

21:01:53.0124 4968 WerSvc - ok

21:01:53.0164 4968 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

21:01:53.0204 4968 WfpLwf - ok

21:01:53.0204 4968 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

21:01:53.0214 4968 WIMMount - ok

21:01:53.0264 4968 WinDefend - ok

21:01:53.0274 4968 WinHttpAutoProxySvc - ok

21:01:53.0324 4968 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll

21:01:53.0364 4968 Winmgmt - ok

21:01:53.0444 4968 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll

21:01:53.0514 4968 WinRM - ok

21:01:53.0584 4968 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys

21:01:53.0664 4968 WinUsb - ok

21:01:53.0694 4968 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll

21:01:53.0714 4968 Wlansvc - ok

21:01:53.0804 4968 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

21:01:53.0824 4968 wlcrasvc - ok

21:01:53.0934 4968 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

21:01:53.0964 4968 wlidsvc - ok

21:01:54.0004 4968 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys

21:01:54.0024 4968 WmiAcpi - ok

21:01:54.0104 4968 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe

21:01:54.0134 4968 wmiApSrv - ok

21:01:54.0154 4968 WMPNetworkSvc - ok

21:01:54.0164 4968 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll

21:01:54.0194 4968 WPCSvc - ok

21:01:54.0224 4968 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll

21:01:54.0244 4968 WPDBusEnum - ok

21:01:54.0274 4968 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

21:01:54.0334 4968 ws2ifsl - ok

21:01:54.0354 4968 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll

21:01:54.0394 4968 wscsvc - ok

21:01:54.0444 4968 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys

21:01:54.0484 4968 WSDPrintDevice - ok

21:01:54.0484 4968 WSearch - ok

21:01:54.0584 4968 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll

21:01:54.0664 4968 wuauserv - ok

21:01:54.0764 4968 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys

21:01:54.0824 4968 WudfPf - ok

21:01:54.0844 4968 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys

21:01:54.0884 4968 WUDFRd - ok

21:01:54.0914 4968 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll

21:01:54.0934 4968 wudfsvc - ok

21:01:54.0954 4968 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll

21:01:54.0994 4968 WwanSvc - ok

21:01:55.0014 4968 MBR (0x1B8) (cdb4de4bbd714f152979da2dcbef57eb) \Device\Harddisk0\DR0

21:01:55.0214 4968 \Device\Harddisk0\DR0 - ok

21:01:59.0914 4968 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk5\DR7

21:02:00.0054 4968 \Device\Harddisk5\DR7 - ok

21:02:00.0054 4968 Boot (0x1200) (a5c682221bb3be9ca89446427c662f59) \Device\Harddisk0\DR0\Partition0

21:02:00.0064 4968 \Device\Harddisk0\DR0\Partition0 - ok

21:02:00.0084 4968 Boot (0x1200) (78d9b7da3fb3aea9283e388faf2c2666) \Device\Harddisk0\DR0\Partition1

21:02:00.0084 4968 \Device\Harddisk0\DR0\Partition1 - ok

21:02:00.0134 4968 Boot (0x1200) (965458fc126dd2778950c2001965740a) \Device\Harddisk5\DR7\Partition0

21:02:00.0144 4968 \Device\Harddisk5\DR7\Partition0 - ok

21:02:00.0144 4968 ============================================================

21:02:00.0144 4968 Scan finished

21:02:00.0144 4968 ============================================================

21:02:00.0154 6408 Detected object count: 7

21:02:00.0154 6408 Actual detected object count: 7

21:02:43.0394 6408 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user

21:02:43.0394 6408 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:02:43.0394 6408 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user

21:02:43.0394 6408 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:02:43.0394 6408 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user

21:02:43.0394 6408 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:02:43.0404 6408 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user

21:02:43.0404 6408 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:02:43.0404 6408 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user

21:02:43.0404 6408 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:02:43.0404 6408 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user

21:02:43.0404 6408 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:02:43.0404 6408 SMSv3_0_2hs ( UnsignedFile.Multi.Generic ) - skipped by user

21:02:43.0404 6408 SMSv3_0_2hs ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:03:36.0524 10200 ============================================================

21:03:36.0524 10200 Scan started

21:03:36.0524 10200 Mode: Manual; SigCheck; TDLFS;

21:03:36.0524 10200 ============================================================

21:03:36.0854 10200 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys

21:03:36.0874 10200 1394ohci - ok

21:03:36.0904 10200 61883 (e0a8525a951addb4655bc2068566407d) C:\Windows\system32\DRIVERS\61883.sys

21:03:36.0934 10200 61883 - ok

21:03:36.0974 10200 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys

21:03:36.0994 10200 ACPI - ok

21:03:37.0024 10200 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys

21:03:37.0044 10200 AcpiPmi - ok

21:03:37.0164 10200 AdobeActiveFileMonitor9.0 (c004f38974f4d321b4c20a240e1175c0) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe

21:03:37.0194 10200 AdobeActiveFileMonitor9.0 - ok

21:03:37.0254 10200 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

21:03:37.0264 10200 AdobeARMservice - ok

21:03:37.0374 10200 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

21:03:37.0394 10200 AdobeFlashPlayerUpdateSvc - ok

21:03:37.0434 10200 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

21:03:37.0454 10200 adp94xx - ok

21:03:37.0454 10200 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

21:03:37.0474 10200 adpahci - ok

21:03:37.0484 10200 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

21:03:37.0494 10200 adpu320 - ok

21:03:37.0534 10200 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll

21:03:37.0574 10200 AeLookupSvc - ok

21:03:37.0594 10200 AERTFilters (3ac22a3dfa8a050e35f0e3cd99d0cdf2) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe

21:03:37.0604 10200 AERTFilters - ok

21:03:37.0654 10200 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys

21:03:37.0684 10200 AFD - ok

21:03:37.0714 10200 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys

21:03:37.0744 10200 agp440 - ok

21:03:37.0744 10200 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe

21:03:37.0764 10200 ALG - ok

21:03:37.0774 10200 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys

21:03:37.0784 10200 aliide - ok

21:03:37.0844 10200 ALSysIO - ok

21:03:37.0904 10200 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys

21:03:37.0934 10200 amdide - ok

21:03:37.0934 10200 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

21:03:37.0954 10200 AmdK8 - ok

21:03:37.0954 10200 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

21:03:37.0974 10200 AmdPPM - ok

21:03:37.0994 10200 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys

21:03:38.0044 10200 amdsata - ok

21:03:38.0054 10200 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

21:03:38.0064 10200 amdsbs - ok

21:03:38.0094 10200 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys

21:03:38.0114 10200 amdxata - ok

21:03:38.0144 10200 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys

21:03:38.0234 10200 AppID - ok

21:03:38.0244 10200 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll

21:03:38.0274 10200 AppIDSvc - ok

21:03:38.0314 10200 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll

21:03:38.0374 10200 Appinfo - ok

21:03:38.0384 10200 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

21:03:38.0394 10200 arc - ok

21:03:38.0394 10200 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

21:03:38.0404 10200 arcsas - ok

21:03:38.0484 10200 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

21:03:38.0504 10200 aspnet_state - ok

21:03:38.0514 10200 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

21:03:38.0564 10200 AsyncMac - ok

21:03:38.0594 10200 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys

21:03:38.0604 10200 atapi - ok

21:03:38.0654 10200 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

21:03:38.0694 10200 AudioEndpointBuilder - ok

21:03:38.0694 10200 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

21:03:38.0724 10200 AudioSrv - ok

21:03:38.0754 10200 Avc (16fabe84916623d0607e4a975544032c) C:\Windows\system32\DRIVERS\avc.sys

21:03:38.0774 10200 Avc - ok

21:03:38.0804 10200 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll

21:03:38.0824 10200 AxInstSV - ok

21:03:38.0844 10200 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

21:03:38.0854 10200 b06bdrv - ok

21:03:38.0874 10200 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

21:03:38.0884 10200 b57nd60a - ok

21:03:38.0924 10200 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll

21:03:38.0954 10200 BDESVC - ok

21:03:38.0964 10200 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

21:03:39.0024 10200 Beep - ok

21:03:39.0054 10200 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll

21:03:39.0084 10200 BFE - ok

21:03:39.0124 10200 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll

21:03:39.0174 10200 BITS - ok

21:03:39.0204 10200 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

21:03:39.0214 10200 blbdrive - ok

21:03:39.0254 10200 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys

21:03:39.0274 10200 bowser - ok

21:03:39.0284 10200 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

21:03:39.0304 10200 BrFiltLo - ok

21:03:39.0314 10200 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

21:03:39.0334 10200 BrFiltUp - ok

21:03:39.0364 10200 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll

21:03:39.0404 10200 Browser - ok

21:03:39.0414 10200 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

21:03:39.0424 10200 Brserid - ok

21:03:39.0434 10200 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

21:03:39.0444 10200 BrSerWdm - ok

21:03:39.0454 10200 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

21:03:39.0474 10200 BrUsbMdm - ok

21:03:39.0474 10200 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

21:03:39.0484 10200 BrUsbSer - ok

21:03:39.0494 10200 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

21:03:39.0514 10200 BTHMODEM - ok

21:03:39.0514 10200 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll

21:03:39.0544 10200 bthserv - ok

21:03:39.0554 10200 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

21:03:39.0574 10200 cdfs - ok

21:03:39.0614 10200 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys

21:03:39.0654 10200 cdrom - ok

21:03:39.0674 10200 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

21:03:39.0694 10200 CertPropSvc - ok

21:03:39.0734 10200 cfwids (274ce03459896006f7a5069266e0469e) C:\Windows\system32\drivers\cfwids.sys

21:03:39.0744 10200 cfwids - ok

21:03:39.0744 10200 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

21:03:39.0754 10200 circlass - ok

21:03:39.0784 10200 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

21:03:39.0794 10200 CLFS - ok

21:03:39.0874 10200 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

21:03:39.0894 10200 clr_optimization_v2.0.50727_32 - ok

21:03:39.0934 10200 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

21:03:39.0954 10200 clr_optimization_v2.0.50727_64 - ok

Link to post
Share on other sites

Post 2/4 (Cont. TDSS, Malwarebytes)

21:03:40.0024 10200 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

21:03:40.0044 10200 clr_optimization_v4.0.30319_32 - ok

21:03:40.0074 10200 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

21:03:40.0084 10200 clr_optimization_v4.0.30319_64 - ok

21:03:40.0084 10200 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

21:03:40.0094 10200 CmBatt - ok

21:03:40.0134 10200 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys

21:03:40.0144 10200 cmdide - ok

21:03:40.0184 10200 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys

21:03:40.0224 10200 CNG - ok

21:03:40.0234 10200 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

21:03:40.0244 10200 Compbatt - ok

21:03:40.0274 10200 CompFilter64 (11cc395d18ff03e95e8c6a149c84c91b) C:\Windows\system32\DRIVERS\lvbflt64.sys

21:03:40.0284 10200 CompFilter64 - ok

21:03:40.0314 10200 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys

21:03:40.0344 10200 CompositeBus - ok

21:03:40.0344 10200 COMSysApp - ok

21:03:40.0424 10200 cpuz135 - ok

21:03:40.0484 10200 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

21:03:40.0504 10200 crcdisk - ok

21:03:40.0534 10200 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll

21:03:40.0564 10200 CryptSvc - ok

21:03:40.0614 10200 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

21:03:40.0644 10200 DcomLaunch - ok

21:03:40.0674 10200 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll

21:03:40.0704 10200 defragsvc - ok

21:03:40.0734 10200 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys

21:03:40.0774 10200 DfsC - ok

21:03:40.0784 10200 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll

21:03:40.0814 10200 Dhcp - ok

21:03:40.0824 10200 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

21:03:40.0844 10200 discache - ok

21:03:40.0854 10200 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

21:03:40.0864 10200 Disk - ok

21:03:40.0904 10200 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll

21:03:40.0914 10200 Dnscache - ok

21:03:40.0944 10200 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll

21:03:41.0014 10200 dot3svc - ok

21:03:41.0054 10200 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll

21:03:41.0084 10200 DPS - ok

21:03:41.0104 10200 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

21:03:41.0124 10200 drmkaud - ok

21:03:41.0144 10200 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys

21:03:41.0164 10200 DXGKrnl - ok

21:03:41.0204 10200 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll

21:03:41.0254 10200 EapHost - ok

21:03:41.0334 10200 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

21:03:41.0374 10200 ebdrv - ok

21:03:41.0474 10200 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe

21:03:41.0494 10200 EFS - ok

21:03:41.0534 10200 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe

21:03:41.0594 10200 ehRecvr - ok

21:03:41.0634 10200 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe

21:03:41.0654 10200 ehSched - ok

21:03:41.0694 10200 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

21:03:41.0734 10200 elxstor - ok

21:03:41.0754 10200 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys

21:03:41.0774 10200 ErrDev - ok

21:03:41.0804 10200 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll

21:03:41.0834 10200 EventSystem - ok

21:03:41.0834 10200 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

21:03:41.0864 10200 exfat - ok

21:03:41.0874 10200 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

21:03:41.0904 10200 fastfat - ok

21:03:41.0954 10200 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe

21:03:41.0984 10200 Fax - ok

21:03:41.0984 10200 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

21:03:42.0004 10200 fdc - ok

21:03:42.0024 10200 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll

21:03:42.0054 10200 fdPHost - ok

21:03:42.0064 10200 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll

21:03:42.0084 10200 FDResPub - ok

21:03:42.0094 10200 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

21:03:42.0104 10200 FileInfo - ok

21:03:42.0144 10200 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

21:03:42.0184 10200 Filetrace - ok

21:03:42.0194 10200 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

21:03:42.0204 10200 flpydisk - ok

21:03:42.0234 10200 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys

21:03:42.0264 10200 FltMgr - ok

21:03:42.0314 10200 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll

21:03:42.0344 10200 FontCache - ok

21:03:42.0394 10200 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

21:03:42.0414 10200 FontCache3.0.0.0 - ok

21:03:42.0424 10200 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

21:03:42.0434 10200 FsDepends - ok

21:03:42.0464 10200 fssfltr (07da62c960ddccc2d35836aeab4fc578) C:\Windows\system32\DRIVERS\fssfltr.sys

21:03:42.0504 10200 fssfltr - ok

21:03:42.0664 10200 fsssvc (28ddeeec44e988657b732cf404d504cb) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe

21:03:42.0694 10200 fsssvc - ok

21:03:42.0744 10200 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys

21:03:42.0814 10200 Fs_Rec - ok

21:03:42.0844 10200 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys

21:03:42.0874 10200 fvevol - ok

21:03:42.0884 10200 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

21:03:42.0894 10200 gagp30kx - ok

21:03:42.0954 10200 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll

21:03:42.0984 10200 gpsvc - ok

21:03:43.0024 10200 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

21:03:43.0044 10200 gupdate - ok

21:03:43.0044 10200 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

21:03:43.0054 10200 gupdatem - ok

21:03:43.0064 10200 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

21:03:43.0074 10200 hcw85cir - ok

21:03:43.0104 10200 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys

21:03:43.0124 10200 HDAudBus - ok

21:03:43.0134 10200 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

21:03:43.0144 10200 HidBatt - ok

21:03:43.0154 10200 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

21:03:43.0164 10200 HidBth - ok

21:03:43.0164 10200 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

21:03:43.0184 10200 HidIr - ok

21:03:43.0214 10200 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll

21:03:43.0234 10200 hidserv - ok

21:03:43.0244 10200 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys

21:03:43.0254 10200 HidUsb - ok

21:03:43.0284 10200 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll

21:03:43.0354 10200 hkmsvc - ok

21:03:43.0364 10200 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll

21:03:43.0404 10200 HomeGroupListener - ok

21:03:43.0414 10200 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll

21:03:43.0424 10200 HomeGroupProvider - ok

21:03:43.0534 10200 hpqcxs08 (0a3c6aa4a9fc38c20ba4eac2c3351c05) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll

21:03:43.0544 10200 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning

21:03:43.0544 10200 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)

21:03:43.0554 10200 hpqddsvc (f3f72a2a86c22610bca5439fa789dd52) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll

21:03:43.0564 10200 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning

21:03:43.0564 10200 hpqddsvc - detected UnsignedFile.Multi.Generic (1)

21:03:43.0584 10200 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys

21:03:43.0604 10200 HpSAMD - ok

21:03:43.0674 10200 HPSLPSVC (d972f48d0ce396759b788693cd665926) C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL

21:03:43.0704 10200 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning

21:03:43.0704 10200 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)

21:03:43.0754 10200 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys

21:03:43.0794 10200 HTTP - ok

21:03:43.0824 10200 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys

21:03:43.0884 10200 hwpolicy - ok

21:03:43.0924 10200 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys

21:03:43.0954 10200 i8042prt - ok

21:03:43.0994 10200 iaStor (1d004cb1da6323b1f55caef7f94b61d9) C:\Windows\system32\DRIVERS\iaStor.sys

21:03:44.0014 10200 iaStor - ok

21:03:44.0044 10200 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys

21:03:44.0104 10200 iaStorV - ok

21:03:44.0184 10200 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

21:03:44.0184 10200 IDriverT ( UnsignedFile.Multi.Generic ) - warning

21:03:44.0184 10200 IDriverT - detected UnsignedFile.Multi.Generic (1)

21:03:44.0274 10200 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

21:03:44.0314 10200 idsvc - ok

21:03:44.0364 10200 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

21:03:44.0394 10200 iirsp - ok

21:03:44.0414 10200 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll

21:03:44.0454 10200 IKEEXT - ok

21:03:44.0524 10200 IntcAzAudAddService (d42d651676883181400e22957a7e0b1e) C:\Windows\system32\drivers\RTKVHD64.sys

21:03:44.0584 10200 IntcAzAudAddService - ok

21:03:44.0654 10200 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys

21:03:44.0674 10200 intelide - ok

21:03:44.0684 10200 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

21:03:44.0694 10200 intelppm - ok

21:03:44.0724 10200 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll

21:03:44.0774 10200 IPBusEnum - ok

21:03:44.0794 10200 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys

21:03:44.0854 10200 IpFilterDriver - ok

21:03:44.0874 10200 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll

21:03:44.0904 10200 iphlpsvc - ok

21:03:44.0924 10200 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys

21:03:44.0934 10200 IPMIDRV - ok

21:03:44.0944 10200 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

21:03:44.0964 10200 IPNAT - ok

21:03:44.0994 10200 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

21:03:45.0014 10200 IRENUM - ok

21:03:45.0034 10200 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys

21:03:45.0044 10200 isapnp - ok

21:03:45.0054 10200 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys

21:03:45.0104 10200 iScsiPrt - ok

21:03:45.0144 10200 k57nd60a (249ee2d26cb1530f3bede0ac8b9e3099) C:\Windows\system32\DRIVERS\k57nd60a.sys

21:03:45.0164 10200 k57nd60a - ok

21:03:45.0184 10200 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys

21:03:45.0204 10200 kbdclass - ok

21:03:45.0214 10200 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys

21:03:45.0254 10200 kbdhid - ok

21:03:45.0294 10200 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

21:03:45.0314 10200 KeyIso - ok

21:03:45.0334 10200 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys

21:03:45.0344 10200 KSecDD - ok

21:03:45.0354 10200 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys

21:03:45.0364 10200 KSecPkg - ok

21:03:45.0374 10200 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

21:03:45.0394 10200 ksthunk - ok

21:03:45.0434 10200 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll

21:03:45.0464 10200 KtmRm - ok

21:03:45.0484 10200 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll

21:03:45.0514 10200 LanmanServer - ok

21:03:45.0554 10200 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll

21:03:45.0584 10200 LanmanWorkstation - ok

21:03:45.0594 10200 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

21:03:45.0624 10200 lltdio - ok

21:03:45.0644 10200 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll

21:03:45.0664 10200 lltdsvc - ok

21:03:45.0674 10200 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll

21:03:45.0704 10200 lmhosts - ok

21:03:45.0714 10200 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

21:03:45.0724 10200 LSI_FC - ok

21:03:45.0724 10200 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

21:03:45.0734 10200 LSI_SAS - ok

21:03:45.0744 10200 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

21:03:45.0754 10200 LSI_SAS2 - ok

21:03:45.0754 10200 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

21:03:45.0764 10200 LSI_SCSI - ok

21:03:45.0784 10200 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

21:03:45.0804 10200 luafv - ok

21:03:45.0844 10200 LVRS64 (ef586b959f747e74c76603ff16ae417b) C:\Windows\system32\DRIVERS\lvrs64.sys

21:03:45.0864 10200 LVRS64 - ok

21:03:45.0994 10200 LVUVC64 (edf73bfa1bd24d74d1d64dc0ed28a7cd) C:\Windows\system32\DRIVERS\lvuvc64.sys

21:03:46.0044 10200 LVUVC64 - ok

21:03:46.0174 10200 McAfee SiteAdvisor Service (be8c524313db75fa26fb2b0c0aaff88e) c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe

21:03:46.0234 10200 McAfee SiteAdvisor Service - ok

21:03:46.0344 10200 McMPFSvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

21:03:46.0364 10200 McMPFSvc - ok

21:03:46.0374 10200 mcmscsvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

21:03:46.0384 10200 mcmscsvc - ok

21:03:46.0384 10200 McNaiAnn (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

21:03:46.0394 10200 McNaiAnn - ok

21:03:46.0404 10200 McNASvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

21:03:46.0414 10200 McNASvc - ok

21:03:46.0454 10200 McODS (dd2321925274f2902929d76ce2b0eb45) C:\Program Files\McAfee\VirusScan\mcods.exe

21:03:46.0484 10200 McODS - ok

21:03:46.0484 10200 McOobeSv (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

21:03:46.0504 10200 McOobeSv - ok

21:03:46.0504 10200 McProxy (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

21:03:46.0514 10200 McProxy - ok

21:03:46.0574 10200 McShield (e998e3b12101288d716558466cbf6ae1) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe

21:03:46.0624 10200 McShield - ok

21:03:46.0714 10200 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll

21:03:46.0744 10200 Mcx2Svc - ok

21:03:46.0784 10200 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

21:03:46.0804 10200 megasas - ok

21:03:46.0804 10200 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

21:03:46.0824 10200 MegaSR - ok

21:03:46.0864 10200 mfeapfk (01884cb7655c8908b43ff5e364fe6fd2) C:\Windows\system32\drivers\mfeapfk.sys

21:03:46.0884 10200 mfeapfk - ok

21:03:46.0924 10200 mfeavfk (dab9a9cdfb04e4d68924492aa043019d) C:\Windows\system32\drivers\mfeavfk.sys

21:03:46.0944 10200 mfeavfk - ok

21:03:46.0944 10200 mfeavfk01 - ok

21:03:46.0974 10200 mfefire (b26782c3d6045b4464017d7926877560) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe

21:03:46.0984 10200 mfefire - ok

21:03:47.0014 10200 mfefirek (ce9a3680675c0907ade16404ca967b49) C:\Windows\system32\drivers\mfefirek.sys

21:03:47.0044 10200 mfefirek - ok

21:03:47.0094 10200 mfehidk (60cf67458dd29cd17e77f2327b1a9a54) C:\Windows\system32\drivers\mfehidk.sys

21:03:47.0124 10200 mfehidk - ok

21:03:47.0144 10200 mfenlfk (a8129cfb919347f8533c934b365e9202) C:\Windows\system32\DRIVERS\mfenlfk.sys

21:03:47.0184 10200 mfenlfk - ok

21:03:47.0214 10200 mferkdet (5041fa2bd2b3a2693b015771bfbf6dca) C:\Windows\system32\drivers\mferkdet.sys

21:03:47.0224 10200 mferkdet - ok

21:03:47.0264 10200 mfevtp (723a5eb6cef7f408c3d0f15a82a6bff8) C:\Windows\system32\mfevtps.exe

21:03:47.0344 10200 mfevtp - ok

21:03:47.0354 10200 mfewfpk (919c56db14a0e1e2ab6da5d2821dc26e) C:\Windows\system32\drivers\mfewfpk.sys

21:03:47.0374 10200 mfewfpk - ok

21:03:47.0394 10200 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

21:03:47.0444 10200 MMCSS - ok

21:03:47.0444 10200 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

21:03:47.0474 10200 Modem - ok

21:03:47.0484 10200 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

21:03:47.0494 10200 monitor - ok

21:03:47.0534 10200 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

21:03:47.0554 10200 mouclass - ok

21:03:47.0554 10200 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

21:03:47.0564 10200 mouhid - ok

21:03:47.0604 10200 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys

21:03:47.0634 10200 mountmgr - ok

21:03:47.0704 10200 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

21:03:47.0714 10200 MozillaMaintenance - ok

21:03:47.0724 10200 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys

21:03:47.0734 10200 mpio - ok

21:03:47.0744 10200 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

21:03:47.0774 10200 mpsdrv - ok

21:03:47.0814 10200 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll

21:03:47.0864 10200 MpsSvc - ok

21:03:47.0894 10200 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys

21:03:47.0914 10200 MRxDAV - ok

21:03:47.0944 10200 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys

21:03:47.0964 10200 mrxsmb - ok

21:03:48.0004 10200 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys

21:03:48.0024 10200 mrxsmb10 - ok

21:03:48.0064 10200 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

21:03:48.0084 10200 mrxsmb20 - ok

21:03:48.0104 10200 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys

21:03:48.0114 10200 msahci - ok

21:03:48.0124 10200 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys

21:03:48.0174 10200 msdsm - ok

21:03:48.0194 10200 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe

21:03:48.0204 10200 MSDTC - ok

21:03:48.0234 10200 MSDV (72949a24d37a20a54b3d4d3dadbb55e9) C:\Windows\system32\DRIVERS\msdv.sys

21:03:48.0264 10200 MSDV - ok

21:03:48.0284 10200 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

21:03:48.0304 10200 Msfs - ok

21:03:48.0314 10200 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

21:03:48.0334 10200 mshidkmdf - ok

21:03:48.0364 10200 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys

21:03:48.0384 10200 msisadrv - ok

21:03:48.0424 10200 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll

21:03:48.0464 10200 MSiSCSI - ok

21:03:48.0464 10200 msiserver - ok

21:03:48.0624 10200 MSK80Service (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

21:03:48.0654 10200 MSK80Service - ok

21:03:48.0674 10200 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

21:03:48.0724 10200 MSKSSRV - ok

21:03:48.0754 10200 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

21:03:48.0774 10200 MSPCLOCK - ok

21:03:48.0774 10200 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

21:03:48.0804 10200 MSPQM - ok

21:03:48.0834 10200 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys

21:03:48.0864 10200 MsRPC - ok

21:03:48.0874 10200 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys

21:03:48.0884 10200 mssmbios - ok

21:03:48.0944 10200 MSSQL$SQLEXPRESS - ok

21:03:48.0994 10200 MSSQLServerADHelper100 (7a2a8c975356858eb38466a6b1592e8d) c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE

21:03:49.0014 10200 MSSQLServerADHelper100 - ok

21:03:49.0024 10200 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

21:03:49.0054 10200 MSTEE - ok

21:03:49.0054 10200 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

21:03:49.0074 10200 MTConfig - ok

21:03:49.0084 10200 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

21:03:49.0094 10200 Mup - ok

21:03:49.0134 10200 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll

21:03:49.0154 10200 napagent - ok

21:03:49.0174 10200 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

21:03:49.0194 10200 NativeWifiP - ok

21:03:49.0224 10200 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys

21:03:49.0244 10200 NDIS - ok

21:03:49.0254 10200 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

21:03:49.0284 10200 NdisCap - ok

21:03:49.0294 10200 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

21:03:49.0314 10200 NdisTapi - ok

21:03:49.0354 10200 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys

21:03:49.0424 10200 Ndisuio - ok

21:03:49.0454 10200 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys

21:03:49.0484 10200 NdisWan - ok

21:03:49.0514 10200 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys

21:03:49.0544 10200 NDProxy - ok

21:03:49.0574 10200 Net Driver HPZ12 (d5ac41ae382738483faffbd7e373d49a) C:\Windows\system32\HPZinw12.dll

21:03:49.0574 10200 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning

21:03:49.0574 10200 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)

21:03:49.0584 10200 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

21:03:49.0614 10200 NetBIOS - ok

21:03:49.0624 10200 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys

21:03:49.0644 10200 NetBT - ok

21:03:49.0664 10200 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

21:03:49.0674 10200 Netlogon - ok

21:03:49.0734 10200 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll

21:03:49.0784 10200 Netman - ok

21:03:49.0884 10200 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

21:03:49.0934 10200 NetMsmqActivator - ok

21:03:49.0934 10200 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

21:03:49.0984 10200 NetPipeActivator - ok

21:03:50.0004 10200 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll

21:03:50.0034 10200 netprofm - ok

21:03:50.0034 10200 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

21:03:50.0084 10200 NetTcpActivator - ok

21:03:50.0084 10200 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

21:03:50.0134 10200 NetTcpPortSharing - ok

21:03:50.0134 10200 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

21:03:50.0144 10200 nfrd960 - ok

21:03:50.0164 10200 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll

21:03:50.0194 10200 NlaSvc - ok

21:03:50.0204 10200 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

21:03:50.0234 10200 Npfs - ok

21:03:50.0244 10200 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll

21:03:50.0274 10200 nsi - ok

21:03:50.0274 10200 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

21:03:50.0304 10200 nsiproxy - ok

21:03:50.0514 10200 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys

21:03:50.0544 10200 Ntfs - ok

21:03:50.0594 10200 nTuneService - ok

21:03:50.0654 10200 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

21:03:50.0704 10200 Null - ok

21:03:50.0734 10200 nusb3hub (f5bc2345e8c89d4e90fafd23a2239935) C:\Windows\system32\DRIVERS\nusb3hub.sys

21:03:50.0754 10200 nusb3hub - ok

21:03:50.0764 10200 nusb3xhc (5d42578241bc2a9b4a64837077436d5f) C:\Windows\system32\DRIVERS\nusb3xhc.sys

21:03:50.0804 10200 nusb3xhc - ok

21:03:51.0124 10200 nvlddmkm (b15258b1f45f9571758ac6bb2f043b01) C:\Windows\system32\DRIVERS\nvlddmkm.sys

21:03:51.0264 10200 nvlddmkm - ok

21:03:51.0304 10200 nvoclk64 (8c1d181480796d7d3366a9381fd7782d) C:\Windows\system32\DRIVERS\nvoclk64.sys

21:03:51.0384 10200 nvoclk64 - ok

21:03:51.0404 10200 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys

21:03:51.0414 10200 nvraid - ok

21:03:51.0424 10200 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys

21:03:51.0444 10200 nvstor - ok

21:03:51.0494 10200 nvsvc (2d7092fec9bd2aca199673bba2ba9277) C:\Windows\system32\nvvsvc.exe

21:03:51.0514 10200 nvsvc - ok

21:03:51.0604 10200 nvUpdatusService (7e22de30e222bfdfcec7e77032baf3cd) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

21:03:51.0634 10200 nvUpdatusService - ok

21:03:51.0704 10200 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys

21:03:51.0714 10200 nv_agp - ok

21:03:51.0724 10200 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys

21:03:51.0734 10200 ohci1394 - ok

21:03:51.0784 10200 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

21:03:51.0804 10200 ose - ok

21:03:52.0024 10200 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

21:03:52.0084 10200 osppsvc - ok

21:03:52.0144 10200 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

21:03:52.0164 10200 p2pimsvc - ok

21:03:52.0184 10200 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll

21:03:52.0194 10200 p2psvc - ok

21:03:52.0224 10200 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

21:03:52.0254 10200 Parport - ok

21:03:52.0294 10200 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys

21:03:52.0314 10200 partmgr - ok

21:03:52.0324 10200 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll

21:03:52.0344 10200 PcaSvc - ok

21:03:52.0364 10200 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys

21:03:52.0374 10200 pci - ok

21:03:52.0374 10200 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys

21:03:52.0384 10200 pciide - ok

21:03:52.0394 10200 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

21:03:52.0404 10200 pcmcia - ok

21:03:52.0424 10200 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

21:03:52.0434 10200 pcw - ok

21:03:52.0454 10200 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

21:03:52.0484 10200 PEAUTH - ok

21:03:52.0534 10200 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe

21:03:52.0554 10200 PerfHost - ok

21:03:52.0654 10200 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll

21:03:52.0714 10200 pla - ok

21:03:52.0764 10200 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll

21:03:52.0774 10200 PlugPlay - ok

21:03:52.0804 10200 Pml Driver HPZ12 (37f6046cdc630442d7dc087501ff6fc6) C:\Windows\system32\HPZipm12.dll

21:03:52.0804 10200 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning

21:03:52.0804 10200 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)

21:03:52.0844 10200 pmxdrv (34bfc6ed31b4e8be940c884b8ac7d9df) C:\Windows\system32\drivers\pmxdrv.sys

21:03:52.0864 10200 pmxdrv - ok

21:03:52.0894 10200 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll

21:03:52.0914 10200 PNRPAutoReg - ok

21:03:52.0934 10200 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

21:03:52.0944 10200 PNRPsvc - ok

21:03:52.0994 10200 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll

21:03:53.0044 10200 PolicyAgent - ok

21:03:53.0094 10200 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll

21:03:53.0114 10200 Power - ok

21:03:53.0144 10200 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys

21:03:53.0204 10200 PptpMiniport - ok

21:03:53.0234 10200 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

21:03:53.0244 10200 Processor - ok

21:03:53.0264 10200 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll

21:03:53.0284 10200 ProfSvc - ok

21:03:53.0324 10200 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

21:03:53.0334 10200 ProtectedStorage - ok

21:03:53.0364 10200 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys

21:03:53.0384 10200 Psched - ok

21:03:53.0394 10200 pssPCI - ok

21:03:53.0424 10200 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys

21:03:53.0434 10200 PxHlpa64 - ok

21:03:53.0504 10200 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

21:03:53.0534 10200 ql2300 - ok

21:03:53.0594 10200 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

21:03:53.0614 10200 ql40xx - ok

21:03:53.0634 10200 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll

21:03:53.0674 10200 QWAVE - ok

21:03:53.0684 10200 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

21:03:53.0694 10200 QWAVEdrv - ok

21:03:53.0734 10200 RapiMgr (a55e7d0d873b2c97585b3b5926ac6ade) C:\Windows\WindowsMobile\rapimgr.dll

21:03:53.0764 10200 RapiMgr - ok

21:03:53.0764 10200 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

21:03:53.0794 10200 RasAcd - ok

21:03:53.0824 10200 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

21:03:53.0844 10200 RasAgileVpn - ok

21:03:53.0854 10200 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll

21:03:53.0884 10200 RasAuto - ok

21:03:53.0924 10200 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys

21:03:53.0944 10200 Rasl2tp - ok

21:03:53.0964 10200 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll

21:03:53.0984 10200 RasMan - ok

21:03:54.0004 10200 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

21:03:54.0024 10200 RasPppoe - ok

21:03:54.0034 10200 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

21:03:54.0054 10200 RasSstp - ok

21:03:54.0084 10200 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys

21:03:54.0134 10200 rdbss - ok

21:03:54.0134 10200 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

21:03:54.0144 10200 rdpbus - ok

21:03:54.0154 10200 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

21:03:54.0174 10200 RDPCDD - ok

21:03:54.0184 10200 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

21:03:54.0204 10200 RDPENCDD - ok

21:03:54.0224 10200 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

21:03:54.0244 10200 RDPREFMP - ok

21:03:54.0284 10200 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys

21:03:54.0294 10200 RDPWD - ok

21:03:54.0334 10200 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys

21:03:54.0364 10200 rdyboost - ok

21:03:54.0384 10200 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll

21:03:54.0434 10200 RemoteAccess - ok

21:03:54.0444 10200 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll

21:03:54.0474 10200 RemoteRegistry - ok

21:03:54.0624 10200 RoxMediaDB10 (05fc44d32a144925eae45570029fd6e1) c:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe

21:03:54.0644 10200 RoxMediaDB10 - ok

21:03:54.0654 10200 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll

21:03:54.0684 10200 RpcEptMapper - ok

21:03:54.0684 10200 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe

21:03:54.0694 10200 RpcLocator - ok

21:03:54.0734 10200 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

21:03:54.0774 10200 RpcSs - ok

21:03:54.0844 10200 RsFx0103 (cd553b8633466a6d1c115812f2619f1f) C:\Windows\system32\DRIVERS\RsFx0103.sys

21:03:54.0864 10200 RsFx0103 - ok

21:03:54.0884 10200 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

21:03:54.0904 10200 rspndr - ok

21:03:54.0914 10200 RxFilter - ok

21:03:54.0944 10200 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

21:03:54.0954 10200 SamSs - ok

21:03:54.0984 10200 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys

21:03:55.0064 10200 sbp2port - ok

21:03:55.0074 10200 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll

21:03:55.0104 10200 SCardSvr - ok

21:03:55.0134 10200 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys

21:03:55.0174 10200 scfilter - ok

21:03:55.0224 10200 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll

21:03:55.0264 10200 Schedule - ok

21:03:55.0294 10200 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

21:03:55.0334 10200 SCPolicySvc - ok

21:03:55.0344 10200 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll

21:03:55.0384 10200 SDRSVC - ok

21:03:55.0474 10200 SDScannerService (e1f35f902b825c7b18236271f398dda2) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe

21:03:55.0504 10200 SDScannerService - ok

21:03:55.0534 10200 SDUpdateService (2db434f4ce96b3fb65d44b3ad5a4de3e) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe

21:03:55.0544 10200 SDUpdateService - ok

21:03:55.0554 10200 SDWSCService (59dce6783f9ed27eb72c81466e363bf8) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe

21:03:55.0564 10200 SDWSCService - ok

21:03:55.0624 10200 SeaPort (16a252022535b680046f6e34e136d378) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

21:03:55.0654 10200 SeaPort - ok

21:03:55.0754 10200 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

21:03:55.0804 10200 secdrv - ok

21:03:55.0814 10200 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll

21:03:55.0844 10200 seclogon - ok

21:03:55.0874 10200 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll

21:03:55.0904 10200 SENS - ok

21:03:55.0914 10200 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll

21:03:55.0924 10200 SensrSvc - ok

21:03:55.0934 10200 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

21:03:55.0944 10200 Serenum - ok

21:03:55.0944 10200 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

21:03:55.0954 10200 Serial - ok

21:03:55.0984 10200 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

21:03:55.0994 10200 sermouse - ok

21:03:56.0024 10200 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll

21:03:56.0054 10200 SessionEnv - ok

21:03:56.0064 10200 SessionLauncher - ok

21:03:56.0084 10200 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys

21:03:56.0094 10200 sffdisk - ok

21:03:56.0104 10200 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys

21:03:56.0114 10200 sffp_mmc - ok

21:03:56.0114 10200 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys

21:03:56.0124 10200 sffp_sd - ok

21:03:56.0124 10200 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

21:03:56.0134 10200 sfloppy - ok

21:03:56.0174 10200 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll

21:03:56.0204 10200 SharedAccess - ok

21:03:56.0214 10200 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll

21:03:56.0244 10200 ShellHWDetection - ok

21:03:56.0244 10200 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

21:03:56.0254 10200 SiSRaid2 - ok

21:03:56.0264 10200 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

21:03:56.0274 10200 SiSRaid4 - ok

21:03:56.0314 10200 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files (x86)\Skype\Updater\Updater.exe

21:03:58.0564 10200 SkypeUpdate - ok

21:03:58.0574 10200 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

21:03:58.0594 10200 Smb - ok

21:03:58.0724 10200 SMSv3_0_2hs (4787ea164e01cafbf5da384b6edc9fc5) C:\Program Files (x86)\Rosetta Stone\SMS v3.0.2hs\Service\JavaSrvc.exe

21:03:58.0734 10200 SMSv3_0_2hs ( UnsignedFile.Multi.Generic ) - warning

21:03:58.0734 10200 SMSv3_0_2hs - detected UnsignedFile.Multi.Generic (1)

21:03:58.0734 10200 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe

21:03:58.0744 10200 SNMPTRAP - ok

21:03:58.0764 10200 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

21:03:58.0774 10200 spldr - ok

21:03:58.0794 10200 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe

21:03:58.0854 10200 Spooler - ok

21:03:58.0954 10200 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe

21:03:59.0004 10200 sppsvc - ok

21:03:59.0064 10200 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll

21:03:59.0094 10200 sppuinotify - ok

21:03:59.0154 10200 SQLAgent$SQLEXPRESS (a5609d0178b2fec118a7f4a24ecd1bfb) c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE

21:03:59.0204 10200 SQLAgent$SQLEXPRESS - ok

21:03:59.0254 10200 SQLBrowser (b54b48f6d92423440c264e91225c5ff1) c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe

21:03:59.0264 10200 SQLBrowser - ok

21:03:59.0324 10200 SQLWriter (c298d989d717cb153702e397b6d9aaad) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

21:03:59.0324 10200 SQLWriter - ok

21:03:59.0374 10200 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys

21:03:59.0384 10200 srv - ok

21:03:59.0404 10200 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys

21:03:59.0414 10200 srv2 - ok

21:03:59.0424 10200 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys

21:03:59.0434 10200 srvnet - ok

21:03:59.0444 10200 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll

21:03:59.0474 10200 SSDPSRV - ok

21:03:59.0494 10200 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll

21:03:59.0514 10200 SstpSvc - ok

21:03:59.0534 10200 Steam Client Service - ok

21:03:59.0634 10200 Stereo Service (9e1222c417291bc836210743624a8e5e) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

21:03:59.0664 10200 Stereo Service - ok

21:03:59.0694 10200 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

21:03:59.0724 10200 stexstor - ok

21:03:59.0744 10200 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys

21:03:59.0754 10200 StillCam - ok

21:03:59.0814 10200 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll

21:03:59.0854 10200 stisvc - ok

21:03:59.0894 10200 stllssvr (ff5eb78af7dfb68c2fb363537aaf753e) c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe

21:03:59.0914 10200 stllssvr - ok

21:03:59.0934 10200 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys

21:03:59.0944 10200 swenum - ok

21:03:59.0964 10200 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll

21:03:59.0994 10200 swprv - ok

21:04:00.0054 10200 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll

21:04:00.0084 10200 SysMain - ok

21:04:00.0184 10200 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll

21:04:00.0214 10200 TabletInputService - ok

21:04:00.0224 10200 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll

21:04:00.0284 10200 TapiSrv - ok

21:04:00.0294 10200 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll

21:04:00.0314 10200 TBS - ok

21:04:00.0404 10200 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys

21:04:00.0444 10200 Tcpip - ok

21:04:00.0524 10200 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys

21:04:00.0564 10200 TCPIP6 - ok

21:04:00.0614 10200 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys

21:04:00.0664 10200 tcpipreg - ok

21:04:00.0694 10200 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

21:04:00.0724 10200 TDPIPE - ok

21:04:00.0754 10200 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys

21:04:00.0784 10200 TDTCP - ok

21:04:00.0794 10200 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys

21:04:00.0824 10200 tdx - ok

21:04:00.0844 10200 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys

21:04:00.0854 10200 TermDD - ok

21:04:00.0874 10200 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll

21:04:00.0904 10200 TermService - ok

21:04:00.0914 10200 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll

21:04:00.0934 10200 Themes - ok

21:04:00.0964 10200 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

21:04:01.0004 10200 THREADORDER - ok

21:04:01.0014 10200 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll

21:04:01.0044 10200 TrkWks - ok

21:04:01.0074 10200 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe

21:04:01.0134 10200 TrustedInstaller - ok

21:04:01.0184 10200 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys

21:04:01.0214 10200 tssecsrv - ok

21:04:01.0224 10200 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys

21:04:01.0234 10200 TsUsbFlt - ok

21:04:01.0274 10200 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys

21:04:01.0334 10200 tunnel - ok

21:04:01.0384 10200 TurboB (f37d49111a12a97de4bb5d8ff444bd2c) C:\Windows\system32\DRIVERS\TurboB.sys

21:04:01.0444 10200 TurboB - ok

21:04:01.0544 10200 TurboBoost (44d81b1bfd2428274bba98316d9606dc) C:\Program Files\Intel\TurboBoost\TurboBoost.exe

21:04:01.0564 10200 TurboBoost - ok

21:04:01.0594 10200 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

21:04:01.0624 10200 uagp35 - ok

21:04:01.0664 10200 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys

21:04:01.0734 10200 udfs - ok

21:04:01.0754 10200 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe

21:04:01.0764 10200 UI0Detect - ok

21:04:01.0794 10200 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys

21:04:01.0804 10200 uliagpkx - ok

21:04:01.0844 10200 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys

21:04:01.0874 10200 umbus - ok

21:04:01.0894 10200 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

21:04:01.0904 10200 UmPass - ok

21:04:01.0994 10200 UMVPFSrv (8b802b483cbde06f62dbc04dc7afaf8e) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe

21:04:02.0014 10200 UMVPFSrv - ok

21:04:02.0034 10200 UpdateCenterService - ok

21:04:02.0064 10200 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll

21:04:02.0094 10200 upnphost - ok

21:04:02.0094 10200 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys

21:04:02.0114 10200 usbaudio - ok

21:04:02.0144 10200 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys

21:04:02.0184 10200 usbccgp - ok

21:04:02.0194 10200 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys

21:04:02.0214 10200 usbcir - ok

21:04:02.0224 10200 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys

21:04:02.0234 10200 usbehci - ok

21:04:02.0244 10200 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys

21:04:02.0254 10200 usbhub - ok

21:04:02.0284 10200 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys

21:04:02.0324 10200 usbohci - ok

21:04:02.0334 10200 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

21:04:02.0354 10200 usbprint - ok

21:04:02.0384 10200 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS

21:04:02.0394 10200 USBSTOR - ok

21:04:02.0404 10200 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys

21:04:02.0444 10200 usbuhci - ok

21:04:02.0464 10200 usb_rndisx (70d05ee263568a742d14e1876df80532) C:\Windows\system32\DRIVERS\usb8023x.sys

21:04:02.0474 10200 usb_rndisx - ok

21:04:02.0484 10200 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll

21:04:02.0514 10200 UxSms - ok

21:04:02.0544 10200 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

21:04:02.0564 10200 VaultSvc - ok

21:04:02.0574 10200 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys

21:04:02.0584 10200 vdrvroot - ok

21:04:02.0634 10200 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe

21:04:02.0684 10200 vds - ok

21:04:02.0684 10200 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

21:04:02.0694 10200 vga - ok

21:04:02.0724 10200 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

21:04:02.0764 10200 VgaSave - ok

21:04:02.0784 10200 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys

21:04:02.0824 10200 vhdmp - ok

21:04:02.0844 10200 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys

21:04:02.0854 10200 viaide - ok

21:04:02.0894 10200 vmm (21c96aa588d3993191761a08dbaabb15) C:\Windows\system32\Drivers\vmm.sys

21:04:02.0904 10200 vmm - ok

21:04:02.0914 10200 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys

21:04:02.0924 10200 volmgr - ok

21:04:02.0964 10200 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys

21:04:02.0984 10200 volmgrx - ok

21:04:03.0004 10200 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys

21:04:03.0014 10200 volsnap - ok

21:04:03.0024 10200 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

21:04:03.0034 10200 vsmraid - ok

21:04:03.0104 10200 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe

21:04:03.0154 10200 VSS - ok

21:04:03.0244 10200 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys

21:04:03.0274 10200 vwifibus - ok

21:04:03.0294 10200 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll

21:04:03.0344 10200 W32Time - ok

21:04:03.0354 10200 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

21:04:03.0364 10200 WacomPen - ok

21:04:03.0374 10200 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

21:04:03.0394 10200 WANARP - ok

21:04:03.0394 10200 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

21:04:03.0424 10200 Wanarpv6 - ok

21:04:03.0474 10200 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe

21:04:03.0504 10200 WatAdminSvc - ok

21:04:03.0534 10200 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe

21:04:03.0604 10200 wbengine - ok

21:04:03.0644 10200 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll

21:04:03.0664 10200 WbioSrvc - ok

21:04:03.0724 10200 WcesComm (8bda6db43aa54e8bb5e0794541ddc209) C:\Windows\WindowsMobile\wcescomm.dll

21:04:03.0754 10200 WcesComm - ok

21:04:03.0784 10200 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll

21:04:03.0804 10200 wcncsvc - ok

21:04:03.0814 10200 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll

21:04:03.0824 10200 WcsPlugInService - ok

21:04:03.0824 10200 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

21:04:03.0844 10200 Wd - ok

21:04:03.0884 10200 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

21:04:03.0904 10200 Wdf01000 - ok

21:04:03.0914 10200 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

21:04:03.0934 10200 WdiServiceHost - ok

21:04:03.0934 10200 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

21:04:03.0954 10200 WdiSystemHost - ok

21:04:03.0974 10200 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll

21:04:04.0004 10200 WebClient - ok

21:04:04.0044 10200 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll

21:04:04.0094 10200 Wecsvc - ok

21:04:04.0104 10200 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll

21:04:04.0134 10200 wercplsupport - ok

21:04:04.0134 10200 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll

21:04:04.0164 10200 WerSvc - ok

21:04:04.0194 10200 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

21:04:04.0244 10200 WfpLwf - ok

21:04:04.0244 10200 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

21:04:04.0254 10200 WIMMount - ok

21:04:04.0284 10200 WinDefend - ok

21:04:04.0294 10200 WinHttpAutoProxySvc - ok

21:04:04.0354 10200 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll

21:04:04.0394 10200 Winmgmt - ok

21:04:04.0434 10200 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll

21:04:04.0474 10200 WinRM - ok

21:04:04.0524 10200 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys

21:04:04.0594 10200 WinUsb - ok

21:04:04.0624 10200 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll

21:04:04.0664 10200 Wlansvc - ok

21:04:04.0774 10200 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

21:04:04.0794 10200 wlcrasvc - ok

21:04:04.0934 10200 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

21:04:04.0974 10200 wlidsvc - ok

21:04:05.0044 10200 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys

21:04:05.0074 10200 WmiAcpi - ok

21:04:05.0274 10200 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe

21:04:05.0314 10200 wmiApSrv - ok

21:04:05.0314 10200 WMPNetworkSvc - ok

21:04:05.0314 10200 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll

21:04:05.0324 10200 WPCSvc - ok

21:04:05.0364 10200 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll

21:04:05.0374 10200 WPDBusEnum - ok

21:04:05.0384 10200 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

21:04:05.0404 10200 ws2ifsl - ok

21:04:05.0424 10200 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll

21:04:05.0444 10200 wscsvc - ok

21:04:05.0474 10200 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys

21:04:05.0484 10200 WSDPrintDevice - ok

21:04:05.0484 10200 WSearch - ok

21:04:05.0584 10200 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll

21:04:05.0634 10200 wuauserv - ok

21:04:05.0694 10200 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys

21:04:05.0744 10200 WudfPf - ok

21:04:05.0754 10200 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys

21:04:05.0774 10200 WUDFRd - ok

21:04:05.0814 10200 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll

21:04:05.0854 10200 wudfsvc - ok

21:04:05.0874 10200 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll

21:04:05.0884 10200 WwanSvc - ok

21:04:05.0904 10200 MBR (0x1B8) (cdb4de4bbd714f152979da2dcbef57eb) \Device\Harddisk0\DR0

21:04:06.0094 10200 \Device\Harddisk0\DR0 - ok

21:04:06.0094 10200 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk5\DR7

21:04:06.0144 10200 \Device\Harddisk5\DR7 - ok

21:04:06.0144 10200 Boot (0x1200) (a5c682221bb3be9ca89446427c662f59) \Device\Harddisk0\DR0\Partition0

21:04:06.0154 10200 \Device\Harddisk0\DR0\Partition0 - ok

21:04:06.0154 10200 Boot (0x1200) (78d9b7da3fb3aea9283e388faf2c2666) \Device\Harddisk0\DR0\Partition1

21:04:06.0154 10200 \Device\Harddisk0\DR0\Partition1 - ok

21:04:06.0154 10200 Boot (0x1200) (965458fc126dd2778950c2001965740a) \Device\Harddisk5\DR7\Partition0

21:04:06.0154 10200 \Device\Harddisk5\DR7\Partition0 - ok

21:04:06.0154 10200 ============================================================

21:04:06.0154 10200 Scan finished

21:04:06.0154 10200 ============================================================

21:04:06.0164 4844 Detected object count: 7

21:04:06.0164 4844 Actual detected object count: 7

21:04:27.0144 4844 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user

21:04:27.0144 4844 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:04:27.0144 4844 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user

21:04:27.0144 4844 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:04:27.0154 4844 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user

21:04:27.0154 4844 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:04:27.0154 4844 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user

21:04:27.0154 4844 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:04:27.0154 4844 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user

21:04:27.0154 4844 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:04:27.0154 4844 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user

21:04:27.0154 4844 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:04:27.0154 4844 SMSv3_0_2hs ( UnsignedFile.Multi.Generic ) - skipped by user

21:04:27.0154 4844 SMSv3_0_2hs ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:04:42.0994 9716 Deinitialize success

Malwarebytes Anti-Malware 1.61.0.1400

www.malwarebytes.org

Database version: v2012.06.12.01

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Jacob :: JIMMY [administrator]

6/11/2012 9:08:10 PM

mbam-log-2012-06-11 (21-08-10).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P

Scan options disabled:

Objects scanned: 311301

Time elapsed: 11 minute(s), 26 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

Link to post
Share on other sites

Post 3/4 (OTL)

OTL logfile created on: 6/11/2012 9:24:12 PM - Run 1

OTL by OldTimer - Version 3.2.48.0 Folder = C:\Users\Jacob\Desktop

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.99 Gb Total Physical Memory | 6.35 Gb Available Physical Memory | 79.46% Memory free

15.98 Gb Paging File | 13.16 Gb Available in Paging File | 82.35% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 916.82 Gb Total Space | 664.10 Gb Free Space | 72.43% Space Free | Partition Type: NTFS

Drive D: | 654.81 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Drive K: | 931.51 Gb Total Space | 322.79 Gb Free Space | 34.65% Space Free | Partition Type: NTFS

Computer Name: JIMMY | User Name: Jacob | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/06/11 21:06:56 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Jacob\Desktop\OTL.exe

PRC - [2012/05/10 16:29:50 | 003,349,488 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe

PRC - [2012/05/10 16:29:02 | 000,838,136 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe

PRC - [2012/05/10 16:28:58 | 001,122,296 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe

PRC - [2012/03/22 10:55:02 | 000,166,528 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe

PRC - [2012/01/03 09:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

PRC - [2011/10/15 04:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

PRC - [2011/10/15 01:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

PRC - [2011/04/01 01:11:52 | 000,428,640 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe

PRC - [2010/11/20 08:17:56 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe

PRC - [2010/11/20 08:17:41 | 001,174,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Sidebar\sidebar.exe

PRC - [2010/09/06 03:19:58 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe

PRC - [2009/10/21 13:12:50 | 000,106,496 | ---- | M] (NEC Electronics Corporation) -- C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

PRC - [2009/07/17 18:07:58 | 000,237,568 | ---- | M] (Alcor Micro Corp.) -- C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe

PRC - [2009/06/24 22:19:50 | 000,140,520 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe

PRC - [2006/04/21 11:20:54 | 000,065,536 | ---- | M] (Alexandria Software Consulting) -- C:\Program Files (x86)\Rosetta Stone\SMS v3.0.2hs\service\JavaSrvc.exe

========== Modules (No Company Name) ==========

MOD - [2012/05/10 16:28:12 | 000,046,592 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl

MOD - [2012/05/10 16:28:10 | 000,517,632 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\JSDialogPack150.bpl

MOD - [2012/05/10 16:28:10 | 000,410,112 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012/04/19 08:22:48 | 000,502,032 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)

SRV:64bit: - [2012/03/20 13:11:30 | 000,162,192 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)

SRV:64bit: - [2012/03/20 12:56:24 | 000,210,584 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)

SRV:64bit: - [2012/03/20 12:55:54 | 000,199,272 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)

SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (MSK80Service)

SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)

SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McOobeSv)

SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)

SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)

SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)

SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)

SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)

SRV:64bit: - [2010/05/21 12:37:32 | 000,134,928 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost) Intel®

SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV:64bit: - [2009/03/31 18:01:34 | 000,092,160 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)

SRV - [2012/06/07 13:13:49 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2012/05/31 15:40:07 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2012/03/26 19:29:15 | 000,489,256 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)

SRV - [2012/02/29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)

SRV - [2012/01/13 12:21:16 | 000,103,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe -- (McAfee SiteAdvisor Service)

SRV - [2012/01/03 09:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)

SRV - [2011/10/15 04:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)

SRV - [2011/10/15 01:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)

SRV - [2011/04/01 01:11:52 | 000,428,640 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)

SRV - [2010/09/06 03:19:58 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor9.0)

SRV - [2010/03/22 09:17:24 | 000,276,584 | ---- | M] (NVIDIA) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe -- (nTuneService)

SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2009/11/06 13:24:54 | 000,282,728 | ---- | M] (NVIDIA) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe -- (UpdateCenterService)

SRV - [2009/06/26 13:19:12 | 001,124,848 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- c:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCom\RoxMediaDB10.exe -- (RoxMediaDB10)

SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

SRV - [2009/05/21 22:35:32 | 000,923,136 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)

SRV - [2007/05/31 18:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)

SRV - [2007/05/31 18:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)

SRV - [2006/04/21 11:20:54 | 000,065,536 | ---- | M] (Alexandria Software Consulting) [Auto | Running] -- C:\Program Files (x86)\Rosetta Stone\SMS v3.0.2hs\service\JavaSrvc.exe -- (SMSv3_0_2hs)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/03/08 18:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)

DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)

DRV:64bit: - [2012/02/22 13:29:46 | 000,647,208 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)

DRV:64bit: - [2012/02/22 13:29:46 | 000,487,296 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)

DRV:64bit: - [2012/02/22 13:29:46 | 000,289,664 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)

DRV:64bit: - [2012/02/22 13:29:46 | 000,229,528 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)

DRV:64bit: - [2012/02/22 13:29:46 | 000,160,792 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)

DRV:64bit: - [2012/02/22 13:29:46 | 000,100,912 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)

DRV:64bit: - [2012/02/22 13:29:46 | 000,075,936 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfenlfk.sys -- (mfenlfk)

DRV:64bit: - [2012/02/22 13:29:46 | 000,065,264 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)

DRV:64bit: - [2011/04/01 01:07:54 | 004,184,672 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVUVC64.sys -- (LVUVC64) Logitech HD Pro Webcam C910(UVC)

DRV:64bit: - [2011/04/01 01:06:22 | 000,341,856 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)

DRV:64bit: - [2011/04/01 01:04:32 | 000,023,904 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvbflt64.sys -- (CompFilter64)

DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV:64bit: - [2010/09/08 15:42:16 | 000,295,272 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\VMM.sys -- (vmm)

DRV:64bit: - [2010/07/19 20:26:05 | 000,038,536 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pmxdrv.sys -- (pmxdrv)

DRV:64bit: - [2010/05/21 12:37:20 | 000,013,832 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)

DRV:64bit: - [2010/03/19 04:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)

DRV:64bit: - [2009/10/27 00:19:48 | 000,176,640 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)

DRV:64bit: - [2009/10/27 00:19:46 | 000,075,264 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)

DRV:64bit: - [2009/09/15 14:59:30 | 000,042,088 | ---- | M] (NVIDIA Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvoclk64.sys -- (nvoclk64)

DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009/07/13 20:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)

DRV:64bit: - [2009/07/13 20:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)

DRV:64bit: - [2009/07/13 20:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)

DRV:64bit: - [2009/07/13 20:06:43 | 000,060,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\61883.sys -- (61883)

DRV:64bit: - [2009/07/13 20:06:43 | 000,048,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\avc.sys -- (Avc)

DRV:64bit: - [2009/07/13 20:06:42 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msdv.sys -- (MSDV)

DRV:64bit: - [2009/06/20 08:35:00 | 000,317,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink

DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2009/06/04 22:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)

DRV - [2010/01/08 22:46:54 | 000,004,096 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\pssPCI.sys -- (pssPCI)

DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

DRV - [2009/06/26 12:27:28 | 000,065,520 | ---- | M] (Sonic Solutions) [File_System | System | Stopped] -- C:\Windows\SysWOW64\drivers\RxFilter.sys -- (RxFilter)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {21312112-26F9-4905-858A-50735BA693DA}

IE:64bit: - HKLM\..\SearchScopes\{21312112-26F9-4905-858A-50735BA693DA}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\..\SearchScopes,DefaultScope = {4215ED94-CD74-4D53-9A1C-2354503FC392}

IE - HKLM\..\SearchScopes\{4215ED94-CD74-4D53-9A1C-2354503FC392}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2599251252-3821983390-1828043331-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1

IE - HKU\S-1-5-21-2599251252-3821983390-1828043331-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve

IE - HKU\S-1-5-21-2599251252-3821983390-1828043331-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.cbn.com/cbnnews/ [binary data]

IE - HKU\S-1-5-21-2599251252-3821983390-1828043331-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://zradio.org/

IE - HKU\S-1-5-21-2599251252-3821983390-1828043331-1001\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

IE - HKU\S-1-5-21-2599251252-3821983390-1828043331-1001\..\SearchScopes,DefaultScope = {4215ED94-CD74-4D53-9A1C-2354503FC392}

IE - HKU\S-1-5-21-2599251252-3821983390-1828043331-1001\..\SearchScopes\{33592108-D5EC-42DD-BA23-4D5502D9EDCE}: "URL" = http://www.amazon.com/s?ie=UTF8&tag=amznsearch.ms-20&index=aps&link%5Fcode=qs&field-keywords={searchTerms}

IE - HKU\S-1-5-21-2599251252-3821983390-1828043331-1001\..\SearchScopes\{BB15A293-D2D2-4DE2-93E5-B711D83AC3DA}: "URL" = http://en.wikipedia.org/w/index.php?title=Special:Search&search={searchTerms}

IE - HKU\S-1-5-21-2599251252-3821983390-1828043331-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Secure Search"

FF - prefs.js..browser.search.selectedEngine: "Bing"

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "http://zradio.org/"

FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3.1

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21

FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.1.1

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26

FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=mcafee&p="

FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_235.dll File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files (x86)\Virtual Earth 3D\ File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll ()

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~2\mcafee\msc\npmcsn~1.dll ()

FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@research.microsoft.com/HDView: C:\Program Files (x86)\Microsoft Research\HD View\nphdview.dll (Microsoft Research)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2012/02/24 17:01:08 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore [2012/04/25 10:32:30 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/07 13:13:49 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/16 22:19:49 | 000,000,000 | ---D | M]

[2010/02/07 17:51:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jacob\AppData\Roaming\Mozilla\Extensions

[2012/06/11 20:56:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jacob\AppData\Roaming\Mozilla\Firefox\Profiles\9iiiea8p.default\extensions

[2010/02/07 17:54:02 | 000,002,164 | ---- | M] () -- C:\Users\Jacob\AppData\Roaming\Mozilla\Firefox\Profiles\9iiiea8p.default\searchplugins\bing.xml

[2012/06/07 13:14:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

[2012/04/25 10:32:30 | 000,000,000 | ---D | M] (McAfee ScriptScan for Firefox) -- C:\PROGRAM FILES (X86)\COMMON FILES\MCAFEE\SYSTEMCORE

[2012/02/24 17:01:08 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR

[2012/06/11 20:56:44 | 000,525,295 | ---- | M] () (No name found) -- C:\USERS\JACOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IIIEA8P.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI

[2012/05/25 12:49:13 | 000,004,733 | ---- | M] () (No name found) -- C:\USERS\JACOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IIIEA8P.DEFAULT\EXTENSIONS\JSODOPCYVW@JSODOPCYVW.ORG.XPI

[2012/06/07 13:13:49 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll

[2011/04/14 14:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\mozilla firefox\components\Scriptff.dll

[2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll

[2010/04/21 14:50:44 | 000,682,496 | ---- | M] (YoYoGames) -- C:\Program Files (x86)\mozilla firefox\plugins\NPYYGInstantPlay.dll

[2012/06/07 13:13:47 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

[2011/09/29 11:28:34 | 000,002,024 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\McSiteAdvisor.xml

[2012/06/07 13:13:47 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google ()

CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}

O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL File not found

O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120425081238.dll (McAfee, Inc.)

O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)

O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\McAfee\MSK\mskapbho.dll ()

O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120425081238.dll (McAfee, Inc.)

O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)

O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKU\S-1-5-21-2599251252-3821983390-1828043331-1001\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.

O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)

O4:64bit: - HKLM..\Run: [intelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found

O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)

O4:64bit: - HKLM..\Run: [skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe File not found

O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)

O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)

O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)

O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)

O4 - HKLM..\Run: [sDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)

O4 - HKLM..\Run: [shwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe (Alcor Micro Corp.)

O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-2599251252-3821983390-1828043331-1001..\Run: [Apps] C:\Users\Jacob\AppData\Local\DataSafeOnline\Apps\rngpzjif.dll (Microsoft Corporation)

O4 - HKU\S-1-5-21-2599251252-3821983390-1828043331-1001..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-2599251252-3821983390-1828043331-1012..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O4 - HKU\S-1-5-21-2599251252-3821983390-1828043331-1012..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O4 - HKLM..\RunOnceEx: [ContentMerger] c:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCom\ContentMerger10.exe (Sonic Solutions)

O4 - Startup: C:\Users\Christina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = File not found

O4 - Startup: C:\Users\Christina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

O4 - Startup: C:\Users\Jacob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FavsAll - Shortcut.lnk = C:\Users\Public\Music\Music\Playlists\FavsAll.wpl ()

O4 - Startup: C:\Users\Kathy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = File not found

O4 - Startup: C:\Users\Kathy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

O4 - Startup: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O7 - HKU\S-1-5-21-2599251252-3821983390-1828043331-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-2599251252-3821983390-1828043331-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2

O7 - HKU\S-1-5-21-2599251252-3821983390-1828043331-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1

O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O15 - HKU\S-1-5-21-2599251252-3821983390-1828043331-1001\..Trusted Domains: flvs.net ([learn] http in Trusted sites)

O15 - HKU\S-1-5-21-2599251252-3821983390-1828043331-1001\..Trusted Domains: internet ([]about in Trusted sites)

O15 - HKU\S-1-5-21-2599251252-3821983390-1828043331-1001\..Trusted Domains: live.com ([onecare] http in Trusted sites)

O15 - HKU\S-1-5-21-2599251252-3821983390-1828043331-1001\..Trusted Domains: mcafee.com ([]http in Trusted sites)

O15 - HKU\S-1-5-21-2599251252-3821983390-1828043331-1001\..Trusted Domains: mcafee.com ([]https in Trusted sites)

O15 - HKU\S-1-5-21-2599251252-3821983390-1828043331-1001\..Trusted Domains: yoyogames.com ([www] http in Trusted sites)

O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O16:64bit: - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/templates/ieawsdc.cab (Microsoft Office Template and Media Control)

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)

O16 - DPF: {2B497CAF-D938-4059-BA76-0DA5DB77EA0A} https://72.156.249.212/Remote/BuiltIns/FS/Wssg.Web.FileAccess.RichUpload.cab (Wssg.Web.FileAccess.RichUpload.UploadControl Class)

O16 - DPF: {362C56AA-6E4F-40C7-A0B5-85501DBDAD77} http://i.dell.com/images/global/js/scanner/SysProExe.cab (Scanner.SysScanner)

O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.10.115.cab (Reg Error: Key error.)

O16 - DPF: {40F576AD-8680-4F9E-9490-99D069CD665F} http://srtest-cdn.systemrequirementslab.com.s3.amazonaws.com/bin/sysreqlabdetect.cab (Reg Error: Key error.)

O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} http://support.dell.com/systemprofiler/SysProExe.CAB (WMI Class)

O16 - DPF: {721700FE-7F0E-49C5-BDED-CA92B7CB1245} http://65.44.139.2:9203/camclictrl.cab (Camera Stream Client Control Object)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} http://www.sibelius.com/download/software/win/ActiveXPlugin.cab (ScorchPlugin Class)

O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell.com/systemprofiler/DellSystemLite.CAB (DellSystemLite.Scanner)

O16 - DPF: {C49134CC-B5EF-458C-A442-E8DFE7B4645F} http://www.yoyogames.com/plugins/activex/YoYo.cab (YYGInstantPlay Control)

O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} http://clients.futuremark.com/calico/systeminfodeploy/FMSI.cab (Reg Error: Key error.)

O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://berklee.webex.com/client/T27L10NSP25/nbr/ieatgpc1.cab (GpcContainer Class)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)

O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{410F48CF-12A3-40EB-B398-2C0A4D370576}: DhcpNameServer = 192.168.2.1

O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)

O18:64bit: - Protocol\Handler\livecall - No CLSID value found

O18:64bit: - Protocol\Handler\ms-help - No CLSID value found

O18:64bit: - Protocol\Handler\msnim - No CLSID value found

O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found

O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)

O18:64bit: - Protocol\Handler\skype4com - No CLSID value found

O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found

O18:64bit: - Protocol\Handler\wlpg - No CLSID value found

O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)

O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2005/01/30 18:42:25 | 000,000,000 | ---D | M] - D:\Autorun -- [ CDFS ]

O32 - AutoRun File - [2005/01/26 16:42:47 | 000,000,039 | R--- | M] () - D:\autorun.inf -- [ CDFS ]

O32 - AutoRun File - [2010/02/15 00:53:50 | 000,000,027 | ---- | M] () - K:\Autorun.inf -- [ NTFS ]

O33 - MountPoints2\{05e3f4e0-cc40-11de-9b14-806e6f6e6963}\Shell - "" = AutoRun

O33 - MountPoints2\{05e3f4e0-cc40-11de-9b14-806e6f6e6963}\Shell\AutoRun\command - "" = D:\.\Autorun\autorun.exe -- [2002/12/10 06:00:30 | 001,089,536 | R--- | M] ()

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/06/11 21:06:55 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Jacob\Desktop\OTL.exe

[2012/06/11 20:58:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee

[2012/06/11 11:51:44 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{601E397C-C67E-498A-866F-A191C37C14B4}

[2012/06/11 11:51:32 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{E18E85D7-1BDC-4391-A3A4-D2E99ECE2FA8}

[2012/06/09 20:56:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sibelius Software

[2012/06/09 13:54:17 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{46571528-A6D5-4000-8F4C-72834C35E911}

[2012/06/09 13:54:04 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{E424CDF8-4701-4908-8785-C9E478281815}

[2012/06/08 11:48:57 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{C66CDB0D-5EB0-48D0-8028-F1B7B9B04E2D}

[2012/06/08 11:48:45 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{5E27C6B3-A30E-4DA0-836B-0EA2D1040F17}

[2012/06/07 13:14:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla

[2012/06/07 13:14:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service

[2012/06/07 13:11:44 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{D95F4EEE-713D-4111-AED0-753CC755D21B}

[2012/06/07 13:11:31 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{3C788A4D-6569-4A73-B1CE-B500CF4D25C3}

[2012/06/07 01:11:01 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{85B3D4CF-9BAB-4085-8501-0AE3644D23E4}

[2012/06/07 01:10:48 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{A9270E0F-AD0C-4987-9E42-27E5C78252B7}

[2012/06/06 13:10:21 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{13B87C11-FB71-43CD-8029-DF40029E137D}

[2012/06/06 13:10:08 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{CC8F2999-C6EC-41C2-9A9A-050AB4CF1ABE}

[2012/06/05 12:26:18 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{6315DDE6-162E-45D0-816F-E32C25D5FD0C}

[2012/06/05 12:24:42 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{9E040E56-185C-428B-9DD4-866879A87927}

[2012/06/04 12:19:31 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{2ED9CB6C-10FE-4456-9F19-907E39BE40B2}

[2012/06/04 12:19:18 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{DDC5CD5B-49F0-4EFC-A5BC-5F96925A66C7}

[2012/06/03 16:20:47 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{31007099-B9AA-4D03-9BA0-E66F38E69AC6}

[2012/06/03 16:20:34 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{D5D3E8A0-8426-48A7-86E2-AD0906115417}

[2012/06/02 12:58:39 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{C4FD5831-CA24-4F4E-A3AC-ED00EE0CC5ED}

[2012/06/02 12:58:27 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{0BCE56C8-DC5E-4BC8-95EE-16625B42AE7F}

[2012/06/01 23:21:46 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{C3888708-6A4B-47FE-8758-19F83D954E2F}

[2012/06/01 11:21:20 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{A0FEB971-F4A3-4C09-B97D-BD6A0441F2A0}

[2012/06/01 11:21:07 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{4F05EA62-75F0-4D75-B9DA-7AD4D1101614}

[2012/05/31 21:49:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy

[2012/05/31 21:49:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2

[2012/05/31 21:49:51 | 000,017,272 | ---- | C] (Safer Networking Limited) -- C:\Windows\SysNative\sdnclean64.exe

[2012/05/31 21:49:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2

[2012/05/31 12:49:26 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{B8DC9575-373E-4F6A-9D72-D50C71475BCE}

[2012/05/31 12:49:14 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{347BA266-4DEC-483E-B19D-A1BC0149C2F3}

[2012/05/30 08:49:01 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{42A821F5-35E5-41E4-A145-5955518A04CD}

[2012/05/30 08:48:48 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{2395E78A-BD1C-4289-A86F-2EC8952716F1}

[2012/05/29 20:07:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Sophos

[2012/05/29 10:53:43 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{3811D7A7-6281-4A27-80A2-2F5597037350}

[2012/05/29 10:53:10 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{E6385A85-E33B-4686-B7C4-F6465D4F53E2}

[2012/05/27 18:56:47 | 000,116,016 | ---- | C] (Kaspersky Lab, GERT) -- C:\Windows\SysNative\drivers\18720901.sys

[2012/05/27 13:57:10 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{6DF849BA-5A99-4D6E-95BA-0E2AE22D3585}

[2012/05/27 13:56:57 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{4BE7DD0F-5046-4A09-9B85-86418BCA3970}

[2012/05/25 12:38:22 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{2C84B04E-87A7-419F-AA6F-C63D6E17F4F7}

[2012/05/25 12:38:09 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{499AF48C-7555-4466-B491-55C5DC07CB8E}

[2012/05/24 15:17:05 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Roaming\System

[2012/05/24 11:03:05 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{DEAD7B09-DA57-4BAE-A841-F21E67C7CC5A}

[2012/05/24 11:02:51 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{DF8C6C73-3615-45AB-9773-1B152C9210B3}

[2012/05/22 11:33:21 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{D7A892FA-2909-47D6-B9F5-BEF70AC48D7D}

[2012/05/22 11:33:08 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{0C4D18A8-B0EE-42C4-88BD-DC48134E695C}

[2012/05/21 11:42:50 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{A0A507B2-36B3-4A5B-99D4-7B0C7EA65302}

[2012/05/21 11:42:39 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{BC18CE89-7843-4F42-86EC-01716242CE8D}

[2012/05/20 23:04:36 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{722C2EF9-7C5B-4C05-950D-194094F3F595}

[2012/05/20 23:04:24 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{29E5BEC5-F2DC-4806-9A1A-126210B3C228}

[2012/05/19 13:08:17 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{5C0A0C64-9A19-4918-B477-A5510AA0EE38}

[2012/05/19 13:08:05 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{D663333A-ED19-4859-89AE-E5EF138EC4C2}

[2012/05/18 19:57:29 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{B5AA328D-8445-4AF1-8546-F9EFDD7ABCB8}

[2012/05/18 19:57:16 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{DFAABAC2-A3EA-4CF1-9DEC-2B3E03776D0A}

[2012/05/17 20:26:17 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{DB8A108C-5048-4D2B-8B71-9F80025D4705}

[2012/05/17 20:26:03 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{1E220F65-1F32-4D45-B4CF-47DEC2D39871}

[2012/05/17 11:01:23 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{B6655982-DCA7-42E6-8C36-7D4CE56AA245}

[2012/05/16 22:19:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime

[2012/05/16 22:19:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime

[2012/05/16 22:19:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer

[2012/05/16 12:39:12 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{0326D363-90A2-4ACD-B0BF-C019F9EB5F08}

[2012/05/16 12:39:00 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{BD4DF713-20DA-49E3-BACA-AAB7F2502E77}

[2012/05/15 22:37:57 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{53216DF7-E13F-4148-8BF5-875A95236B18}

[2012/05/15 22:37:45 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{9EB13F55-BEAC-4709-95A4-A273876C3C98}

[2012/05/15 10:37:18 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{6469DCEF-2F66-494E-B8CA-0E2F90738C80}

[2012/05/15 10:37:06 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{0D0DD81E-0DB8-4DC1-A80F-F3560D65E4A3}

[2012/05/14 10:34:33 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{B2DC64F0-5889-4416-A7C8-1E70FCFDEED3}

[2012/05/14 10:34:20 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{8DB178BC-F1F1-427E-A1E0-6D74B3794B37}

[2012/05/13 12:27:17 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{A5EAA35A-11D0-4716-AA78-E9B74262F046}

[2012/05/13 12:26:53 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{46295A3A-F933-434A-98C6-515D695D005C}

[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/06/11 21:40:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2012/06/11 21:31:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2012/06/11 21:06:56 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Jacob\Desktop\OTL.exe

[2012/06/11 20:56:26 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2012/06/11 19:39:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2012/06/11 14:54:18 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2012/06/11 14:54:18 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2012/06/11 11:39:32 | 000,465,656 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2012/06/11 11:39:08 | 2140,495,871 | -HS- | M] () -- C:\hiberfil.sys

[2012/06/07 21:06:11 | 000,007,626 | ---- | M] () -- C:\Users\Jacob\AppData\Local\Resmon.ResmonCfg

[2012/05/31 21:49:56 | 000,002,179 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk

[2012/05/27 18:56:47 | 000,116,016 | ---- | M] (Kaspersky Lab, GERT) -- C:\Windows\SysNative\drivers\18720901.sys

[2012/05/25 13:23:00 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012/05/22 21:02:35 | 000,872,838 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2012/05/22 21:02:35 | 000,728,154 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2012/05/22 21:02:35 | 000,147,212 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2012/05/19 13:07:48 | 000,001,232 | RHS- | M] () -- C:\Users\Jacob\ntuser.pol

[2012/05/16 22:19:45 | 000,001,847 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk

[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/05/31 21:49:56 | 000,002,191 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk

[2012/05/31 21:49:56 | 000,002,179 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk

[2012/05/31 15:27:17 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2012/05/25 13:23:00 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012/05/16 22:19:45 | 000,001,847 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk

[2011/10/15 01:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe

[2011/07/08 15:54:02 | 000,000,285 | ---- | C] () -- C:\Users\Jacob\AppData\Roaming\Network Meter_Settings.ini

[2011/07/08 15:49:10 | 000,000,412 | ---- | C] () -- C:\Users\Jacob\AppData\Roaming\All CPU Meter_Settings.ini

[2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat

[2011/04/01 01:07:02 | 010,877,272 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll

[2011/04/01 01:07:02 | 000,102,744 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe

[2011/04/01 01:06:56 | 000,331,608 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll

[2011/03/02 20:51:39 | 000,007,626 | ---- | C] () -- C:\Users\Jacob\AppData\Local\Resmon.ResmonCfg

[2011/02/17 14:30:36 | 000,000,000 | ---- | C] () -- C:\Windows\Setup32.INI

[2010/10/24 15:25:02 | 000,869,058 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2010/10/11 20:08:35 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

[2010/08/25 11:53:59 | 000,327,680 | ---- | C] () -- C:\Windows\SysWow64\pythoncom24.dll

[2010/08/25 11:53:59 | 000,102,400 | ---- | C] () -- C:\Windows\SysWow64\pywintypes24.dll

[2010/07/19 16:11:17 | 000,004,096 | ---- | C] () -- C:\Windows\SysWow64\drivers\pssPCI.sys

========== LOP Check ==========

[2011/09/02 13:09:21 | 000,000,000 | ---D | M] -- C:\Users\Christina\AppData\Roaming\Audacity

[2010/01/14 00:20:41 | 000,000,000 | ---D | M] -- C:\Users\Christina\AppData\Roaming\OpenOffice.org

[2012/06/01 10:01:36 | 000,000,000 | ---D | M] -- C:\Users\Christina\AppData\Roaming\webex

[2010/01/17 22:03:03 | 000,000,000 | ---D | M] -- C:\Users\Claude\AppData\Roaming\.freeciv

[2011/11/16 16:45:58 | 000,000,000 | ---D | M] -- C:\Users\Claude\AppData\Roaming\.minecraft

[2010/09/17 23:20:07 | 000,000,000 | ---D | M] -- C:\Users\Claude\AppData\Roaming\Amazon

[2011/01/09 17:12:15 | 000,000,000 | ---D | M] -- C:\Users\Claude\AppData\Roaming\Atari

[2012/01/01 19:21:21 | 000,000,000 | ---D | M] -- C:\Users\Claude\AppData\Roaming\Audacity

[2010/01/19 19:17:08 | 000,000,000 | ---D | M] -- C:\Users\Claude\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

[2010/01/13 19:15:38 | 000,000,000 | ---D | M] -- C:\Users\Claude\AppData\Roaming\FreeOrion

[2011/03/17 17:27:49 | 000,000,000 | ---D | M] -- C:\Users\Claude\AppData\Roaming\GARMIN

[2009/12/22 13:33:35 | 000,000,000 | ---D | M] -- C:\Users\Claude\AppData\Roaming\Leadertech

[2010/05/11 12:51:39 | 000,000,000 | ---D | M] -- C:\Users\Claude\AppData\Roaming\LEGO Company

[2010/01/24 01:10:53 | 000,000,000 | ---D | M] -- C:\Users\Claude\AppData\Roaming\OpenOffice.org

[2011/05/08 22:18:17 | 000,000,000 | ---D | M] -- C:\Users\Claude\AppData\Roaming\Windows Live Writer

[2012/06/01 15:20:11 | 000,000,000 | ---D | M] -- C:\Users\Jacob\AppData\Roaming\.minecraft

[2010/08/16 12:06:55 | 000,000,000 | ---D | M] -- C:\Users\Jacob\AppData\Roaming\Amazon

[2009/12/22 15:57:17 | 000,000,000 | ---D | M] -- C:\Users\Jacob\AppData\Roaming\Atari

[2012/06/01 15:48:18 | 000,000,000 | ---D | M] -- C:\Users\Jacob\AppData\Roaming\Audacity

[2012/03/14 15:06:25 | 000,000,000 | ---D | M] -- C:\Users\Jacob\AppData\Roaming\Blender Foundation

[2010/12/26 01:23:55 | 000,000,000 | ---D | M] -- C:\Users\Jacob\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

[2010/10/12 13:35:57 | 000,000,000 | ---D | M] -- C:\Users\Jacob\AppData\Roaming\Elluminate

[2012/03/27 14:20:47 | 000,000,000 | ---D | M] -- C:\Users\Jacob\AppData\Roaming\GameMaker

[2012/01/14 17:21:28 | 000,000,000 | ---D | M] -- C:\Users\Jacob\AppData\Roaming\gtk-2.0

[2010/06/27 15:55:59 | 000,000,000 | ---D | M] -- C:\Users\Jacob\AppData\Roaming\Leadertech

[2010/05/11 16:57:40 | 000,000,000 | ---D | M] -- C:\Users\Jacob\AppData\Roaming\LEGO Company

[2010/01/06 13:53:21 | 000,000,000 | ---D | M] -- C:\Users\Jacob\AppData\Roaming\OpenOffice.org

[2010/12/29 22:50:43 | 000,000,000 | ---D | M] -- C:\Users\Jacob\AppData\Roaming\PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1

[2012/05/25 13:37:23 | 000,000,000 | ---D | M] -- C:\Users\Jacob\AppData\Roaming\System

[2011/09/08 21:34:21 | 000,000,000 | ---D | M] -- C:\Users\Jacob\AppData\Roaming\webex

[2010/10/28 19:45:04 | 000,000,000 | ---D | M] -- C:\Users\Jacob\AppData\Roaming\Windows Live Writer

[2010/08/16 12:24:04 | 000,000,000 | ---D | M] -- C:\Users\Kathy\AppData\Roaming\Amazon

[2009/12/22 14:05:16 | 000,000,000 | ---D | M] -- C:\Users\Kathy\AppData\Roaming\Atari

[2011/09/06 19:43:41 | 000,000,000 | ---D | M] -- C:\Users\Kathy\AppData\Roaming\Audacity

[2010/01/26 17:44:50 | 000,000,000 | ---D | M] -- C:\Users\Kathy\AppData\Roaming\OpenOffice.org

[2011/08/24 13:38:49 | 000,000,000 | ---D | M] -- C:\Users\Kathy\AppData\Roaming\Windows Live Writer

[2012/03/01 00:36:47 | 000,032,582 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

< End of report >

Link to post
Share on other sites

Post 4/4 (Extras):

OTL Extras logfile created on: 6/11/2012 9:24:12 PM - Run 1

OTL by OldTimer - Version 3.2.48.0 Folder = C:\Users\Jacob\Desktop

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.99 Gb Total Physical Memory | 6.35 Gb Available Physical Memory | 79.46% Memory free

15.98 Gb Paging File | 13.16 Gb Available in Paging File | 82.35% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 916.82 Gb Total Space | 664.10 Gb Free Space | 72.43% Space Free | Partition Type: NTFS

Drive D: | 654.81 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Drive K: | 931.51 Gb Total Space | 322.79 Gb Free Space | 34.65% Space Free | Partition Type: NTFS

Computer Name: JIMMY | User Name: Jacob | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2599251252-3821983390-1828043331-1001\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)

"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)

"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)

"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)

"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)

"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)

"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)

"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{014F5593-F848-4DC1-BA75-D3811BB87FA9}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |

"{01B80137-E00F-4ED0-9025-C8D8D2D93327}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |

"{022E4108-E291-424A-931B-C657E74A6611}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |

"{0F5EE601-F025-4A59-9E51-EDAEC0FD5A5B}" = rport=10243 | protocol=6 | dir=out | app=system |

"{3B7F5CB1-520B-4C85-9204-25442B35CF16}" = rport=138 | protocol=17 | dir=out | app=system |

"{3B8DF636-5D02-4C03-8764-865336481E73}" = lport=2869 | protocol=6 | dir=in | app=system |

"{3D6BDF49-3EEF-4EB1-8B38-D5CFC8E4CE6D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{3FA0BAA3-1847-4170-A262-959296120366}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{42A4B105-F447-4911-A68A-E3068FB8248F}" = lport=10243 | protocol=6 | dir=in | app=system |

"{44C1E399-146B-482F-B5AE-BD0BA558D6E1}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{4D561096-4E9D-48EF-8ECB-9BA26986FC88}" = rport=137 | protocol=17 | dir=out | app=system |

"{4E5A10D0-F8F1-4154-962B-D3B24E00BFF8}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |

"{5055C10E-B423-4D6D-9059-3F6F93C7EC38}" = rport=139 | protocol=6 | dir=out | app=system |

"{5695F4A4-F77D-4855-B710-75A1032F9AD1}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |

"{5AC6E88D-92E4-430C-8806-CA3CF5E0F5A5}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |

"{5E28D9CD-FEB3-4D54-8ECB-D9FF8D410510}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |

"{618BE489-8671-4DCE-9B20-FEFF6D7A87B3}" = lport=138 | protocol=17 | dir=in | app=system |

"{619CEA90-2409-41DA-9314-0F97D56A4410}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |

"{62A9B009-1500-429F-85D8-1B02B8648CA6}" = lport=445 | protocol=6 | dir=in | app=system |

"{63A80337-141E-4440-8A93-B10698145ED1}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |

"{77751DC2-0AF0-473C-9704-1BA8063B24F6}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{93F378BA-B8D8-4E78-84C9-20AD596B0861}" = lport=137 | protocol=17 | dir=in | app=system |

"{9A015DE2-FE0C-4681-BDB6-1219A176C59D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{A91F1102-B9CB-43C7-8043-DED4B35452BF}" = lport=139 | protocol=6 | dir=in | app=system |

"{B2EACE1D-0F8D-45A5-9F56-8EF6E8F33AD3}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{B9E7A37E-9E69-4012-AEB0-2008F192C40C}" = lport=2869 | protocol=6 | dir=in | app=system |

"{BABD905B-E38E-49EA-AC2E-911364D1563F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{BD8B572B-9495-4590-BB4D-BA674CDC6523}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |

"{BE9F74E5-EEFE-4F62-9824-09A354608912}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |

"{BF5C2DB1-B39C-428F-A31B-9F3FF1A91855}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{CC543FA0-112B-459A-AE49-353F40756A26}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{F3BA57B0-BAA0-42E5-B96E-10F3658F1715}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{F72C5F04-1721-429D-AB85-6836FFA19331}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

"{FA2CEB29-66F4-4383-851E-61CAF4FBB5BF}" = rport=445 | protocol=6 | dir=out | app=system |

"{FEE923BF-5AFD-4F5E-A89E-5EEEACC08F60}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{0F37BE74-26E1-4023-BAAE-8CDD5AE7B5A2}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |

"{10545A9D-A995-4A34-9EE5-76E767C67B11}" = dir=in | app=c:\program files (x86)\common files\mcafee\mna\mcnasvc.exe |

"{120E76D1-4046-4E8E-B793-F6A3A4C37781}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd dx\pdvddxsrv.exe |

"{15CB384B-686B-4474-B343-9AC5162C80D2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{1A07195C-5E02-4D20-81BF-58F140FAFC5C}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\age of empires iii\age3.exe |

"{219F1551-B56B-463F-BC82-9BABAFE25F48}" = protocol=17 | dir=in | app=c:\program files (x86)\rosetta stone\sms v3.0.2hs\server.exe |

"{29E8442F-E3F2-44A3-8825-A86D1A19EC5A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |

"{2C116B24-B110-4F52-83CF-5CD5A1BA8B79}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

"{314A5EFC-42D0-4D08-83B2-5DCD2FCC3496}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\age of empires iii\age3x.exe |

"{32B5DC08-04AA-4DB5-B524-A5D68D41955F}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |

"{32B698DD-994C-4AE0-B6DC-FD764B842E40}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |

"{3328E840-FE92-43E2-918A-9F844E17DF82}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\age of empires iii\age3.exe |

"{33E99F60-97A7-4465-BF92-7A035B5F6ADA}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |

"{363D2F8D-A1FB-4C40-B6BD-F562495DCFCD}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\age of empires iii\age3y.exe |

"{3B186C4A-2D43-4A53-AB5C-6E1E709603CA}" = protocol=6 | dir=in | app=c:\program files (x86)\rosetta stone\rs2.1.5.1asms\rosetta stone.exe |

"{41B21B1C-2A54-4510-BBF3-10D201945EFE}" = protocol=17 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe |

"{42E72531-4208-44CB-A8CC-43FF62A63979}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |

"{4AB385BF-5EC5-46BC-BF2C-2F485C16682D}" = protocol=6 | dir=in | app=c:\program files (x86)\rosetta stone\rs2.1.5.1asms\discover.exe |

"{4BE181AD-42DF-46FF-9CC7-E8EEB1870B5B}" = protocol=17 | dir=in | app=c:\program files (x86)\rosetta stone\sms v3.0.2hs\admin.exe |

"{4F29C3C2-55A6-4E90-8FE3-EE9BB1253DD3}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |

"{522E7F05-230F-420C-B50F-4C53D23B22F8}" = dir=in | app=d:\setup\hpznui40.exe |

"{53B7DE4F-55E0-4A73-B057-4629B99AC6E7}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |

"{5950A84C-20F3-4332-A96A-5A668746AF76}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{59CF3B4E-2939-4C25-8B4A-1DF95089290C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |

"{5DF87533-D88D-4C34-B063-B44A89D429A4}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |

"{5F46FED5-1E0B-4097-91F7-EA5015AA3C20}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

"{617C2182-B231-476D-BF4F-C2FD6CDEDB79}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\trackmania nations forever\tmforever.exe |

"{63F37F52-8D12-42F4-A26E-0D289FB6FB97}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |

"{6C0F0629-6CEC-47E9-B102-7762FC7B4139}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |

"{6CE24E39-7F70-484E-A66B-60A34B735FE7}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |

"{6D20C8CB-3D0F-4CCE-940B-29D6FDE22DD0}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |

"{71E49409-DEFD-45B0-AB10-CF7205A7A83E}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |

"{726C5697-03B2-4ACC-8983-7A0E40A1D157}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe |

"{7309112D-B20D-4727-8AD3-1FEF690B9E9C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |

"{74867FA4-58B7-4CE7-B402-C773EF86C97D}" = protocol=17 | dir=in | app=c:\program files (x86)\rosetta stone\rs2.1.5.1asms\rosetta stone.exe |

"{751EE113-AE8E-4904-BC8E-E0AA837D43F2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\moon base alpha\binaries\win32\moonbasealphagame.exe |

"{78170E84-0947-4A27-8B61-1C4207492628}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |

"{79597585-2393-49E6-8A83-24D28A4EF7DE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |

"{7A230114-ED25-4CF2-B87A-B3432DDEF46A}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |

"{7FBD4346-0869-4420-9D1E-E7FFFC3790D1}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\age of empires iii\age3x.exe |

"{80860E22-BCFF-4D3A-9DBB-98039B7C5B47}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |

"{86D73324-F83F-4018-BCA0-99986F52E4BE}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\age of empires iii\age3y.exe |

"{88733864-D88D-4B73-8E87-163A08D76693}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |

"{8976DE20-5E2C-449D-80DE-2D60D9D1ACB3}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |

"{89E30913-F123-49AF-B64C-F82C8350872D}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |

"{8FB93AC0-C2A3-4D69-BAC8-37A3633DFBC0}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |

"{9267CEA8-5EF1-4BB1-A720-11831BD44975}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |

"{9383D243-1256-4D77-B298-61D89400B1F2}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd dx\powerdvd.exe |

"{94C56E61-62E5-40B5-91F9-CFFD69A81229}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

"{9B2B1B57-8659-44CB-8FAA-1289AEEF479F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

"{9D33E678-8F1A-4AA4-922E-D9FBE36760F1}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |

"{A4685342-7554-497F-8D79-AD83C38D3A61}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\trackmania nations forever\tmforeverlauncher.exe |

"{A55F880F-E82A-4A5C-A57C-73F4C70245D7}" = protocol=6 | dir=in | app=c:\program files (x86)\rosetta stone\sms v3.0.2hs\admin.exe |

"{A7C35CD5-4F7B-430B-8169-260937D2D621}" = protocol=6 | dir=out | app=system |

"{A98F9B2B-0ABF-4C2D-9CBC-7A23FC97F498}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{AD1F6C37-7072-4196-AEAF-14A00A20AE20}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\trackmania nations forever\tmforever.exe |

"{AF389A0B-6E60-4D95-BDD8-F52DEDFD7806}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |

"{B3C5415C-2C04-4892-BA13-D33805667F46}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |

"{B408FB9A-A507-458E-9979-13FBBC425B16}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |

"{B428ECC1-A9B9-44EC-994D-CEED96152F6B}" = protocol=17 | dir=in | app=c:\program files (x86)\rosetta stone\rs2.1.5.1asms\discover.exe |

"{C0C5BB33-036C-4282-B6EE-4469FA8AECF2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe |

"{C8DF3017-6F59-497B-848C-2BA3D62E60FA}" = protocol=6 | dir=in | app=c:\program files (x86)\rosetta stone\sms v3.0.2hs\service\javasrvc.exe |

"{C9F241A9-1D6A-49F1-9928-1B258BF1175D}" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |

"{CA79DCBE-6CAF-468E-91C8-3EB25832D03D}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |

"{CC616D0D-008C-40D6-89BB-81ED78057C0E}" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |

"{CD49C092-3A87-4BD2-9812-4AE18AAE6927}" = protocol=17 | dir=in | app=c:\program files (x86)\rosetta stone\sms v3.0.2hs\service\javasrvc.exe |

"{D058C982-61A1-4FE6-AB63-095D41F15A57}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\trackmania nations forever\tmforeverlauncher.exe |

"{D25ED021-FA4C-4D0C-8312-992EEC5F6141}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{D5A4DACF-8AC0-4ECE-A40A-EA723F5B3399}" = protocol=6 | dir=in | app=c:\program files (x86)\rosetta stone\sms v3.0.2hs\server.exe |

"{E310C71D-7E17-4B53-82C7-5967BBE0FC44}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |

"{E782468D-A138-4382-A6F7-1A7203493901}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |

"{E7A4C6AF-82AC-45F1-B83D-43E5FC8A3FB4}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |

"{E7B1A1B8-EEC7-4F33-A4E6-E189AED1485C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |

"{E970B853-703A-4B74-8040-D43DA2D47C29}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{EB8E0F75-FEC7-434E-BDA1-5BBCD195538D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{F001BFF3-FFD9-4A0B-8899-10F63BC9C9EE}" = protocol=6 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe |

"{FC6056B0-6D95-4F30-9A5F-5ED7E300771F}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |

"{FD4CC00F-5A76-432E-8069-869A3358B4CD}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |

"{FD919EC4-DAE7-4D06-BB75-390BADAC2CEE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\moon base alpha\binaries\win32\moonbasealphagame.exe |

"{FE0D9FB9-03CC-42EB-A168-81488776FA97}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector

"{02A5BD31-16AC-45DF-BE9F-A3167BC4AFB2}" = Windows Live Family Safety

"{02AD9D20-03D2-4DE0-8793-E8253026AD86}" = EMCGadgets64

"{0826F9E4-787E-481D-83E0-BC6A57B056D5}" = Microsoft SQL Server VSS Writer

"{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}" = Windows Live Family Safety

"{0F7861E5-3B24-33CA-AECF-B5477194CEEB}" = Windows Phone Emulator x64 - ENU

"{129C5584-DB98-4A98-B28F-299C45E1E355}" = Microsoft Camera Codec Pack

"{181AC4C7-B83C-4B5F-B566-E19BF2472429}" = HP Photosmart Premium C309g-m All-In-One Driver Software 13.0 Rel .6

"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant

"{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}" = Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219

"{26A24AE4-039D-4CA4-87B4-2F86416026FF}" = Java 6 Update 26 (64-bit)

"{2F14965D-567B-4E59-ADEB-0A2CC1E3ADDF}" = Sql Server Customer Experience Improvement Program

"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022

"{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}" = Intel® Turbo Boost Technology Monitor

"{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}" = Paint.NET v3.5.10

"{5340A3B5-3853-4745-BED2-DD9FF5371331}" = Microsoft SQL Server 2008 Common Files

"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer

"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

"{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup

"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Windows Mobile Device Center

"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources

"{74E85F31-573F-45BF-8939-4D2BCDCC2083}" = LEGO MINDSTORMS NXT Driver for x64

"{8125F749-B244-4F7B-811E-532165C5F2D5}" = Microsoft SQL Server 2008 RsFx Driver

"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570

"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources

"{893F27E6-D6BE-4B9F-80E6-0ADA694A31A8}" = Microsoft SQL Server 2008 Common Files

"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended

"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer

"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010

"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010

"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010

"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting

"{A4DDB2AB-ECCD-4C3A-8633-77D5A1A0E542}" = Network64

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 285.62

"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 285.62

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 285.62

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 285.62

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.11.0621

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.5.20

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components

"{B821CDAA-34DE-46FD-87C9-E6EE7158DB5D}" = Microsoft Image Composite Editor

"{BCA26999-EC22-3007-BB79-638913079C9A}" = Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU

"{C0C690C8-F335-4BA4-A2AD-675EAD1DFA90}" = Microsoft SQL Server 2008 Setup Support Files

"{C3600AE6-93A0-3DB7-B7AA-45BD58F133B5}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)

"{C3AF5BD8-30D5-41F5-AF61-705D98146B0F}" = Microsoft SQL Server 2008 Native Client

"{CC8BA866-16A7-4667-BA0C-C494A1E7B2BF}" = Microsoft SQL Server 2008 Database Engine Shared

"{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU

"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter

"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319

"{DB9C43F7-0B0F-4E43-9E6B-F945C71C469E}" = VD64Inst

"{DF167CE3-60E7-44EA-99EC-2507C51F37AE}" = Microsoft SQL Server 2008 Database Engine Shared

"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client

"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service

"{E5748D30-7E6D-3A8E-BFE6-C1D02C6DDABB}" = Microsoft Help Viewer 1.1

"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148

"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile

"{FA7394B8-CE65-4F9E-AC99-F372AD365424}" = Microsoft SQL Server 2008 Database Engine Services

"{FBD367D1-642F-47CF-B79B-9BE48FB34007}" = Microsoft SQL Server 2008 Database Engine Services

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit

"HP Imaging Device Functions" = HP Imaging Device Functions 13.0

"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended

"Microsoft Help Viewer 1.1" = Microsoft Help Viewer 1.1

"Microsoft SQL Server 10" = Microsoft SQL Server 2008 (64-bit)

"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008 (64-bit)

"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)

"NVIDIA Drivers" = NVIDIA Drivers

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

"{007F778D-F15C-4EAB-AE92-071D21FAF632}" = Adobe Photoshop Elements 9

"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser

"{01C79EF3-DE84-4B56-B638-8BEA0D507506}" = Microsoft XNA Game Studio 4.0 (XnaLiveProxy)

"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam

"{05855322-BE43-41FE-B583-D3AE0C326D58}" = Microsoft Silverlight 4 SDK

"{0666E46E-A860-4353-BE6D-13AA72FABB57}" = Microsoft XNA Game Studio Platform Tools

"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller

"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video

"{08C84CC6-E7FD-4B2D-BBF9-B02CC90EE031}" = Microsoft XNA Game Studio 4.0 (Shared Components)

"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86

"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data

"{098122AB-C605-4853-B441-C0A4EB359B75}" = DirectXInstallService

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime

"{0EDBEB2B-7C8D-42E6-8312-0F84394A3223}" = Windows Media Center Add-in for Silverlight

"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan

"{10ABE49D-343A-463E-9753-C4C5A05ECEF9}" = Sibelius Scorch (Firefox, Opera, Netscape only)

"{112C23F2-C036-4D40-BED4-0CB47BF5555C}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU

"{14DD7530-CCD2-3798-B37D-3839ED6A441C}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools

"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi

"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main

"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter

"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319

"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker

"{1C08A24C-B168-407E-A826-68FAF5F20710}" = Age of Empires III - The WarChiefs

"{1C997E1C-5CE9-4AF3-AAA9-DC65E6090827}" = Microsoft Expression Blend SDK for Silverlight 4

"{1D4EE8FE-F31C-4258-9360-5B8B8309B14B}" = Adobe Premiere Elements 9 Content

"{1E99F5D7-4262-4C7C-9135-F066E7485811}" = System Requirements Lab

"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools

"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{2012098D-EEE9-4769-8DD3-B038050854D4}" = Microsoft Silverlight 3 SDK

"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery

"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin

"{25175695-4B20-4298-9F34-C2C57CD277B3}" = Elements STI Installer

"{256E7DAC-9BE8-494E-8DE7-7857BF96B774}" = Microsoft Expression Blend 3 SDK

"{26A24AE4-039D-4CA4-87B4-2F83216025FF}" = Java 6 Update 26

"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger

"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0

"{2C3AB990-1F33-3D6B-9F34-8D5189FA04D3}" = Windows Phone 7 Add-in for Visual Studio 2010 - ENU

"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm

"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager

"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery

"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery

"{37AB0223-AF54-49C5-92AA-BFC9648CD323}" = Adobe Premiere Elements 9 HD Content 3

"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU

"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729

"{3CBBE028-978B-4876-ABC1-EF9ED6C20C4E}" = Adobe Premiere Elements 9 Content 2

"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT

"{3F4EB5FE-B5BE-4069-A5A8-6D9262E1B379}" = Microsoft XNA Game Studio 4.0 Documentation

"{433EACD8-4747-4A6A-826A-FFA9F39B0D40}" = Elements 9 Organizer

"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter

"{4BCDD100-3029-42C3-B7F7-4A0DA414861D}" = DietPower 4.4

"{4C5D15D2-5351-4F05-A96E-56C20554F977}" = RollerCoaster Tycoon 2 Triple Thrill Pack

"{4C6D5779-A766-45DF-9938-D6F595A66F2B}" = Microsoft Expression Blend 4

"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace

"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion

"{50D90C59-4F5C-48BC-AFB2-38475412F0CA}" = Adobe Premiere Elements 9 Content 1

"{53753510-7620-4D2B-9C0B-111F871615D9}" = LEGO MINDSTORMS NXT - English Language Pack

"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Easy CD and DVD Burning

"{558358E5-E4F3-4374-BA1D-26FF39EF87D9}" = Microsoft Silverlight Tools for Visual Studio 2010

"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack

"{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack

"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth

"{5AB7D739-1735-3A9E-BE73-C43507CB4E6F}" = Microsoft Visual Studio 2010 Service Pack 1

"{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}" = Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219

"{5DDF31D2-63BB-4268-895B-FB05A82A1C00}" = Microsoft XNA Game Studio 4.0 Windows Phone Extensions

"{5EE6E987-1B79-4A93-832B-27472C7D1579}" = WPF Toolkit February 2010 (Version 3.5.50211.1)

"{5F9AAF4A-B9B0-489D-AE67-73470A4714FE}" = Adobe Premiere Elements 9 HD Content 1

"{612B5D2E-8084-4102-91DE-24281E4EFB2C}" = Roxio Easy CD and DVD Burning

"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2

"{6421F085-1FAA-DE13-D02A-CFB412C522A4}" = Acrobat.com

"{65A92AAA-3D05-4C94-9F70-731C05E60C16}" = NVIDIA System Update

"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3

"{6748E773-5DA0-4D19-8AA5-273B4133A09B}" = SmartSound Quicktracks for Premiere Elements 9.0

"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD DX

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{68BD57D3-D606-411E-A7E0-3EB6EA5660F6}" = Microsoft XNA Game Studio 4.0 (Redists)

"{69E11501-75F7-4ACE-8103-52513DDCFE26}" = Microsoft Expression Blend SDK for Windows Phone 7

"{6A905A05-964C-4F03-9A96-D34167807EC0}" = PS_AIO_06_C309g-m_SW_Min

"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox

"{6C1D47CC-682C-4673-8CA8-DEE659628599}" = LEGO MINDSTORMS NXT Migration Package

"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery

"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update

"{70F8B183-99EB-4304-BA35-080E2DFFD2A3}" = Age of Empires III

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection

"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio

"{73BE04D9-BA0E-4BAF-9C9D-677278BDB3DC}" = Microsoft XNA Game Studio 4.0 (ARP entry)

"{7596C248-4816-4C6F-8AAC-D8C81F2B4B49}" = HD View

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{77F1F8AD-51B8-4490-AEEC-BF480073E0FC}" = Microsoft SQL Server 2008 R2 Management Objects

"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update

"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core

"{7A27AAF5-1FD6-48B4-95C4-7354A1C35455}" = C309g-m

"{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA Performance

"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide

"{7DDC3624-C631-49D1-B281-82EC3A27AA7C}" = Adobe Premiere Elements 9 Content 3

"{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}" = NVIDIA PhysX

"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform

"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher

"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync

"{868291A4-229E-4795-B0B0-E60E87AF53CD}" = Sibelius Scorch (ActiveX Only)

"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

"{877B76B2-F83F-4F5A-B28D-3F398641ADB6}" = Microsoft SQL Server System CLR Types

"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8A0696EB-C0F9-4B36-B0BC-71CC704FA768}" = Crazy Machines II + Demo

"{8C496FBF-DB4A-468D-A3A1-15E127382218}" = Microsoft XNA Game Studio 4.0 (Visual Studio)

"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime

"{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}" = Sonic CinePlayer Decoder Pack

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010

"{90140000-0015-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010

"{90140000-0016-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010

"{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010

"{90140000-0019-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010

"{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010

"{90140000-001B-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010

"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010

"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010

"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-002A-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010

"{90140000-002C-0409-0000-0000000FF1CE}_Office14.SingleImage_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010

"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010

"{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010

"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010

"{90140000-0115-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0116-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010

"{90140000-0117-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{901C0409-6000-11D3-8CFE-0050048383C9}" = Microsoft Access 2002 Runtime

"{907B4640-266B-4A21-92FB-CD1A86CD0F63}" = RollerCoaster Tycoon 3 Platinum

"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86

"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{96A7C590-0F47-437F-AAFC-6612960B744A}" = XML Explorer

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9B3A1C97-A361-463E-8817-444F9F88CDFE}" = Microsoft Expression Blend SDK for .NET 4

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet TV for Windows Media Center

"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail

"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin

"{9F0A32A5-4EBF-4B9D-A3CD-31579F2E1400}" = Multimedia Card Reader

"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh

"{A127C3C0-055E-38CF-B38F-1E85F8BBBFFE}" = Adobe Community Help

"{A29C5DD5-B21E-474F-AA96-6A7FC0B2B248}" = Microsoft Expression Blend 4 Add-in for Adobe FXG Import

"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer

"{A7A34FC9-DF24-4A36-00AD-D4EFE94CC116}" = SimCity 4 Deluxe

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer

"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer

"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3)

"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status

"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6

"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy

"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy

"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974

"{B829E117-D072-41EA-9606-9826A38D34C1}" = Sophos Virus Removal Tool

"{B86149D3-18A2-41FD-A153-60AF944E47FE}" = Microsoft Windows Phone 7 Developer Resources

"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations

"{BEFBEDDF-1417-4C8A-92FB-F003C0D41199}" = OpenOffice.org 3.2

"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant

"{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties

"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail

"{C688457E-03FD-4941-923B-A27F4D42A7DD}" = Microsoft SQL Server 2008 Browser

"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget

"{CB263F8D-EF2D-4EB5-A368-A27056EE92D4}" = LEGO MINDSTORMS NXT Software v2.0

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{CFB91CB0-17D9-44EB-BFB2-5307AB7E7DDC}" = Microsoft Visual Studio 2010 Express for Windows Phone - ENU

"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack

"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack

"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64

"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86

"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software

"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver

"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86

"{D9E6001A-5DC3-4620-AF7A-80B6CD48645D}" = WCF RIA Services V1.0 SP1

"{DAE449A1-A082-4E20-9694-5D680E969559}" = NVIDIA 3D Vision Video Player

"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp

"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources

"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E240C78D-8F35-456A-8876-15FF6901B7E0}" = Adobe Premiere Elements 9 HD Content 2

"{E2AE009D-37E5-4724-A6B8-0ED6A6BA4F68}" = Elements STI Installer

"{E2D09AC2-4153-4817-AAEB-24F92A8BCE88}" = Windows Media Center Add-in for Flash

"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218

"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger

"{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}" = NVIDIA System Monitor

"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support

"{EB9955F8-467C-47FC-90F8-12CD5DF684C3}" = Adobe Premiere Elements 9

"{EC8282AB-48DD-91D2-7387-01CD6E100A5D}" = Adobe Photoshop.com Inspiration Browser

"{EC877639-07AB-495C-BFD1-D63AF9140810}" = Roxio Activation Module

"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core

"{ED784556-66AA-3F17-9B58-7246ACB5C7E4}" = Microsoft Visual Basic 2010 Express - ENU

"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8

"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable

"{F47C37A4-7189-430A-B81D-739FF8A7A554}" = Consumer In-Home Service Agreement

"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR

"{FDB46DE7-9045-47BB-970A-3E4ED5369E03}" = EMC 10 Content

"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials

"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook

"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

"7-Zip" = 7-Zip 4.65

"ActiveTouchMeetingClient" = WebEx

"Adobe AIR" = Adobe AIR

"Adobe Photoshop Elements 9" = Adobe Photoshop Elements 9

"Adobe Premiere Elements 9 Content" = Adobe Premiere Elements 9 Content

"Adobe Premiere Elements 9 Content 1" = Adobe Premiere Elements 9 Content 1

"Adobe Premiere Elements 9 Content 2" = Adobe Premiere Elements 9 Content 2

"Adobe Premiere Elements 9 Content 3" = Adobe Premiere Elements 9 Content 3

"Adobe Premiere Elements 9 HD Content 1" = Adobe Premiere Elements 9 HD Content 1

"Adobe Premiere Elements 9 HD Content 2" = Adobe Premiere Elements 9 HD Content 2

"Adobe Premiere Elements 9 HD Content 3" = Adobe Premiere Elements 9 HD Content 3

"Adobe Shockwave Player" = Adobe Shockwave Player 11.5

"Age of Empires 2.0" = Microsoft Age of Empires II

"Age of Empires II: The Conquerors Expansion 1.0" = Microsoft Age of Empires II: The Conquerors Expansion

"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.15

"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.10 (Unicode)

"Blend_4.0.20901.0" = Microsoft Expression Blend 4

"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help

"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com

"DietPower 4.4" = DietPower 4.4

"FFmpeg for Audacity on Windows_is1" = FFmpeg for Audacity on Windows

"Game Maker 8.0" = Game Maker 8.0

"Higher Score on the ACT_is1" = Higher Score on the ACT

"Higher Score on the SAT/PSAT_is1" = Higher Score on the SAT/PSAT

"InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}" = Age of Empires III - The WarChiefs

"InstallShield_{65A92AAA-3D05-4C94-9F70-731C05E60C16}" = NVIDIA System Update

"InstallShield_{6748E773-5DA0-4D19-8AA5-273B4133A09B}" = SmartSound Quicktracks for Premiere Elements 9.0

"InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}" = Age of Empires III

"InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA Performance

"InstallShield_{9F0A32A5-4EBF-4B9D-A3CD-31579F2E1400}" = Multimedia Card Reader

"InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties

"InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver

"InstallShield_{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}" = NVIDIA System Monitor

"LAME for Audacity_is1" = LAME v3.98.2 for Audacity

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400

"Microsoft DirectX SDK (June 2010)" = Microsoft DirectX SDK (June 2010)

"Microsoft Visual Basic 2010 Express - ENU" = Microsoft Visual Basic 2010 Express - ENU

"Microsoft Visual Studio 2010 Express for Windows Phone - ENU" = Microsoft Windows Phone Developer Tools - ENU

"Microsoft Visual Studio 2010 Service Pack 1" = Microsoft Visual Studio 2010 Service Pack 1

"Mozilla Firefox 12.0 (x86 en-US)" = Mozilla Firefox 12.0 (x86 en-US)

"MozillaMaintenanceService" = Mozilla Maintenance Service

"MSC" = McAfee Internet Security

"New LEGO Digital Designer" = LEGO Digital Designer

"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver

"Office14.SingleImage" = Microsoft Office Home and Student 2010

"OpenAL" = OpenAL

"PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1" = Adobe Photoshop.com Inspiration Browser

"PremElem90" = Adobe Premiere Elements 9

"Rosetta Stone 2.1.5.1Asms" = Rosetta Stone 2.1.5.1Asms

"SongBaseXP" = SongBaseXP

"Steam App 11020" = TrackMania Nations Forever

"Steam App 39000" = Moonbase Alpha

"Steam App 400" = Portal

"Steam App 620" = Portal 2

"Student Management System v3.0.2hs" = Student Management System v3.0.2hs

"Thinkin' Science" = Thinkin' Science

"WinLiveSuite" = Windows Live Essentials

"XNA Game Studio 4.0" = Microsoft XNA Game Studio 4.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2599251252-3821983390-1828043331-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Amazon Kindle For PC" = Amazon Kindle For PC v1.1

"f031ef6ac137efc5" = Dell Driver Download Manager

"GameMaker81" = GameMaker 8.1

========== Last 20 Event Log Errors ==========

[ Application Events ]

Error - 6/9/2012 8:00:34 AM | Computer Name = Jimmy | Source = Microsoft-Windows-CAPI2 | ID = 4107

Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>

with error: A required certificate is not within its validity period when verifying

against the current system clock or the timestamp in the signed file. .

Error - 6/9/2012 8:00:34 AM | Computer Name = Jimmy | Source = Microsoft-Windows-CAPI2 | ID = 4107

Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>

with error: A required certificate is not within its validity period when verifying

against the current system clock or the timestamp in the signed file. .

Error - 6/9/2012 8:00:34 AM | Computer Name = Jimmy | Source = Microsoft-Windows-CAPI2 | ID = 4107

Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>

with error: A required certificate is not within its validity period when verifying

against the current system clock or the timestamp in the signed file. .

Error - 6/9/2012 8:00:34 AM | Computer Name = Jimmy | Source = Microsoft-Windows-CAPI2 | ID = 4107

Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>

with error: A required certificate is not within its validity period when verifying

against the current system clock or the timestamp in the signed file. .

Error - 6/9/2012 8:00:34 AM | Computer Name = Jimmy | Source = Microsoft-Windows-CAPI2 | ID = 4107

Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>

with error: A required certificate is not within its validity period when verifying

against the current system clock or the timestamp in the signed file. .

Error - 6/9/2012 12:14:54 PM | Computer Name = Jimmy | Source = Microsoft-Windows-CAPI2 | ID = 4107

Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>

with error: A required certificate is not within its validity period when verifying

against the current system clock or the timestamp in the signed file. .

Error - 6/9/2012 7:14:30 PM | Computer Name = Jimmy | Source = Microsoft-Windows-CAPI2 | ID = 4107

Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>

with error: A required certificate is not within its validity period when verifying

against the current system clock or the timestamp in the signed file. .

Error - 6/9/2012 7:49:05 PM | Computer Name = Jimmy | Source = Microsoft-Windows-CAPI2 | ID = 4107

Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>

with error: A required certificate is not within its validity period when verifying

against the current system clock or the timestamp in the signed file. .

Error - 6/10/2012 1:17:35 AM | Computer Name = Jimmy | Source = Microsoft-Windows-CAPI2 | ID = 4107

Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>

with error: A required certificate is not within its validity period when verifying

against the current system clock or the timestamp in the signed file. .

Error - 6/11/2012 11:40:56 AM | Computer Name = Jimmy | Source = Microsoft-Windows-CAPI2 | ID = 4107

Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>

with error: A required certificate is not within its validity period when verifying

against the current system clock or the timestamp in the signed file. .

[ Media Center Events ]

Error - 8/17/2010 11:29:59 AM | Computer Name = Jimmy | Source = MCUpdate | ID = 0

Description = 11:29:57 AM - Error connecting to the internet. 11:29:57 AM - Unable

to contact server..

Error - 8/17/2010 12:30:31 PM | Computer Name = Jimmy | Source = MCUpdate | ID = 0

Description = 12:30:30 PM - Error connecting to the internet. 12:30:30 PM - Unable

to contact server..

Error - 8/17/2010 1:31:04 PM | Computer Name = Jimmy | Source = MCUpdate | ID = 0

Description = 1:31:02 PM - Error connecting to the internet. 1:31:02 PM - Unable

to contact server..

Error - 8/17/2010 2:31:35 PM | Computer Name = Jimmy | Source = MCUpdate | ID = 0

Description = 2:31:34 PM - Error connecting to the internet. 2:31:34 PM - Unable

to contact server..

Error - 1/27/2011 1:19:29 PM | Computer Name = Jimmy | Source = MCUpdate | ID = 0

Description = 12:19:24 PM - Failed to retrieve SportsSchedule (Error: The operation

has timed out)

Error - 4/26/2011 11:31:58 PM | Computer Name = Jimmy | Source = MCUpdate | ID = 0

Description = 11:31:58 PM - Error connecting to the internet. 11:31:58 PM - Unable

to contact server..

Error - 4/26/2011 11:32:32 PM | Computer Name = Jimmy | Source = MCUpdate | ID = 0

Description = 11:32:27 PM - Error connecting to the internet. 11:32:27 PM - Unable

to contact server..

[ System Events ]

Error - 6/9/2012 7:32:02 PM | Computer Name = Jimmy | Source = WMPNetworkSvc | ID = 866333

Description =

Error - 6/9/2012 7:33:51 PM | Computer Name = Jimmy | Source = WMPNetworkSvc | ID = 866333

Description =

Error - 6/9/2012 7:33:53 PM | Computer Name = Jimmy | Source = WMPNetworkSvc | ID = 866333

Description =

Error - 6/9/2012 11:46:07 PM | Computer Name = Jimmy | Source = DCOM | ID = 10010

Description =

Error - 6/10/2012 8:09:00 PM | Computer Name = Jimmy | Source = WMPNetworkSvc | ID = 866333

Description =

Error - 6/10/2012 8:09:00 PM | Computer Name = Jimmy | Source = WMPNetworkSvc | ID = 866333

Description =

Error - 6/10/2012 8:09:00 PM | Computer Name = Jimmy | Source = WMPNetworkSvc | ID = 866333

Description =

Error - 6/11/2012 11:39:43 AM | Computer Name = Jimmy | Source = Service Control Manager | ID = 7000

Description = The SessionLauncher service failed to start due to the following error:

%%2

Error - 6/11/2012 11:39:55 AM | Computer Name = Jimmy | Source = Service Control Manager | ID = 7026

Description = The following boot-start or system-start driver(s) failed to load:

RxFilter

Error - 6/11/2012 11:40:45 AM | Computer Name = Jimmy | Source = DCOM | ID = 10016

Description =

< End of report >

Link to post
Share on other sites

Hi, some semi-great news! McAfee's real-time scanner found the trojan which was causing the redirects and quarantined it. It was this file: C:\Users\Jacob\AppData\Local\DataSafeOnline\Apps\rngpzjif.dll

However, when I log on, Rundll32 asks where the file is (every time, checked after reboot). Is there any way I could fix this? Could the on-logon-run registry key be safely deleted via Autoruns? Thanks for your help!

Link to post
Share on other sites

I already found the problein DDS log file. I'm work on it.

Run OTL

  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    :OTL
    FF - prefs.js..browser.search.defaultenginename: "Secure Search"
    O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O4 - HKU\S-1-5-21-2599251252-3821983390-1828043331-1001..\Run: [Apps] C:\Users\Jacob\AppData\Local\DataSafeOnline\Apps\rngpzjif.dll (Microsoft Corporation)

    :files
    C:\Users\Jacob\AppData\Local\DataSafeOnline

    :Commands
    [emptytemp]
    [clearallrestorepoints]


  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Please post the OTL fix log in your next reply.

Note: A copy of an OTL fix log is saved in a text file at C:\_OTL\MovedFiles

Link to post
Share on other sites

Thank you so much! Is there anything else I should do? (this is probably a long shot) Any idea where/how the infection came from? Thanks for your help, here's the OTL fix log.

All processes killed

========== OTL ==========

Prefs.js: "Secure Search" removed from browser.search.defaultenginename

64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.

Registry value HKEY_USERS\S-1-5-21-2599251252-3821983390-1828043331-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Apps deleted successfully.

File C:\Users\Jacob\AppData\Local\DataSafeOnline\Apps\rngpzjif.dll not found.

========== FILES ==========

C:\Users\Jacob\AppData\Local\DataSafeOnline\Apps folder moved successfully.

C:\Users\Jacob\AppData\Local\DataSafeOnline folder moved successfully.

========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Christina

->Temp folder emptied: 96707325 bytes

->Temporary Internet Files folder emptied: 341068957 bytes

->Java cache emptied: 25605877 bytes

->FireFox cache emptied: 782319660 bytes

->Flash cache emptied: 281358 bytes

User: Claude

->Temp folder emptied: 572712506 bytes

->Temporary Internet Files folder emptied: 254369893 bytes

->Java cache emptied: 31266755 bytes

->FireFox cache emptied: 69304762 bytes

->Flash cache emptied: 46977 bytes

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

->Flash cache emptied: 56468 bytes

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

->Flash cache emptied: 0 bytes

User: Jacob

->Temp folder emptied: 26491718 bytes

->Temporary Internet Files folder emptied: 814767858 bytes

->Java cache emptied: 44362801 bytes

->FireFox cache emptied: 983648601 bytes

->Flash cache emptied: 62497 bytes

User: Kathy

->Temp folder emptied: 351589761 bytes

->Temporary Internet Files folder emptied: 940653821 bytes

->Java cache emptied: 21945096 bytes

->FireFox cache emptied: 402249718 bytes

->Flash cache emptied: 20200 bytes

User: Public

User: UpdatusUser

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

->Flash cache emptied: 56468 bytes

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 356352 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32 (64bit) .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 56476302 bytes

%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67764 bytes

%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 749 bytes

RecycleBin emptied: 0 bytes

Total Files Cleaned = 5,547.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.48.0 log created on 06132012_143658

Files\Folders moved on Reboot...

C:\Users\Jacob\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

File\Folder C:\Windows\temp\hsperfdata_JIMMY$\3040 not found!

Registry entries deleted on Reboot...

Link to post
Share on other sites

Usually because of low security measures. I will send you some malware prevention tips when we finish.

Okay, let's make additional scan:

Please run a free online scan with the ESET Online Scanner

Note: You will need to use Internet Explorer for this scan

  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • When asked, allow the ActiveX control to install
  • Click Start
  • Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  • Click Scan (This scan can take several hours, so please be patient)
  • Once the scan is completed, you may close the window
  • Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  • Copy and paste that log as a reply to this topic

Link to post
Share on other sites

Hi, sorry about the delay between posts (there were problems with the upgrade to Java 7, a lot of programs seem to be broken now).

My system's doing great, though, thanks for all your help! (no abnormal problems)

Could I send you the folder via the built-in attatchment system on Malwarebytes? (it's only 4 KB)

Thanks!

Link to post
Share on other sites

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.